Corruption Crime & Compliance

In this eye-opening episode of Corruption, Crime and Compliance, Michael Volkov takes a deep dive into the world of healthcare compliance and fraud. He explores the history, the transformation, and the unique challenges of healthcare compliance. He also sheds light on the alarming rate of fraud in the healthcare industry and the efforts to combat it.You’ll hear him discuss:Compliance in healthcare traces back to the 1990s. Its rise is largely due to aggressive federal enforcement programs and increasing regulation.Four significant trends in healthcare compliance include: Rising consumer demand, escalating prices, and increasing regulation during the era of HMO controversies.The DOJ's use of criminal tools and prosecutions to combat healthcare fraud and circumvent government regulations.The growing importance of the False Claims Act as an enforcement tool.The establishment of a robust regulatory enforcement regime through the Center for Medicare Services and the HHS-OIG.As the healthcare industry comes increasingly under federal government regulation and control, the risks of healthcare fraud are escalating. Despite the development of proactive compliance programs, the industry struggles to keep pace with the level of fraud, waste, and abuse.Beyond the traditional elements of compliance programs, the healthcare industry faces unique challenges. These include managing interactions with physicians, ensuring data privacy, avoiding the employment of ineligible persons, and navigating the complexities of billing, coding, and overpayments.The False Claims Act poses a significant risk for healthcare providers, with nearly 99% of all cases each year immediately settled. The Act has been applied beyond billing and reimbursement issues to include false representations incorporated into a product or a drug.The DOJ regularly conducts nationwide crackdowns on healthcare fraud, arresting numerous defendants involved in healthcare fraud and opioid abuse schemes. A growing area of concern is telemedicine fraud, which has seen a surge with the rise of remote work during the pandemic.KEY QUOTES:“Healthcare is becoming increasingly under federal government regulation and control. And as this occurs, the federal health care risks of fraud are going to be increasing significantly. Private insurance companies are also experiencing continuous growth of fraud and the healthcare industry is really developing proactive compliance programs, but they struggle to keep up with the level of fraud, waste and abuse that they sort of have to pursue.” - Michael Volkov“…one of the most significant risk areas is physician interactions.” - Michael Vokov“Nearly 99% of all False Claims Act cases each year where the government decides to intervene are immediately settled.” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

The complex relationship between digital currencies and global financial regulations is highlighted yet again with the SEC’s recent crack down on major crypto exchanges Binance and Coinbase. Michael Volkov welcomes Matt Stankiewicz, also known as Crypto Max, to share his insight on these ongoing cases. He discusses the implications these enforcement actions might have on the industry, the securities law-related legal issues, and the internal mechanics of these exchanges.Matt Stankiewicz is a Managing Counsel at The Volkov Law Group. His expertise includes financial regulation and compliance, with a focus on securities, anti-money laundering (AML), and cryptocurrency regulation. Given his professional background and interest in crypto regulations, he is a frequent speaker on legal matters concerning cryptocurrency exchanges and the SEC.You’ll hear Michael and Matt discuss:The SEC's enforcement actions hinge on their assertion that Binance was serving US customers without the proper registration, thereby violating securities laws. They allege that Binance knowingly allowed and even encouraged US customers to utilize their offshore platform, enhancing their profits and trading volumes but breaching US regulations in the process.Rather than directly challenging the status of specific tokens, the SEC is targeting exchanges like Binance and Coinbase. By regulating these exchanges, the SEC could effectively control the access points to the crypto industry, thus having a broader impact.Binance is preparing for a legal fight with the SEC over these compliance issues, including allegations of wash trading to artificially inflate trading volume. The platform's potential troubles are linked to similar issues faced by FTX and their trading arm, Alimator Research.Given the recent pattern of the SEC bringing complaints without the DOJ pursuing criminal cases, it’s unlikely that the DOJ will bring a criminal case against Binance. Coinbase's IPO was approved by the SEC despite allegations that the company had engaged in illegal activities related to the trading of unregistered securities. The SEC argues that the approval of an IPO doesn't guarantee the legality of the company's underlying operations, but this could be seen as contradictory to the SEC's stated role of protecting investors.Coinbase, in attempting to comply with securities regulations and being continuously rebuffed by the SEC, is the most compliant cryptocurrency exchange. However, should the SEC crack down on Coinbase and other major U.S. exchanges, it could push investors to offshore exchanges where the SEC has limited jurisdiction and where there is a higher risk of fraud. KEY QUOTES“The SEC is taking obvious actions to show that they are very aggressive in their enforcement actions.” - Matt Stankiewicz“This is a perfect reminder for everyone listening, whether you're into crypto or not. If you are working internally with your email or you're in [a] corporate chat, that can all be discoverable in future litigation. And you need to be careful what you say.” - Matt Staniewicz“It is a very poor look in the court of public opinion for the SEC to stand on the ground of saying, ‘We are here to protect investors,’ but [avoid] stopping this before investors have a chance to throw all their money in that IPO.” - Matt StankiewiczResourcesMatt Stankiewicz on LinkedIn

Unprecedented changes are imminent in sanctions and export control enforcement, as the U.S. government amplifies its focus on national security and corporate compliance. On this episode of Corruption, Crime and Compliance, Michael Volkov discusses the potential consequences of these developments. He dissects the “new FCPA”, the Department of Justice’s (DOJ) strategic approach, the critical role of sanctions and export control enforcement, and the intricacies of voluntary disclosure programs.You’ll hear Michael talk about:A significant shift is occurring in the DOJ's enforcement focus, with 75% of criminal cases against corporations now related to national security matters, including sanctions enforcement, money laundering, and terrorism.The DOJ will collaborate with OFAC and BIS in a similar manner to the relationship between the DOJ and the SEC during FCPA enforcement.Corporate resolutions are set to increase drastically, with steep penalties, deferred prosecution agreements, guilty pleas, and a surge in individual prosecutions. Heightened compliance expectations around export controls and sanctions compliance will necessitate a ramp-up of relevant compliance programs.The enforcement actions will serve as guidance, similar to the initial stages of FCPA enforcement, providing cues about the DOJ's view on compliance and their expectations from compliance programs.The DOJ plans to ramp up enforcement against global banks, investing heavily in the Bank Integrity Unit which is part of the anti money laundering operations for global banks, and sanctions enforcement.The DOJ has forewarned corporations about the enforcement emphasis on sanctions and export controls. DOJ has ongoing investigations in various sectors including transportation, fintech, banking, defense, and agriculture.Voluntary disclosure programs, such as those from OFAC and the National Security Division, play a significant role in mitigating enforcement actions. However, choosing between OFAC and DOJ disclosure can present a nuanced dilemma for corporations, hinging on whether a violation is willful. The number of voluntary disclosures involving both is expected to increase as corporate enforcement actions rise.The case against British American Tobacco by DOJ and OFAC for illegal sales of cigarettes to North Korea, resulted in a combined penalty of $629M. This is a significant instance of enforcement action against a non-financial institution.The Bureau of Industry and Security (BIS) and the Department of Commerce brought a case against Seagate Technology, resulting in a $300 million settlement. The DOJ seems to be investigating this matter further due to Seagate's blatant violations.A case against Murad, a cosmetics company, was brought by OFAC for Iran sanctions violations worth approximately $11 million. Murad ended up paying a $3.3M fine. Murad's actions highlight the importance of sanctions compliance guidance and the significance of due diligence, especially during acquisition processes.OFAC's enforcement action against Murad also emphasized the importance of having a local compliance structure when a foreign parent company is involved. OFAC also stressed on the importance of pre- and post- acquisition due diligence and audits when acquiring companies. The failure to perform such activities may lead to unidentified sanctions issues, as illustrated in the Murad-Unilever case.We may see larger fines against non-financial institutions in the near future, surpassing the current record of $508 million, indicating an uptick in enforcement actions.KEY QUOTE:"OFAC announced a separate civil settlement for $508M, which is the largest fine against a non-financial institution in OFAC's history. And that's what we're going to be seeing. Largest fines against the non-financial institution will eclipse $508M probably in the next couple of years." - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

“This [Murad OFAC] enforcement action reflects the fact that OFAC, in recognition of the increasing seriousness of sanctions enforcement, is taking more time to provide guidance through some of their enforcement actions,” Michael Volkov tells listeners. In this episode of Corruption, Crime and Compliance, Michael unpacks the recent enforcement action by OFAC against California-based cosmetics company, Murad. He offers detailed insight into the case, going beyond the headlines and examining the underlying issues that led to the violations, and drawing out key compliance lessons.You’ll hear Michael talk about:The Murad enforcement action is significant because it highlights OFAC's increasing focus on sanctions enforcement and the need for global sanctions compliance organizations to have strong local oversight.Over an eight-year period, Murad illegally exported goods and services to Iran in 62 transactions worth approximately $11 million. The company and a former senior executive were penalized, paying $3.3 million and $175,000 respectively.OFAC acknowledged Murad's voluntary disclosure of the conduct but still categorized the violations as egregious.The conspiracy involved an exclusive agreement to sell Murad's products in the Middle East, including Iran, and continued even after Murad's acquisition by Unilever.The key compliance deficiencies cited by OFAC: These include absence of a specific sanctions compliance program, participation of high-level executives in illegal conduct, and lack of understanding of OFAC sanctions by staff based in the United Kingdom.OFAC emphasizes the need for senior management to commit to a culture of compliance and advises against placing a U.S. entity under the compliance structure of a non-U.S. entity that may lack familiarity with U.S. sanctions.Unilever's failure to uncover Murad's ongoing contracts with Iran demonstrates the need for robust due diligence and integration processes during acquisitions.KEY QUOTES:“OFAC specifically cited that, ‘In some circumstances, placement of a US entity under the compliance structure of a non-US entity that may lack familiarity with US sanctions could prevent prompt identification of and response to potentially prohibited conduct’. In other words, you have to have local boots on the ground, you have to have sanctions expertise in your US operations even though you're owned by a foreign global company." - Michael Volkov"It's important to have people dedicated to the OFAC sanctions compliance process and to make sure that expertise is available to the business within the United States." - Michael Volkov"To this end, OFAC stated that senior executives with managerial responsibilities should take particular care to ensure awareness of applicable prohibitions and refrain themselves from engaging in sanctions violations. " - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

Koninklijke Philips manipulated tender processes for medical imaging equipment in China, which resulted in a substantial $62 million fine. On the other hand, Frank's International paid an $8 million settlement for its FCPA violations in Angola, involving questionable commissions to a sales agent. These two cases serve as potent reminders of the risks and challenges that global companies encounter in today's globalized economy, especially when dealing with high-risk countries such as China and Angola. They underline the need for robust ethics and compliance programs, vigilance against bribery and corruption, and strict adherence to local and international laws. In this episode of Corruption, Crime and Compliance, Michael Volkov uncovers the details of these cases that underline the risks and challenges faced by global companies in the contemporary economy.You’ll hear Michael talk about:Koninklijke Philips, a Dutch multinational corporation, was penalized with a $62 million fine for contriving multiple schemes to manipulate tender processes for medical imaging equipment in China.These schemes included strategies like the manipulation of technical specifications, creation of counterfeit bids, and direct payments to state-owned hospital officials in China to restrict competition.Frank's International, an oil and gas company, paid an $8 million settlement for FCPA violations in Angola. The company had been paying commissions to a sales agent in Angola, knowing there was a high likelihood that these funds would be used to bribe government officials.Frank's International exhibited a lack of adequate internal accounting controls during this time period. This oversight permitted corrupt practices to proceed undetected.Angola requires international companies to engage with local businesses. In Frank's case, this was used as a cover to facilitate bribery payments.Frank's International was informed by a senior Sonangola executive that a restriction against them could be lifted if Frank's established a separate consulting company benefiting a high-ranking Sonangola official and offered 5% of the contract value to this company.The cases highlight how crucial it is for companies operating in high-risk countries, such as Angola and China, to have comprehensive ethics and compliance programs in place.These programs must be able to detect and prevent bribery schemes, manipulation of tender processes, and similar malpractices.The financial records of these companies must accurately represent all transactions and should be reviewed regularly to detect and rectify discrepancies.Companies should maintain a cooperative attitude with regulatory authorities, report potential violations, and take remedial actions for any identified issues.KEY QUOTES: "Koninklijke Philips played a dangerous game manipulating tender processes in China. The $62 million fine they paid is a stark reminder of the consequences." - Michael Volkov"Frank's International's $8 million settlement is a potent example of what can happen when companies ignore the necessity of robust internal accounting controls." - Michael Volkov "Operating in high-risk countries demands more than just good business sense. It requires stringent ethics and compliance programs to prevent disastrous legal and economic consequences." - Michael Volkov Resources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

Is your business prepared to effectively manage and mitigate the risks associated with sanctions compliance in today's global economic landscape? In today's increasingly interconnected global economy, sanctions compliance is more critical than ever. Companies around the world face complex regulatory environments and unprecedented risks, requiring a comprehensive and proactive approach to sanctions compliance. In this episode of Corruption, Crime and Compliance, Michael Volkov explores the pressing need to elevate corporate sanctions compliance programs, as well as the renewed focus on enforcement by the Department of Justice, and the practical steps every company must take to meet these evolving challenges head-on.You’ll hear Michael talk about:Companies must enhance their sanctions compliance programs. Basic programs that simply rely on screening tools are no longer sufficient. Companies need to incorporate comprehensive measures to ensure compliance with evolving sanctions laws.The Department of Justice (DOJ) has escalated the enforcement of national security crimes, demonstrating a renewed focus on sanctions compliance. This shift necessitates a proactive response from companies to mitigate potential risks.The OFAC has outlined five crucial elements for an effective sanctions compliance program: management commitment, risk assessment, internal controls, testing and audit, and training. Companies should familiarize themselves with these elements and incorporate them into their existing compliance programs.Risk assessment is a crucial first step in compliance. Companies must review their operations holistically, assessing all touchpoints with international markets to identify potential vulnerabilities and risks.Geoblocking technology is a valuable tool in sanctions compliance. Working with IT departments to develop comprehensive geoblocking capabilities can help prevent interactions with prohibited individuals or entities.Thorough screening and due diligence processes are imperative, moving beyond just the results of screening tools. This ensures that companies identify and mitigate potential risks associated with sanctioned entities or countries.Companies must implement effective escalation controls to ensure that any red flags identified through screening or due diligence are properly addressed and resolved.End-user verifications and documentation are critical components of a robust sanctions compliance program. These procedures help ensure that the company's products or services are not being used by sanctioned entities.Annual training for employees and personnel is essential. Tailoring this training to the company's specific risk profile ensures that all staff understand their responsibilities and the potential risks associated with non-compliance.KEY QUOTES:"Your company's survival may depend on your ability to navigate sanctions compliance in an increasingly complex global economy." - Michael Volkov"It's not just about checking boxes. We have to understand our touchpoints to the international markets and assess the potential risks. That's the foundation of an effective compliance program." - Michael Volkov"Training isn't a one-and-done task. It's an ongoing commitment to ensure our personnel understand and can navigate the complex world of sanctions compliance." - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

Cryptocurrency has become a popular way to invest and transact, but with that comes the need for sanctions compliance. In this episode, Michael Volkov and Matt Stankiewicz discuss the recent enforcement actions against Poloniex, Bittrex, and Kraken for violating US sanctions regulations with cryptocurrency transactions. Matt is a Partner at Volkov Law and a leading cryptocurrency expert. He and Michael dive into the common themes and basic failures that led to these enforcement actions, including IP blocking, transaction monitoring, and the use of screening tools. They also explore the challenges of compliance when dealing with regions like Crimea and Ukraine, as well as the importance of voluntary disclosure.You’ll hear Michael and Matt talk about:Cryptocurrency companies are struggling to implement KYC and geo-blocking controls, which is leading to violations involving sanctioned jurisdictions.OFAC is taking an aggressive stance against cryptocurrency companies. Companies in the cryptocurrency industry need to implement effective sanctions compliance programs to avoid hefty fines and enforcement actions from regulatory authorities.There is no materiality requirement for sanctions violations, and even small transactions can result in multimillion-dollar fines.Retroactively applying controls to existing customers is important, and failing to do so can lead to violations.Companies need to have a comprehensive and automated system in place to detect and prevent violations.Companies need to be vigilant about screening individuals and transactions against the relevant sanctions lists, including screening field text, addresses, and ID cards.Geo-blocking for IP addresses is a crucial compliance control, but it is not perfect and can be circumvented by VPNs.Voluntary disclosure of violations can lead to more favorable outcomes and lower fines from regulatory authorities.OFAC and other regulatory authorities are using analytical tools to monitor transactions and flag potential violations, so cryptocurrency companies should not assume they can go under the radar.Companies can use the public blockchain to monitor transactions and identify potential sanctions risks.Sanctions compliance programs should be regularly reviewed and updated to address new risks and changes in regulations.KEY QUOTES"There are a lot of tools available to these companies to monitor transactions, maybe better than in the traditional finance world, just because everything on the blockchain is public record essentially." - Matt Stankiewicz"It's just interesting to see OFAC go so aggressively against these companies. Not too surprising considering the extreme sanctions risk that cryptocurrency poses. Very importantly, there's still a lot of takeaways that really any industry can take away from these enforcement actions." - Matt Stankiewicz"If you find problems, obviously you want to remediate them, but figure out what you need to do in terms of voluntary disclosures, because typically you'll be much better off than if OFAC figures it out on their own, which they usually do." - Matt StankiewiczResources:Matt Stankiewicz on LinkedIn | Twitter Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

British American Tobacco (BAT) recently settled for $629 million for violating North Korea sanctions. This sends a clear message from the Department of Justice that enforcement against companies is the new FCPA. The settlement resulted from BAT's continued control of a joint venture in North Korea through a third-party company and its subsidiary's willful conspiracy to transfer hundreds of millions of dollars through US banks, which were aware that the transfers were blocked by US sanctions. In this week's episode of Corruption, Crime and Compliance, Michael Volkov delves into the facts of this important enforcement action and discusses the elaborate use of front companies and attempts to disguise North Korean connections, confirming the DOJ's new aggressive approach to sanctions and export enforcement.You’ll hear Michael discuss:Compliance professionals should review the BAT scheme for its elaborate use of front companies and attempts to disguise North Korean connections.BAT controlled a joint venture in North Korea through a third-party company. Its subsidiary willfully conspired to transfer hundreds of millions of dollars through US banks while being aware that the transfers were blocked by US sanctions. This resulted in a $629 million settlement.OFAC imposed a $508 million penalty against BAT, the largest fine against a non-financial institution in OFAC's history. This is equal to the statutory maximum that they would have been allowed to collect.Cigarette trafficking generates significant revenue for North Korea's WMD program. Smuggled tobacco products generate a profit of 1900%.Senior management needs to drive a culture of compliance and put relevant policies and controls in place to reduce the risk of engaging in violative conduct.BAT's senior management decisions to approve or support arrangements that obscure dealings with sanctioned countries and parties were reflected throughout the organization, compounding sanctions risks and increasing the likelihood of committing potential violations.KEY QUOTES:"British American Tobacco's deceit and elevation of business over compliance permeates this blockbuster settlement for $629,000,000. The BAT settlement really confirms DOJ's new, aggressive approach to sanctions and export enforcement." - Mike Volkov"Cigarette trafficking generates significant revenue for North Korea's WMD program. In addition, counterfeit cigarettes are a major source of income to the North Korean regime, since smuggled tobacco products generate revenue of up to $20 for every dollar spent in cost." - Mike Volkov"OFAC noted that this enforcement matter demonstrates that without a culture of compliance driven by senior management and attendant policies and controls, firms increase the risk that they may engage in apparently violative conduct." - Mike VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

Corporate culture is the most valuable intangible asset that a company owns. In this week's episode of Corruption, Crime and Compliance, Michael Volkov discusses the importance of corporate culture for ethics and compliance programs. He emphasizes the need for business leaders to understand the significance of corporate culture on the ground level and outlines steps and tasks needed to build and maintain a positive culture.You’ll hear Michael discuss:Corporate culture is an embodiment of a company's values and interactions with key stakeholders. Every company has a distinct culture that defines its purpose and motivations.Senior leadership plays a critical role in embedding the culture and enforcing the message. Managers and employees take their cues from corporate leaders.Companies have to hold leaders accountable for wrongdoing or failure to supervise. Leaders who promote ethical cultures should be rewarded, while those who engage in misconduct should suffer discipline up to termination and recoupment of financial benefits.Transparency and publicizing corporate rewards and discipline are crucial to building trust, increasing employee engagement, and promoting a positive culture. A company's most significant reflection of its culture is employee perception and rates of misconduct.CCOs have to redefine their media tasks and responsibilities to reflect the emphasis on corporate culture. They have to define specific ways to measure a company's culture, regularly report on these measures, and monitor indicators of culture misconduct, reporting issues, financial concerns, and HR issues.Monitoring, intervention, and remediation require a real-time focus and constant questioning of trends, interventions, and measurement of results. Working collaboratively with HR, legal, and finance can bring about real culture improvements with a joint mission focused on ethics and compliance.KEY QUOTES"Your corporate culture, your culture of ethics and compliance is your best control. It's your most effective and most important control, and it's your most valuable intangible asset." - Michael Volkov"A robust reporting system with active participation is a positive, not a negative, reflection of a company's culture." - Michael Volkov"Companies that wait for a scandal to occur before acting have failed to do their job. Proactive compliance means prevention and focusing on your company's culture." - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

Microsoft recently paid over $3 million for multiple sanctions violations involving illegal exports of services and software to sanctioned jurisdictions. The violations spanned seven years and involved prohibited Russian entities or persons located in the Crimea region of Ukraine. However, what makes this case particularly intriguing is the remedial actions taken by Microsoft, which offer best practices and insights into what can be done when resources are available. In this week's episode of Corruption, Crime, and Compliance, Michael Volkov takes a deep dive into the Microsoft OFAC enforcement action.He discusses these ideas:Microsoft committed 1339 transactions in violation of multiple sanctions programs over seven years, totaling over $12 million worth of sales and services.Violations included the sale of software licenses and the provision of related services from servers and systems located in the US and Ireland to SDNs, blocked persons, and other end users located in Cuba, Iran, Syria, Russia, and the Crimea region of Ukraine.The violations were due to Microsoft's failure to obtain complete or accurate information on the identities of end customers and shortcomings in its restricted party screening. At times, Microsoft Russia employees intentionally circumvented Microsoft screening controls to prevent other Microsoft affiliates from knowing the identity of the ultimate end customers.Microsoft's significant remedial measures included enhancing its trade compliance program, improving its governance structure and screening resources, adopting a new three lines of defense model, and conducting a holistic risk assessment to identify and remediate instances of prohibited engagements.Microsoft deployed a multidisciplinary internal investigation team proficient in 16 foreign languages, modified its procedures to respond to matches, and expanded the scope and volume of data screened.“Companies with sophisticated technology operations and a global customer base should ensure that their sanctions compliance controls remain commensurate with risk.” Companies should consider conducting a holistic risk assessment to identify and remediate prohibited engagements and ensure that employees adhere to the sanctions compliance program.OFAC emphasized that companies conducting business through foreign-based subsidiaries, distributors, and resellers should have sufficient visibility into their end-users, including through the provision of services after an initial sale.KEY QUOTES:"Now, when Microsoft supported these third-party sales to prohibited parties, they provided prohibited software and services to SDNs and end customers in sanctioned jurisdictions, and the violations occurred. The root cause really was because Microsoft did not have complete or accurate information on the identities of the end customers for Microsoft's products." - Michael Volkov"Companies with sophisticated technology operations and a global customer base should ensure that their sanctions compliance controls remain commensurate with that risk and leverage in appropriate technological compliance solutions." - Michael Volkov"Testing or auditing, whether conducted on a specific element of a compliance program or enterprise-wide level, are important tools to ensure that the program is working as designed and weaknesses are promptly remediated." - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group