Corruption Crime & Compliance

Is the progress itself enough to consider the battle won? Are the ongoing scandals casting a shadow over the hard work against corruption? Despite challenges (such as limited resources due to the ongoing war) and recent scandals (such as overpriced eggs for the military), Ukraine maintains multiple institutions committed to transparency and integrity, crucially supported by international partnerships aimed at enhancing its anti-corruption infrastructure.Listen to this conversation between Michael Volkov and Halyna Senyk in which they focus on Ukraine's anti-corruption efforts amidst the backdrop of its ongoing war with Russia. Halyna Senyk, an expert from the CEELI Institute, details Ukraine's progress since 2014, highlighting the establishment of key anti-corruption agencies and reforms and how, over 10 years, it moved from 144 to 104 place in the Transparency International Corruption Perception Index.You can listen to how, despite these advancements, Senyk acknowledges persistent challenges, including recent setbacks and scandals that have tested the country's resolve.You’ll hear them discuss:Historically pervasive and deeply rooted corruption at various levels of government and the reality of society that remains a critical challenge. Despite reforms and the establishment of anti-corruption agencies, the implementation and effectiveness of these measures are often undermined by systemic issues.The conflict with Russia that started in 2014 leading to military, economic, and social destabilization. This conflict has strained Ukraine's resources and governance capabilities, posing obstacles to effective governance and reform efforts.The volatile political landscape in Ukraine is characterized by frequent changes in leadership and political alliances that hamper consistent policy implementation and reform progress.The ongoing conflict and systemic corruption and how they contribute to economic challenges, including reduced investor confidence, economic uncertainty, and financial strain on public institutions.Ukraine's geopolitical position and how relations with neighboring countries and international allies, particularly with regard to Russia and the European Union, influence its ability to implement reforms and receive international support effectively.ResourcesHalyna Senyk on LinkedInEmail: Halyna.Senyk@ceeli.euCEELI Institute (Central and Eastern European Law Initiative)Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

Bryn Sedlacek, Vice President and Product Manager at Aravo, joins us on the podcast to discuss third-party risk management focusing on holistic risks and unified visibility. In a wide-ranging discussion, Mike Volkov and Bryn Sedlacek discuss the challenges in implementing a third-party risk management program that captures holistic risks and maintains a consistent, unified line of sight across the organization's risk profile. They focus on sanctions, capturing the source and ultimate destination of products/services and including those in screening, leveraging how to handle conflict minerals as a model, and how data intelligence providers can help. Additionally, Bryn discusses unified visibility, which provides comprehensive visibility to executives and decision-makers across risk domains and performance. Finally, they discuss InfoSec risk with third parties, where to start, and the future of risk - technology and alternative risk strategies. Join Michael and Bryn as they navigate the complexities of compliance in today's corporate landscape.Bryn discusses how crucial it is to start with a realistic approach to building a compliance program and continually improve compliance programs to mitigate risks effectively.Having a platform like Arvao’s is valuable for companies as it is highly configurable and tailored to meet the unique needs of each client’s business structure and risk management requirements.The partnership between IT and cyber security in a compliance program is vital for addressing cybersecurity risks effectively within organizations. It is a growing trend for IT and cyber security to focus on collaboration and meeting the unique needs of each department.Unified visibility across different risk domains and third-party activities is essential for making informed decisions and managing risks effectively. Continuous monitoring and auditing are crucial in compliance programs, with a risk-based approach to optimize resources and ensure proactive risk management.Sanctions compliance is a growing area of focus, requiring proactive monitoring, risk-based approaches, and continuous updates to mitigate risks effectively.ResourcesBryn Sedlaceck on the WebEmail: bsedlacek@arvavo.comMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Explore the intricate world of sanctions compliance, focusing on the crucial legal obligations for companies. Learn about how strict liability and aggravating factors can impact sanctions violations. The discussion highlights the significance of understanding third-party liability within supply chains and the risks of civil penalties for companies. Additionally, navigate the complexities of U.S. sanctions and export controls, including the implications for non-U.S. entities and the importance of documentation to avoid enforcement scrutiny.

LRN has issued another important report. In its latest report, The 2024 Benchmark of Ethical Culture Report, LRN has focused on the critical issue of corporate culture. LRN is a pacesetter and the leader in reliable studies on complex ethics and compliance issues. If not properly promoted or maintained, a defective culture can lead to serious misconduct, government investigation, reputational damage, and collateral harm. On the other hand, a positive and effective culture is a company's most valuable intangible asset, as it is tied directly to increased financial performance and sustainable growth. Over the past few years, business leaders have embraced what compliance and governance professionals already knew: companies with strong ethical cultures outperform other companies with weaker cultures. Employees at ethical companies are more productive, more satisfied, less likely to seek a new job, and more committed to the company's mission.Hear Michael discuss:LRN's 2024 Benchmark of Ethical Culture Report underscores the importance of ethical culture in driving financial performance and reducing misconduct rates.Generation Z shows a higher tolerance for unethical conduct, with nearly a quarter admitting to engaging in such behavior to get the job done.Hybrid workers who alternate between working from home and the office exhibit lower rates of misconduct and are more likely to report observed misconduct due to increased job satisfaction.Organizations with strong ethical cultures outperform those with moderate to weak cultures by at least 50% across various business performance measures.Employees at companies with strong ethical cultures are 1.5 times more likely to report observed misconduct, emphasizing the value of a positive work environment.Senior leaders often have more favorable perceptions of their organization's culture than middle management and frontline workers, highlighting the need for consistent messaging.LRN's research shows that nearly 70% of the variance in business performance is linked to an organization's ethical culture, emphasizing the critical role of culture in success.ResourcesLRN’s 2024 Benchmark of Ethical Culture ReportMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Dottie Schindlinger is Executive Director of Diligent Institute, the global corporate governance research arm of Diligent - the largest SaaS software company in the Governance, Risk, Compliance (GRC), and ESG space. She co-authored the book Governance in the Digital Age: A Guide for the Modern Corporate Board Director, co-hosts “The Corporate Director Podcast,” and co-created Diligent Institute’s Certification programs for directors and executives, including AI Ethics & Board Oversight. Dottie was a founding team member of the tech start-up BoardEffect, acquired by Diligent in 2016. She graduated from the University of Pennsylvania and is a Fellow of the Salzburg Global Seminar Corporate Governance Forum. Diligent and Bitsight recently issued an important report on corporate board oversight of cybersecurity risks. Dottie Schindlinger, Executive Director of Diligent Institute, joins Michael Volkov to discuss the important findings of Diligent's report.You'll hear Dottie and Michael discuss:Companies with advanced security ratings create nearly four times the amount of value for shareholders as companies with basic security ratings. On average, the Total Shareholders’ Return (TSR) over three and five years for companies in the advanced security performance range is approximately 372% and 91% higher, respectively, than their peers in the basic security performance range.Companies with a specialized risk or audit committee had higher security performance ratings on average. Companies falling within these two categories have an average security rating of 710, whereas companies lacking both committees have an average security rating of 650.The findings also suggest that the distribution of security ratings among companies with specialized risk and audit committees tends to skew towards the advanced security performance range, whereas companies lacking either of these committees tend to skew toward the basic security performance range.Having a cybersecurity expert on the board is not enough. Integrating a cybersecurity expert into the board committee tasked with cybersecurity risk oversight makes a significant difference in an organization’s performance.Merely having a cybersecurity expert on the board does not correlate to having a higher security performance rating. Highly regulated industries tend to outperform other industries in terms of cybersecurity performance. Of the companies with advanced-level security performance ratings, a full third (33%) came from the financial services sector – with an average rating of 720. The sector with the highest average rating overall was healthcare at 730. Nearly a quarter (24%) of companies with basic security performance ratings came from the industrial sector. ResourcesDottie Schindlinger on LinkedInDiligent Institute | Diligent | Board EffectThe Report can be downloaded at: Cybersecurity, Audit and the Board ReportMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Artificial intelligence is rapidly evolving, creating a new landscape for compliance. Financial institutions are leading the charge in AI adoption, particularly in fraud detection. As excitement builds around AI's potential, there's a cautionary note about the difference between hype and reality. Corporate leaders must stay alert and adapt quickly to the changes in compliance demands. The discussion emphasizes that ethics and compliance frameworks can effectively address AI-related risks, ensuring businesses can harness AI's promise without being overwhelmed.

Explore the evolving landscape of third-party risks in sanctions compliance as legal standards tighten. Discover how companies like Epsilon Electronics and ELF Cosmetics faced hefty penalties due to failures in due diligence. Learn about the importance of proactive risk assessment and effective strategies to navigate the complexities of compliance. With real-world examples, this discussion highlights that ignoring supply chain responsibilities can lead to costly repercussions. Stay informed to mitigate risks and ensure compliance in a challenging regulatory environment.

Carlos Villagrán is the Director of Compliance at CMPC, a 100-year-old Chilean-based holding company, one of the worldwide leading pulp, paper, packaging, personal care, and other forest products manufacturers. With more than 20,000 employees, CMPC has industrial operations in 9 countries (LatAm and the US) and commercial offices in the US, Europe, and China, selling and distributing its products to more than 45 countries around the world. Carlos joined CMPC to remediate and rebuild CMPC's culture and compliance program after a devastating scandal -- CMPC was prosecuted for its involvement in a decade-long conspiracy to fix prices in Peru and Chile for consumer paper products. Carlos discusses the challenges he faced in rebuilding CMPA's culture and commitment to compliance. His story is an inspiration to all legal and compliance professionals and provides important instructive lessons to corporate leaders and compliance professionals.You'll hear Michael and Carlos discuss:The importance of rebuilding and rediscovering the values and purpose of CMPC after a major corporate crisis.The effects on market share quotas and sales prices when CMPC faced an investigation and found to be the leader of a cartel in Chile and Peru.How the crisis significantly impacted CMPC's reputation, leading to public protests and consumer backlash in Chile and Peru.CMPC’s compliance team addressed the company’s complex nature because of its diverse workforce, including data analytics experts, IT professionals, and engineers.How the compliance program at CMPC shifted from a traditional approach to a more cultural and system-thinking perspective, aligning with the company's values and operations.Success for the compliance program at CMPC is defined by the number of critical tables the team is seated on, indicating their value and integration within the business operations.ResourcesCarlos Villagran on the Web | LinkedInEmail: carlos.villagran@cmpc.cl or cfvillagran@gmail.comMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Over the last ten years, we have seen a marked shift from the Delaware Chancery Court chipping away at corporate board member liability claims. In a number of seminal cases involving Boeing airplane crashes (In re the Boeing Co. Derivative Litig., No. 2019-0907 (Del. Ch. Sept 7, 2021)), and deadly listeria outbreaks from tainted ice cream (Marchand v. Barnhill, 212 A.3d 805 (Del. 2019)), Delaware Courts have upheld plaintiffs' cases against claims of failing to adequately plead violations of the standards set forth in Caremark, 698 A.2d 959 (Del. Ch. 1996), (establishing basic pleading requirements to withstand motions to dismiss). In this episode, Mike Volkov provides a comprehensive update on the recent Caremark decisions issued by the Delaware Chancery Court, underscoring their importance for accountability and governance in the corporate world.Caremark oversight duties stem from the well-established duty of loyalty and its subsidiary duty of good faith. To plead a Caremark claim, a plaintiff is required to put forth adequate facts from which a factfinder can make a reasonable inference that the fiduciary acted in bad faith. Under Caremark, bad faith can be established when a fiduciary: “(1) utterly fail[s] to implement any reporting or information system or controls," or (2) having implemented such a system or controls, consciously fail to monitor or oversee its operations, which results in a failure to act or attend to a risk or problem requiring their attention or response. Last year, the Chancery Court made a groundbreaking decision, extending the so-called Caremark oversight obligations and governance requirements to senior management in the McDonald's case. In re McDonald’s Corp. S’holder Derivative Litig., 289 A.3d 343 (Del. Ch. 2023). This ruling is one of the most significant developments in recent years, advocating for increased accountability for oversight and governance failures.Recent cases, such as the Boeing 737 MAX crashes and the Listeria outbreak from tainted Blue Bell ice cream, have highlighted failures in proper board governance and oversight responsibilities.In a case involving Segway, the Chancery Court dismissed a motion against an officer for failing to detect financial discrepancies, emphasizing the need to demonstrate a lack of good faith in monitoring central compliance risks.The trend in Delaware Chancery Court decisions is moving towards holding directors and officers accountable for failures to act in response to indications of potential illegal conduct, with a focus on bad faith actions.The Boeing case exemplifies the consequences of board members ignoring safety concerns and focusing solely on the bottom line, leading to tragic outcomes that could have been prevented with proper oversight and accountability.ResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Directive 2019/1937 of the European Parliament and Council dated 23 October 2019 on the “protection of persons who report breaches of Union law” (the “Directive”) is currently being implemented by EU Member States. The directive has broad applicability to organizations operating in the EU internal market and applies to both public and private sector organizations alike. Whistleblowers are guaranteed legal protection to the extent: (1) they have reasonable grounds to believe that the information reported was true at the time of the report; and (2) the whistleblower reported either internally to the organization, externally to a competent authority, or publicly. Private sector organizations with 50 or more workers are legally required to establish channels and procedures for internal reporting of EU law breaches and conduct appropriate follow-up. In this episode, Mike Volkov is joined by Daniela Melendez and Alex Cotoia from the Volkov Law Group, who bring their expertise to the table as they delve into the EU Directive and its implementation by several member states. Listen to this discussion to understand and navigate the complexities of the EU Whistleblowing Directive.The EU Whistleblower Directive shifts the burden of proof on retaliatory actions to the person taking the detrimental action, requiring them to demonstrate it was not linked to reporting concerns.Global companies are taking a proactive stance by increasingly focusing on robust ethics and compliance programs. This strategic move is aimed at mitigating risks and promoting positive corporate citizenship in today's economy, where adherence to legal and ethical standards is paramount.France signed the EU Directive into law on March 21, 2022, outlining protocols for gathering and handling whistleblower reports, including a two-month deadline for imposing disciplinary sanctions.Germany enacted the EU Directive on May 12, 2023, allowing anonymous reports and setting a three-month investigation deadline after receiving the report.Spain addressed the EU Directive on February 2023 by covering additional topics like occupational health and safety breaches. The directive established a three-month deadline for investigations and allowed anonymous reports.Italy transposed the EU Directive on August 4, 2022, including administrative, financial, civil, and criminal offenses not covered by the Directive, with a 30-day deadline to conduct investigations upon receipt of reports.Companies are advised to make resources available to conduct investigations quickly due to the short timeframes set by various countries' whistleblower protection laws.ResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law GroupAlex Cotoia on LinkedIn Email: acotoia@volkovlaw.comDaniela Melendez on LinkedInEmail: dmelendez@volkovlaw.com