Corruption Crime & Compliance

In the 300th episode of Crime, Corruption and Compliance, Michael Volkov examines the recent FCPA settlements with two major UK reinsurance brokers - Tysers and H.W. Wood - for their involvement in a bribery scheme in Ecuador. The DOJ took an unorthodox approach by going after individual people before the companies. This helped them get cooperation and gather evidence, resulting in over $36 million in fines and forfeited money. However, it also highlights common issues in FCPA cases, such as a lack of supervision and effective controls that let corruption happen.You’ll hear Michael discuss:The settlements with Tysers ($36M fine + $10.5M forfeiture) and Wood ($508K fine + $2.3M forfeiture) resolve a multi-year FCPA investigation in Ecuador.Several individuals were prosecuted first, including the chairman of two state-owned Ecuadorian insurance firms who pleaded guilty in 2020. This allowed the DOJ to build up cooperators and evidence.  A third-party intermediary played an instrumental role, serving as the "glue" that coordinated all aspects of the scheme in exchange for significant profits.Neither Tysers nor Wood voluntarily disclosed. Tysers received a 25% discount for cooperation and remediation; Wood's fine was reduced to $508K based on inability to pay.  The intermediary demanded a large split of commissions to funnel payments to officials, which Tysers and Wood accepted, triggering disputes among Tysers' own employees. The parties used coded language and fake investment contracts to disguise corrupt payments to officials' offshore accounts.The lack of financial controls and oversight of third-party payment allocations enabled suspicious activity to occur unchecked. Massive "commissions" paid to intermediaries raised obvious red flags that went unheeded.Going after individuals first and securing a declination for one company yielded major penalties for Tysers and Wood, proving the DOJ's strategy highly effective.The facts underscore the need for vigorous third-party due diligence and monitoring controls to detect and halt potential corruption.KEY QUOTES“DOJ has had a slow year in FCPA enforcement. Everybody knows that we may see a few more coming in the next few weeks before the end of the year…” - Michael Volkov“Unlike most third party FCPA cases, where a third party may be enlisted to further a bribery scheme by funneling payments directly to a foreign official, the intermediary in the Tysers and Wood cases played an instrumental role in arranging, managing and overseeing the bribery payments and overall scheme. The intermediary company truly operated as the glue that put together a large bribery operation from which it earned significant profits.” - Michael Volkov“...the timing of the corporate individual resolutions is certainly a unique pattern for DOJ to execute on and certainly raises the prospect that we may see other cases where individuals get prosecuted first and then you see a corporate resolution coming towards the end. So DOJ clearly here built up a reservoir of cooperators and information and intelligence that resulted in them being able to impose significant penalties against Tysers and Wood.” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Bobby Butler joins Michael Volkov on this episode of Corruption, Crime and Compliance, to explore the evolution of compliance over 20 years. While enforcement actions sparked major progress, Bobby contends compliance is moving firmly into the realm of competitive advantage and performance multiplier. Millennials and younger generations ‘vote with their feet’, demanding ethical cultures, so compliance may increasingly drive talent retention as well.  Bobby Butler has over 20 years of experience building world-class ethics and compliance programs. In his early career, he investigated export control issues and quickly became passionate about compliance. Known for his persistence and commitment to finding solutions, he is a pioneer who helped elevate compliance from an ad hoc function to a strategic asset.You’ll hear Michael and Bobby discuss:In the early 2000s, compliance programs were sparked by reactions to major DOJ enforcements rather than proactive investments. Companies finally dedicated ample resources when faced with "shock and awe" consequences.Bobby got his start investigating export controls issues at Conoco after unlawful server exports to Syria. He quickly became passionate about trade compliance and then FCPA compliance during the explosion of enforcements in the mid-2000s.Working at ground zero compliance teams at Vetco and Baker Hughes during monitorships gave Bobby deep experience with elements of gold standard compliance programs long before codified evaluation criteria.Bobby argues justifying significant resources without an enforcement action catalyst remains extremely challenging. Compliance fights for a seat at the table and has to insert compliance considerations into business meetings.  Persistence and consistency in messaging are critical for credibility and influence as a compliance officer. Strong yet flexible personalities tend to thrive compared to introverts.Compliance has to focus on finding creative solutions to enable opportunities: frame compliance as a competitive advantage and performance multiplier.Tactics Bobby used to persuade executives include tying bonuses to compliance training completion, positioning compliance in sales materials and constant insertion into business meetings.The compliance skill set has grown into a dedicated career path with specialized education channels, not just a secondary legal role. Bobby sees government enforcements continuing to increase given complex technologies and geopolitics.KEY QUOTES“...we have to find ways for the business to grow. We've got to be sitting there at the table with them thinking of solutions. The more brain power you put at problem solving and doing it in a compliant way, that's how you build trust with people.” - Bobby Butler“And every day that goes by, when there's not a compliance issue and you can certify that controls have passed and the elements are there and you have outside counsel come in and do an assessment of your program and you continuously improve and each day goes by and you don't have an issue. Well, there's another positive impact to the investment and the return on shareholder value and more importantly, the company brand.” - Bobby Butler“...we're out there preaching the good news that compliance can be a good thing. Because at the end of the day, when the company does get in trouble, compliance sets policy, sets voluntary boundaries where the law sets mandatory boundaries.” - Bobby ButlerResourcesBobby Butler on LinkedIn

Ephemeral messaging applications like Snapchat, WhatsApp, and Telegram have presented a complex challenge for compliance professionals and legal counsel. On one hand, these technologies can reduce data storage and preservation costs, minimize breach exposure, and allow prioritization of communications data. On the other hand, they can create blind spots by deleting communications records and seriously obstruct internal investigations. How can companies balance the benefits of ephemeral messaging against the risks of compliance program undermining? In this week's episode of Corruption, Crime and Compliance, Michael Volkov discusses recent DOJ guidance regarding ephemeral messaging risks and outlines practical steps organizations can take to strike the right balance. You’ll hear him discuss:Ephemeral messaging can reduce data storage and preservation costs, which can be significant for companies facing litigation or investigations. It also reduces potential breach exposure by deleting data.However, ephemeral messaging can obstruct internal investigations and create corporate blind spots by deleting communications records before they can be reviewed. This undermines compliance programs.DOJ's guidance outlines several steps companies can take to allow ephemeral messaging while mitigating risks:Understand how the apps delete data and what types of data are stored;Tailor policies on use to your specific risk profile and business needs;Clearly communicate policies to employees and ensure regular enforcement;Examine how policies impact the ability to conduct investigations and respond to subpoenas;Evaluate the overall reasonableness of the risk mitigation strategy.Practical steps to make ephemeral messaging safer include:Restricting use to specific authorized purposes like scheduling;Requiring employees to maintain deletion settings;Conducting periodic audits of devices;Requiring preservation and company access to work communications,Coordinating ephemeral messaging policies with broader data preservation policies.If a company provides devices to employees, it has more control and ability to restrict apps and access data, but even then, steps need to be taken to mitigate risks.BYOD policies are more complex since consent and privacy restrictions may limit what companies can do. However, a BYOD policy still needs to address comprehensively:  Preserving data  Allowing corporate audits and access  Segregating work data where possible  Outlining consequences for violations  Respecting local privacy laws  Getting employee consentWith the right policy framework, BYOD can potentially allow ephemeral messaging while protecting data availability.KEY QUOTES“Companies have a vested interest in preserving their internal communications for a variety of reasons, to hold internal actors accountable, or even outside actors sometimes, and to protect the organization from potential private and government claims or investigations that may have serious direct or collateral consequences.” - Michael Volkov“If the government issues a grand jury subpoena as part of a criminal investigation and the company fails to preserve data generated by use of an ephemeral messaging system, a company could be held liable for failing to preserve data relevant to the criminal investigation. Such consequences can be significant...” - Michael Volkov“While a company may have limited access to employees' personal devices when it supplies devices to its employees, the company should regularly secure certifications by its employees that has not used its personal device for work-related purposes, with emergency exceptions, of course. Similarly, companies have to develop testing protocols for its BYOD policy and secure employee consent to examine the personal device limited solely to business data.” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Is your company's compliance program truly effective, or is it just ticking boxes? In this episode of Corruption, Crime, and Compliance, Michael Volkov dives deep into LRN's PEI survey with Susan Divers. Susan sheds light on the global nature of ethics and compliance programs, challenging the misconception that they are solely US-centric. They discuss the power of values, the shift from a cop to a coach approach, and the revolutionary trends in employee-centric training, especially in the age of remote work. Susan Divers is the Director of Thought, Leadership, and Best Practices at LRN. She has a wealth of experience as a former Chief Compliance Officer, and her emphasis on values over rules in compliance programs has made her a trailblazer in the industry. You’ll hear Michael and Susan discuss:The LRN PEI survey challenges the perception that ethics and compliance are US-centric; many programs worldwide share common features such as codes of conduct, training policies, and audits.Examining a decade of data, the report delves into how ethics and compliance programs responded to the disruptions caused by the pandemic.LRN's data reinforces the idea that ethics and compliance programs relying on values and ethical cultures are more effective than those solely based on rules. Shifting from a cop approach to a coach approach enhances program effectiveness.Ethical companies experience lower employee misconduct rates, higher employee satisfaction and productivity, and achieve greater sustainable financial performance.The pandemic prompted a shift in focus from content-driven training to employee-centric, relevant, and mobile-friendly modules. Shorter modules, just-in-time training, and tailored approaches are emerging as best practices.Ensuring accessibility through web-based policies and procedures, coupled with interactive capabilities and data analytics, becomes crucial in bridging the gap between remote workers and compliance initiatives.Gathering data on employee interactions provides insights into the effectiveness of compliance programs. Metrics such as completion times, pass rates, and group performance allow for targeted efforts to enhance the program's impact.Michael emphasizes the challenge for compliance officers in handling the plethora of available data. Choosing the right metrics, setting standards, and ensuring the usability of metrics over time are crucial considerations.The report highlights that high-performing ethics and compliance programs are integral to the decision-making processes of companies. 70% of respondents reported modifying or abandoning a business initiative due to an ethics and compliance risk assessment.Susan introduces the concept of embedding a short Ethical Culture survey at the end of training courses. This real-time survey, known as the Ethical Pulse Culture survey, serves as a powerful tool to gauge and improve the ethical culture within organizations.The Ethical Pulse Culture survey becomes a game-changer, operationalizing compliance by offering a moving average of data insights. This survey, incorporated into scorecards, provides business managers with valuable insights into their business unit's ethical culture over time.ResourcesSusan Divers on LinkedIn | EmailLRN

Clear Channel, a San Antonio based advertising company, is settling with the SEC for $26 million, for bribery violations committed by its former Chinese subsidiary, Clear Media. In this episode of Corruption, Crime and Compliance, Michael Volkov explores the details of this case, from covert cash funds to internal audit challenges, shedding light on the issues that led to this notable settlement. You’ll hear him discuss:The charges stemmed from bribery violations committed by Clear Channel’s former Chinese subsidiary, Clear Media. The bribes included expensive gifts, entertainment and travel, given to influence contract renewal negotiations with Chinese government officials.Clear Media engaged in deceptive practices, falsely documenting payments to cleaning and maintenance companies to fund illegal payments. They cautioned employees to omit gift recipients and disguised payments through oral agreements. False invoices and tax records were created to justify cash payments to shell company intermediaries that provided no actual services.Internal audits from 2012 to 2017 highlighted deficiencies, red flags, and indicators of bribery. Despite this, Clear Channel failed to pursue aggressive remedial actions. Internal auditors faced resistance from Clear Media and even reported false information provided by them. The lack of diligence and follow-up allowed the issues to persist.Clear Channel, however, cooperated extensively with the investigation. They promptly shared facts, produced relevant documents, and facilitated interviews with current and former employees. Remediation efforts included disposing of Clear Media, enhancing anti-corruption compliance policies, and increasing resources for compliance.The settlement serves as a cautionary tale, emphasizing the importance of robust internal audits and proactive remediation.KEY QUOTES:“Clear Channel received credit for its cooperation and remediation. Its cooperation included promptly sharing facts, proactively producing relevant documents, producing in real time documentation of audits of Clear Media's internal controls during the course of the investigation...” - Michael Volkov“So from 2012 to 2017, Clear Channel auditors regularly cited Clear Media's deficiencies, red flags, indicators of bribery, and inadequate internal controls. The auditors cited numerous remedial measures, but Clear Channel failed to ensure that appropriate remedial steps were taken.” - Michael Vokov“But given the level of resistance and the failure of the internal audit function to operate properly and to follow up specifically on the issues that they were uncovering, the resolution has to be viewed in a positive light and was only counterbalanced by the fact that what Clear Channel did was cooperate and provide extensive remediation and ultimately sold its Chinese subsidiary...” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Albemarle, a prominent specialty chemicals company, recently settled a case for $218 million, unraveling a web of bribery payments across Vietnam, Indonesia, and India. The repercussions of this case extend beyond the financial penalty, encompassing a three-year non-prosecution agreement and the application of the Compensation, Incentives, and Clawbacks pilot program. In this episode of Corruption, Crime and Compliance, Michael Volkov shares details of Albemarle’s FCPA settlement with the DOJ and SEC, exploring Albemarle’s voluntary disclosure, extensive remediation efforts, and a transformative shift in its business model.You’ll hear Michael talk about:Albemarle agreed to pay over $218 million to settle investigations conducted by the DOJ and the SEC. This substantial financial penalty is a consequence of alleged bribery payments made by the company in multiple countries.The investigations focused on bribery payments related to various business transactions and dealings made by Albemarle in Vietnam, Indonesia, and India. As part of the settlement, Albemarle entered into a three-year non-prosecution agreement. While the company acknowledges certain wrongdoing, it avoids facing formal prosecution during the specified period if it complies with the agreed-upon terms and conditions.The settlement includes the application of the Compensation, Incentives, and Clawbacks pilot program. This program outlines mechanisms to ensure that executives and employees involved in wrongdoing face appropriate consequences, including clawing back certain incentives and compensation. Albemarle voluntarily disclosed information related to the potential FCPA violations. This proactive step is often a mitigating factor in settlements and reflects a willingness to cooperate with authorities.Albemarle undertook extensive remediation efforts in response to the allegations. This included disciplining employees involved in the wrongdoing, strengthening its anti-corruption program, and making significant changes to its business model and risk management processes.The investigations highlighted Albemarle's use of sales agents in Vietnam, Indonesia, and India. Control deficiencies with third parties in China and the United Arab Emirates (UAE) were also noted, raising concerns about the oversight and due diligence processes related to these external entities.Michael shares details about specific bribery schemes involving state-owned entities such as Petro Vietnam in Vietnam, Pertamina in Indonesia, and IOCL in India. These schemes included practices like modifying tender requirements, providing nonpublic information, and directing agents not to include details in invoices concerning tips to foreign officials.The case underscores the risks of relying on third-party agents to secure contracts, particularly through the example of Albemarle's failure to conduct due diligence on an agent in the UAE. The agent's close ties to the UAE government and royal family contradicted representations made during the due diligence process.KEY QUOTES“And in this case, they rewarded Albemarle with an NPA as opposed to a deferred prosecution agreement. So it's a three-year non-prosecution agreement, and doesn't get filed with the court. There's no information that's filed. And they agreed to pay a penalty of approximately $98.2 million and an administrative forfeiture of $98.5 million. Also, this is the first FCPA settlement where  we applied the Compensation, Incentives, and Clawbacks pilot program, which the DOJ had announced in March of 2023.” - Michael Volkov“With respect to remediation efforts, the DOJ cited Albemarle's extensive remedial measures, including that they started the remediation prior to the beginning of the DOJ's investigation. In other words, they started to remediate quickly upon starting their own internal investigation.”  - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

3M faced a dual settlement, first with the SEC and then with OFAC, over alleged Iranian sanctions violations stemming from misconceptions and oversights in a license plate deal with a German intermediary. Despite the gravity of the case, 3M took proactive remedial actions, including voluntary disclosure and internal changes. Similarly, Emigrant Bank maintained a CD account for two Iranian residents for over two decades without proper screening, leading to a $31,000 settlement. In this episode of Corruption, Crime and Compliance, Michael Volkov shares details of both cases, underscoring the complexities of navigating sanctions regulations, the consequences of compliance failures, and the pivotal role of voluntary disclosure and proactive remediation in mitigating penalties.You’ll hear Michael talk about:3M settled with the Securities and Exchange Commission (SEC) for $6.5 million and with the Office of Foreign Assets Control (OFAC) for $9.6 million over alleged violations of Iranian sanctions. 3M's Dubai-based subsidiary entered into a deal to manufacture reflective license plate sheeting for a German company, but it misunderstood the end user, believing it was a reseller when it was actually Iran. Between 2016 and 2018, 3M sent 43 shipments to the German intermediary, who resold them to Iran, violating OFAC regulations. This led to 54 violations of the Iran sanctions program. 3M's compliance team approved the deal without realizing the true end user was in Iran. Suggestions to review the deal were ignored, and steps were taken to conceal its true nature. 3M took remedial steps, including voluntary disclosure, termination or discipline of involved employees, leadership changes, revamped sanctions compliance training, and discontinuation of business with the German reseller.In another case, Emigrant Bank maintained a certificate of deposit (CD) account for two Iranian residents from 1995 until 2021 without properly screening it for sanctions issues. In 2016, when the account holders requested a wire transfer, Emigrant became aware of potential sanctions issues but still approved the transfer. In 2019, Emigrant's upgraded screening software flagged the account, but the compliance team overrode the alert based on erroneous guidance from the 2016 wire transfer. Emigrant recognized the account's status in 2021, closed it, and took steps to remediate compliance program shortcomings.Emigrant settled the matter for $31,000, significantly lower than the maximum penalty applicable ($9.9 million), with voluntary disclosure and proactive remediation efforts considered mitigating factors by OFAC.KEY QUOTES“In the course of setting up this agreement, numerous managers at 3M suggested that trade compliance reviewed the deal. But these 60 suggestions were ignored by the deal's proponents. Even worse, a 3M subsidiary received an outside due diligence report, flagging the connection to Iranian law enforcement, and closed the matter without further investigation.” - Michael Volkov“On September 21 of this year, OFAC announced that Emigrant agreed to pay $31,867 to resolve 30 violations of the Iran Sanctions Program. The violations all relate to a single CD account that Emigrant maintained for two Iranian residents from 1995 until it closed the account in 2021.”  - Michael Volkov“In 2019, Emigrant upgraded its screening software, sanctioned screening, and the new program flagged the account as problematic due to the account holder's Iranian residency. However, software is only effective as its operator. Upon review, Emigrant's compliance team overrode the alert, basing their decision on erroneous guidance from the 2016 wire transfer. Now, Emigrant finally recognized the account status in 2021 and took steps to remediate its compliance program shortcomings.” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

California's data privacy regulations, primarily embodied in the California Consumer Privacy Act (CCPA) and its extension through the California Privacy Rights Act (CPRA), constitute a pioneering and influential framework. These regulations, effective from 2018 and further strengthened in 2020, set a standard for data protection not only within the state but also across the national and global economy. In this episode of Corruption, Crime and Compliance, Michael Volkov explores the nuances of the CCPA and CPRA, and the evolving data privacy landscape.You’ll hear Michael talk about:The lack of a federal data privacy law in the United States has led to a complex patchwork of state laws. Businesses are faced with the challenge of navigating these varied regulations, which contributes to compliance complexities.California, through the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), is a leader in data privacy regulation in the United States, with implications for both the national and global economy. The CPRA, enacted in 2020, establishes the California Privacy Protection Agency (CPPA) to enforce the law robustly.The CPRA introduces critical changes, including: Protection of employee and business-to-business personal information, which is now subject to the same privacy protections as consumer personal information. Enhanced consumer rights, such as the right to access, delete, and correct their personal information, and the right to opt out of the sale of their personal information.Companies are now obligated to implement reasonable security precautions and undergo annual cybersecurity audits and risk assessments.In addition to California, other states such as Virginia, Colorado, Utah, Iowa, and Connecticut have also enacted data privacy laws that echo the GDPR. Businesses must stay up-to-date on evolving compliance requirements and adapt their systems accordingly.Compliance issues comprise risk assessments, impact assessments, adherence to data breach requirements, and compliance with notification standards. Companies are developing systems based on the most stringent set of laws to guarantee compliance.KEY QUOTES“We have a patchwork of laws that apply in the United States. Unfortunately, we continue to suffer from the absence of a federal data privacy and breach notification law. Congress has tried for years to broker a deal here, but it has never been able to overcome strong lobbying forces. Whether it's high tech trial lawyers, law enforcement, or other gadflies, the public continues to suffer.” - Michael Volkov“Many commentators have suggested that California's data privacy laws and regulations are starting to look closer and closer to the EU's GDPR regime.” - Michael Volkov“To me, we're getting into a more strict regulation. We already have, under the California Consumer Privacy Act, a requirement to have on your website: an ‘opt out’ in terms of any information that you may provide to a website, that it can't be used by the entity for sharing or selling or whatever consumer products purposes. So keep tabs on the California events.” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

3M’s recent $6 million settlement with the SEC for violating the FCPA serves as a stark reminder of the risks global companies face in today's economy and underscores the crucial role of ethics and compliance programs. In this episode of Corruption, Crime and Compliance, Michael Volkov sheds light on the unethical conduct that led to legal repercussions and offers valuable insights into compliance, bribery mitigation, and the importance of tight control over official visits.You’ll hear Michael talk about:3M Corporation, a global company, was found to have made improper payments to Chinese healthcare officials employed by state-owned enterprises. These payments were disguised as expenses for attending overseas conferences and educational events.The scheme involved deceptive tactics where 3M presented these events as educational, but in reality, they included tourism and entertainment activities. This included creating fake agendas and hidden tourism components.Employees at 3M's China operations colluded with travel agencies to set up alternative itineraries that combined tourism activities with the purported educational events. Chinese officials either did not attend the educational events or missed significant portions of them. 3M China employees tracked the impact of these events on the company's sales. The costs of these trips were improperly recorded as legitimate business expenses, resulting in 3M benefiting by at least $3.5 million in increased sales.In the aftermath of this ethical breach, 3M took crucial steps towards remediation through self-reporting, cooperation with the investigation, and taking disciplinary actions such as terminating employees involved, severing relationships with travel agencies, and enhancing controls over cross-border fund transfers.KEY QUOTES“But 3M made payments to Chinese healthcare officials from state-owned enterprises or hospitals or healthcare delivery systems to attend overseas conferences, educational events, and healthcare facility visits. And these were paid for presumably as permissible educational events, but they actually were pretexts to provide overseas travel, sightseeing, and entertainment or tourism activities.” - Michael Volkov“3M employees accompanied the Chinese officials on the tourism activities, and the tourism activities included guided tours, shopping visits, day trips to nearby sites, and other leisure activities.” - Michael Volkov“This case also reminds me of a case several years ago called Johnson Controls, where the local China operation was able to secure funding and engaged in a sort of collusion process by which they sought funds and expenditures for less than $5,000. And they did that because it didn't require corporate approval above just the local level.” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

CEOs play a pivotal role in shaping an organization's commitment to ethical practices. Involving CEOs in compliance training, having them share their experiences, and demonstrating a personal commitment to compliance initiatives sets a strong tone from the top. This engagement fosters a culture of ethics and compliance throughout the organization, reinforcing the importance of ethical conduct at all levels.Mary Shirley is a highly regarded authority in the field of ethics, compliance, and corporate governance. She is widely recognized for her expertise in helping organizations navigate the complex landscape of compliance, mitigate risks, and promote ethical practices. With a wealth of experience and insights, Mary Shirley has become a sought-after thought leader, speaker, and author. Her book, Living Your Best Compliance Life: 65 Hacks and Cheat Codes to Level Up Your Ethics and Compliance Program, has earned acclaim for bridging gaps in existing literature on compliance programs.You’ll hear Michael and Mary discuss:Organizations can promote ethics and compliance by recognizing and rewarding individuals or teams who exhibit ethical behaviors. This creates a positive atmosphere throughout the company, as employees are more likely to behave ethically if they see that it is valued and rewarded. Additionally, recognizing and rewarding ethical behavior can help to set a good example for other employees and encourage them to behave ethically as well.Engaging leaders from different regions and departments in compliance training programs ensures diverse perspectives and reinforces the importance of compliance at all levels. Leaders from different regions and departments will have different experiences and understanding of compliance issues. By engaging them in training programs, organizations can gain a more holistic view of compliance risks and how to mitigate them. Practical solutions and problem-solving are essential for compliance initiatives. For example, shortening documentation requirements or providing training for HR on investigation best practices can be effective solutions. These solutions can help to reduce the burden of compliance on employees and make it easier for businesses to comply with regulations.One of the critical elements Mary discusses is the significance of building strong relationships within the company. Collaboration and idea implementation are key to success in the compliance world.Collaboration between legal, compliance, and HR teams, along with training for HR on investigation best practices, helps streamline compliance efforts.CEOs play a critical role in setting the tone for compliance within an organization. They are the ones who set the example for their employees, and their actions and words can have a significant impact on whether or not employees comply with regulations. When CEOs are involved in compliance training, it demonstrates that they are committed to ethical practices and that they take compliance seriously.Mary recommends forming task forces to validate compliance ideas at an early stage, fostering a culture of innovation and problem-solving.Encouraging employees to share personal anecdotes related to compliance principles humanizes the process and fosters a culture of ethical work. When employees feel like they can share their own experiences with compliance, it helps them to understand the principles on a deeper level. It also helps to create a sense of community and belonging, as employees see that they are not alone in their commitment to ethical behavior. KEY QUOTE“One of the things that I learned way later that I wish I had was that when you involve people in the conceptualizing aspect [of] building a compliance initiative… and they feel [like they are] part of it… you’re in a much better position to get buy-in when you [implement].” - Mary ShirleyResourcesMary Shirley on LinkedIn Order Mary’s new book: Living Your Best Compliance Life