Corruption Crime & Compliance

LRN continues to set the standard for ethics and compliance program research. Volkov Law is a supporter of, and advocate for, LRN’s research because it has consistently confirmed what we all know and believe - ethical companies perform better in the marketplace over the long run. It is an intuitive fact that employees respond better to values-based leadership than a rules-based environment and culture. Volkov Law is committed to that mission with our clients, colleagues, partners, and thought leadership. In this Episode Michael Volkov discusses LRN's latest PEI Report, a copy of which can be obtained at https://lrn.com/resources/ethics-compliance-program-effectiveness-report LRN's 2024 Program Effectiveness Report highlights the importance of corporate values, culture, and accountability in mitigating risks and maximizing financial performance.The report is based on a survey of over 1,400 ethics and compliance professionals from 19 countries and 26 industries.60% of organizations now incorporate ethical behavior into performance management, hiring decisions, promotions, and bonuses to elevate ethical conduct incentives.Top priorities for 2024 include training content, measuring ethical culture, improving web-based compliance resources, internal controls, and audit and compliance monitoring plans.Companies are adapting compliance programs to include remote and hybrid employees post-COVID-19, reflecting changing workplace needs.Senior management engagement in risk mitigation controls and company values is crucial, with 52% of respondents confirming actions over words in fulfilling ethics and compliance responsibilities.Nearly two-thirds of respondents stated their boards actively address misconduct by senior executives or excellent performers, relying on values to ensure ethical behavior. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

On the heels of the Gunvor FCPA settlement for $661 million, DOJ announced its settlement with Trafigura, the latest commodities trading company to fall under DOJ's FCPA Sweep against the industry. Trafigura joined the list of international commodity trading companies to suffer FCPA enforcement actions like Vitol, Sargeant Marine, Glencore, Freepoint, and Gunvor. DOJ's corporate resolutions are connected to individual prosecutions and guilty pleas of 19 individuals, including six government officials, eight corrupt intermediaries, and five trading companies. Trafigura Beheer B.V. ("Trafigura"), based in Switzerland, plead guilty and agreed to pay $126 million as part of a plea agreement to resolve FCPA violations in Brazil. Trafigura pleaded guilty to conspiracy to violate the anti-bribery provisions of the FCPA and agreed to pay a fine of over $80 million and forfeiture of $46 million. DOJ agreed to credit up to $26 million of the fine against the amounts Trafigura pays to resolve an ongoing Brazil investigation. Trafigura, a global commodity trading company, pled guilty and agreed to pay $126 million to resolve FCPA violations in Brazil, involving a corrupt scheme to pay bribes to Brazilian officials to secure business with Petrobras.DOJ cited Trafigura's cooperation and acceptance of responsibility, including providing timely updates, facilitating employee interviews, and producing relevant documents, but criticized their failure to preserve and produce certain evidence in a timely manner.Trafigura's bribery scheme involved paying bribes to Petrobras officials from 2003 to 2014 to obtain and retain business, with payments ranging from 5 to 20 cents per barrel for oil transactions.The bribery payments were facilitated through offshore bank accounts, U.S. banks, and coded language in emails, with Trafigura entities earning approximately $51 million in profits from the scheme.DOJ's successful sweep of the commodities trading industry resulted in six corporate resolutions and 20 individual convictions, totaling over $1.7 billion in penalties, emphasizing the importance of robust compliance and surveillance strategies.Trafigura's lack of compliance oversight and failure to maintain proper third-party due diligence or risk management programs allowed the bribery scheme to operate with impunity, highlighting the need for enhanced controls and monitoring in high-risk industries.Despite the challenges faced during the investigation, Trafigura's guilty plea and cooperation with DOJ demonstrate a commitment to addressing corruption and compliance issues in the global commodity trading sector. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

In a recent speech on March 7, 2024, Deputy Attorney General Monaco announced that, in the next 90 days, DOJ would implement a new whistleblower program to reward reporting of criminal misconduct at public and private companies. In particular, DOJ will encourage reporting of potential violations of the Foreign Corrupt Practices Act ("FCPA") and the recently enacted Foreign Extortion Prevention Act ("FEPA"). AAG Monaco noted that DOJ will be particularly interested in "foreign corruption cases" involving "non-issuers and violations of the recently enacted FEPA," along with criminal abuses of the United States financial system and domestic corruption cases. DAG Monaco also reiterated the importance of voluntary self-disclosures. DOJ employs a "mix of carrots and sticks" to incentivize companies to build stronger compliance programs that proactively mitigate risks and disclose misconduct to DOJ when appropriate. DAG Monaco underscored the fact that a corporate resolution "will always be more favorable with voluntary self-disclosure." In this episode, Michael Volkov discusses DOJ's new initiatives on whistleblowing and encouraging voluntary self-disclosures. DOJ's planned whistleblower program will significantly impact individual incentives to report financial misconduct and corporate decisions regarding voluntary self-disclosures.The program's focus extends beyond FCPA violations, encompassing other significant financial abuse schemes and potential reporting against non-issuer companies.Global companies are facing unprecedented risks and challenges in today's economy, leading them to prioritize robust ethics and compliance programs to promote positive corporate citizenship.The SEC whistleblower program has been successful, resulting in serious prosecutions and the derailment of fraudulent schemes. However, only around 10% of reports involve FCPA anti-bribery allegations.The Department of Justice recently announced its plan to create a whistleblower bounty program, which would fill gaps in existing programs and coordinate with voluntary self-disclosure policies.DOJ's whistleblower program will reward reporting of criminal misconduct at both public and private companies, encouraging reporting of potential violations of the FCPA and the Foreign Extortion Prevention Act.Companies are urged to disclose misconduct to earn valuable benefits, and the DOJ emphasizes the benefits of voluntary self-disclosure and cooperation to mitigate risks and maximize financial performance. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

Boeing continues to struggle with its core business activities. As troubles mount for Boeing, it is clear that it continues to suffer from real and pervasive culture issues that have been reflected in serious safety failures, financial difficulties, regulatory violations, and serious reputational damage. Boeing's troubles permeate every part of its organization -- from the board to senior executives to its operations and overall ethics and compliance commitment. As a result, Boeing stands at an important crossroads -- will it make a real commitment to change, reform, and ethics and compliance, or will it continue to limp along, suffering repeated incidents of harm? In its latest (mis)adventure, Boeing fell victim to a State Department fine for $51 million for violations of a number of export controls, including basic licensing requirements for exports to China and Russia. Boeing voluntarily disclosed the violations to the Directorate of Defense Trade Controls ("DDTC") in the State Department. The violations of the International Traffic in Arms Regulations ("ITAR") included illegal exports to foreign employees and contractors who work in more than 15 countries, a trade compliance specialist fabricating an export license to illegally ship defense items abroad, and violations of the terms and conditions of other export licenses, among other things. The DDTC's $51 million penalty is the largest administrative penalty imposed for ITAR violations since it imposed a $79 million penalty against BAE Systems in 2011. Under the terms of the settlement, Boeing must pay $27 million to the DDTC within two years and use the remaining $24 million to improve its compliance program and procedures. In addition, Boeing is required to hire a DDTC-approved special compliance officer to oversee its compliance with ITAR for the next three years. That officer will regularly report to the DDTC on Boeing’s progress. Boeing faced a $51 million settlement for ITAR violations, including unauthorized exports and re-transfers to foreign employees and contractors, notably in China.Violations involved illegal downloads of ITAR-controlled technical data from Boeing's digital repository, which affected Pentagon platforms like the F-18, F-15, and F-22 aircraft and the AH-64 Apache helicopter.Boeing voluntarily disclosed violations to the Directorate of Defense Trade Controls (DDTC) and the State Department, leading to the $51 million penalty, the largest for ITAR violations since 2011.The settlement requires Boeing to pay the DDTC $27 million, improve its compliance program with the remaining $24 million, and hire a DDTC-approved special compliance officer for three years.Boeing must introduce a new automated export compliance system, update the State Department on its progress every six months, and undergo two export control audits by State Department-approved consultants.Despite the violations occurring mostly before 2020, Boeing made significant improvements to its trade compliance program, investigated issues, cooperated with authorities, and expressed regret.The case highlights the State Department and DDTC's aggressive enforcement of administrative controls over military items, signaling a broader crackdown on export control and sanctions violations. Resources: Michael Volkov on LinkedIn | Twitter The Volkov Law Group

You have to give the Justice Department credit - after two slow enforcement years, DOJ is starting off 2024 with a relative "bang;" first, DOJ reached a large settlement with SAP in January, and now, DOJ has reached a blockbuster settlement with Gunvor S.A. for $661 million. Gunvor is one of the world's largest commodities trading companies. DOJ's settlement represents a "return" to its long-standing aggressive approach to FCPA enforcement. DOJ did not permit Gunvor to enter into a deferred or non-prosecution agreement. Instead, DOJ required Gunvor to plead guilty to one count of FCPA conspiracy. Following the plea agreement, the court sentenced Gunvor to pay a criminal monetary penalty of $374,560,071 and to forfeit $287,138,444 in ill-gotten gains. The sentence includes credits of up to one-quarter of the criminal fine each for amounts Gunvor pays to resolve investigations by Swiss and Ecuadorean authorities into the same misconduct so long as the payments are made within one year. The Office of the Attorney General of Switzerland simultaneously announced a parallel resolution of its investigation into Gunvor’s misconduct that involved the payment of approximately $98 million by Gunvor to Swiss authorities. Gunvor's conduct stretched over nearly a decade and involved systemic bribery payments to officials of the Ecuadorian Ministry of Hydrocarbons and Petroecuador, the Ecuadorian state-owned oil company, in exchange for valuable contracts to acquire oil products. In total, Gunvor earned more than $384 million in profits from the business it corruptly obtained related to Petroecuador. In this episode, Michael Volkov reviews the Gunvor FCPA settlement. Gunvor's recent $661 million FCPA settlement with DOJ for bribery in Ecuador signifies a return to aggressive enforcement. The plea agreement and forfeiture highlight the consequences of anti-corruption violations for global companies.Prior individual enforcement actions preceded Gunvor's corporate resolution, showcasing a pattern in FCPA cases. The company's cooperation, including document production and internal investigation, played a crucial role in the resolution.Gunvor's implementation of remedial measures post-bribery scheme reflects a commitment to compliance. Enhancements to ethics programs and controls demonstrate a proactive approach to mitigating risks and ensuring regulatory compliance.The bribery scheme involving corrupt third parties and shell companies underscores the importance of robust monitoring and due diligence. Gunvor's delayed response to red flags highlights the need for swift action in high-risk activities.Gunvor's cooperation with the investigation, including sharing facts and facilitating interviews, showcases a commitment to transparency and accountability. Collaboration with authorities is essential in resolving compliance issues and maintaining credibility. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

Whatever the cause, criminal sanctions enforcement will be an interesting area in 2024. The DOJ's planned aggressive push against companies and individuals for sanctions violations is about to be unleashed. There is no question that DOJ's enforcement initiative is coming—it is just a question of when. We have already seen several examples of what aggressive sanctions enforcement will look like -- as the new "FCPA," we can expect several standard elements: Large Penalties -- multi hundreds of millions, even reaching billions in more egregious cases.Reward for Voluntary DisclosuresCriminal Indictments, Deferred or Non-Prosecution AgreementsIndependent Compliance MonitorsParallel Regulatory Resolutions with OFAC, BIS, and or DDTCEnhanced Compliance Remediation RequirementsIndividual Criminal Enforcement In this episode, Michael Volkov reviews the soon-to-arrive sanctions enforcement regime, and steps companies should take to protect against enforcement actions. Hear him discuss: The Department of Justice (DOJ) is signaling a shift towards aggressive corporate sanctions and export control enforcement, particularly focusing on national security issues like sanctions and export controls. Recent cases, such as the British-American Tobacco and SAP cases, serve as examples of how the DOJ's sanctions-focused enforcement strategy is likely to unfold, including potential penalties and consequences that companies may face.Companies are facing risks from various sources in the realm of sanctions and export control enforcement, including regulatory referrals from agencies like OFAC, BIS, and DDTC, as well as international intelligence relationships and whistleblowers.Seagate's blatant violation of Huawei export controls could be a significant indicator of the DOJ's enforcement initiative in the sanctions arena. This case demonstrates the potential consequences of willful violations and the importance of compliance with export control regulations.Common deficiencies in sanctions compliance programs, including corporate boards' lack of understanding, failure to address third-party risks, inadequate supply chain audits, weak internal controls, and insufficient training, highlight areas where companies need to improve to ensure compliance with sanctions regulations. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

Companies have a vested interest in preserving internal communications for a variety of reasons -- to hold actors accountable and to protect the organization from potential private and government claims or investigations that may have serious direct or collateral consequences. Companies that want to use ephemeral messaging systems can do so, but they have to understand the risks involved and tailor appropriate controls and procedures to avoid potential damage. DOJ's Evaluation of Corporate Compliance Programs ("ECCP") released in March 2023 authorized companies to use ephemeral messaging but emphasized several important risk considerations and controls needed to preserve robust record-keeping requirements. DOJ's ECCP identifies three significant areas for consideration: employee use of personal devices, availability of communications platforms (e.g., Jabber, Slack, Teams, Google, Zoom), and messaging applications, including ephemeral messaging. DOJ's ECCP noted that a company's policies governing messaging applications "should be tailored to the corporation's risk profile and specific business needs and ensure that, as appropriate and to the greatest extent possible, business-related electronic data and communications are accessible and amenable to preservation by the company.") In this podcast, Michael Volkov and Eddie Green, CEO of SnippetSentry, discuss current communications preservation requirements and technical solutions to meet them. You’ll hear them discuss: Companies are rapidly embracing and elevating the importance of robust ethics and compliance programs to promote positive corporate citizenship. This shift reflects a growing awareness of the significance of ethical practices in today's business landscape.Eddie discusses the significance of preserving communications data in today's business landscape, given the evolving nature of communication technologies and the need for proactive data preservation strategies.SnippetSentry's service allows users to seamlessly connect their phones to ensure all texts are archived without altering their day-to-day operations, allowing integration of compliance measures seamlessly into existing workflows.The evolution of email preservation serves as a blueprint for understanding the importance of preserving text messages in modern business communication. Reflecting on past practices can provide valuable lessons for adapting to the changing landscape of communication data preservation.Compliance mandates, such as those set by the SEC, emphasize the necessity of preserving text records to ensure regulatory adherence and mitigate risks, underscoring the critical role of data preservation in maintaining transparency and accountability in business operations.The collaboration between compliance, IT, and information security professionals is crucial in developing policies and procedures to safeguard data and mitigate communication risks.Financial institutions and other industries are increasingly adopting sophisticated data preservation strategies to protect intellectual property and ensure regulatory compliance. This proactive stance reflects a growing recognition of the importance of data security and compliance in safeguarding business interests. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group Eddie Green on LinkedIn | SnippetSentry

In this special episode of Corruption, Crime, and Compliance, Michael Volkov joins colleague and long-time friend Tom Fox as they delve into the intricacies of recent FCPA enforcement actions, shedding light on the evolving landscape of corporate compliance. From the ABB case to the SAP settlement, Michael and Tom dissect the nuances of voluntary disclosure, extensive remediation, and the shifting priorities of the Department of Justice. Join them as they navigate the complexities of recidivism, cooperation, and the pivotal role of self-disclosure in today's compliance environment. You’ll hear them discuss: The Department of Justice (DOJ) faced a challenging situation with ABB, a three-time FCPA recidivist, raising questions about their enforcement actions and policies.ABB's case highlighted the importance of voluntary disclosure, extensive cooperation, and remediation in mitigating penalties and demonstrating commitment to compliance.The shift in DOJ's approach towards recidivism and self-disclosure signaled a new emphasis on data-driven compliance and the use of evidence to support remediation efforts.Albemarle and SAP cases showcased the significance of data-driven compliance programs and proactive measures to address compliance deficiencies.DOJ's focus on self-disclosure as a key factor in enforcement actions underscores the importance of transparency, cooperation, and timely reporting in compliance efforts.The evolution of DOJ's policies and enforcement strategies in 2023 reflected a balance between tough enforcement on recidivism and incentivizing self-disclosure through reduced penalties.The role of voluntary disclosure, remediation, and cooperation is critical in navigating FCPA enforcement actions and achieving favorable outcomes with the DOJ. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group Tom Fox on LinkedIn Compliance Podcast Network

Christian Focacci is a leader in the artificial intelligence world and harnesses the capabilities for risk management. He is the founder and CEO of Threat.Digital, which has launched a new product DiligenAI. Threat.Digital is leveraging large language models and real-time data feeds to empower organizations to identify risk information confidently and efficiently, setting a new standard in risk intelligence. Mike and Christian discuss AI and its use in compliance third-party risk management. You'll hear them discuss: AI should be viewed as a tool to enhance decision-making processes rather than a replacement for human judgment. It highlights the importance of leveraging AI to process vast amounts of data efficiently.Organizations must strike a balance between recognizing the risks associated with AI, such as generative AI, and harnessing its potential benefits to improve productivity and decision-making within organizations.Advancements in language models, particularly large language models like Chat GPT, have revolutionized the processing and understanding of unstructured text data, enabling more accurate and context-aware analysis.Companies can use AI to significantly enhance due diligence processes, risk assessment, and compliance efforts by efficiently summarizing and analyzing vast amounts of information to support decision-making.The use of AI in due diligence and compliance is a tool meant to empower human decision-makers by providing them with comprehensive and distilled information, allowing them to focus on critical analysis and decision-making rather than mundane tasks.One major strength of AI, particularly large language models, is to improve monitoring processes by reducing false positives and providing real-time alerts based on predefined criteria, enabling more efficient risk identification and management.AI has a bright future, including the expansion of context windows in language models, the rise of open-source models, and the potential for running AI models on personal devices, indicating a shift towards decentralized and accessible AI technology. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group Christian Focacci on LinkedIn | Threat.Digital

On December 31, 2021, President Joseph R. Biden, Jr. signed the the Uyghur Forced Labor Prevention Act (“UFLPA”) into law to address the ongoing exploitation of the ethnic minority Uyghur population by the government of the People’s Republic of China (“PRC”). Among other things, the UFLPA creates a rebuttable presumption that all goods, wares, articles, and merchandise mined, produced, or manufactured wholly or in part in Xinjiang, or by entities designated for inclusion on the UFLPA Entity List, are prohibited from entry into the United States. To overcome the presumption, entities are required to demonstrate, by “clear and convincing evidence,” that such imports were not mined, produced, or manufactured in whole or in part by forced labor. In this episode, Mike and Alex discuss practical steps to comply with the UFLPA. The Uyghur Forced Labor Prevention Act, enacted by Congress, establishes a presumption that goods from Xinjiang are tied to forced labor. Importers must prove otherwise by providing extensive documentation, such as invoices, packing slips, and billing information, to demonstrate the origin of the goods and ensure compliance with the law.The UFLPA has led to a significant increase in enforcement by CBP, resulting in the detention of billions of dollars worth of commodities. This heightened scrutiny has prompted global companies to prioritize robust ethics and compliance programs to mitigate legal and economic risks associated with forced labor.Compliance with the UFLPA requires importers of record to furnish CBP with clear and convincing evidence that their goods were not produced using forced labor. This evidence includes supply chain tracing information, wage and payment records, credible audits, and attestations from every entity involved in the production process.Chinese entities have been known to employ deceptive practices to avoid detection and documentation requirements. This includes creating separate companies outside the Uyghur area and providing misleading information to purchasers. Due diligence and thorough investigation of beneficial ownership are crucial to ensure compliance.CBP's operational guidance for importers, published in 2022, provides essential information on navigating the complexities of the UFLPA. Importers should familiarize themselves with this guidance and engage in one-on-one discussions with their suppliers to communicate expectations and ensure compliance.The UFLPA places a significant burden on organizations relying on imports from China, as they must provide extensive documentation and meet the clear and convincing evidence standard. Failure to meet these requirements can result in the detention of goods, leading to supply chain disruptions and potential financial losses.Clear Channel, the former Chinese subsidiary of Clear Media, faced charges related to bribery violations. The bribes included expensive gifts, entertainment, and travel given to influence contract renewal negotiations with Chinese government officials. Clear Media engaged in deceptive practices, including falsifying payments and creating false invoices, to fund these illegal payments. Resources Alex Cotoia on LinkedIn | Email Michael Volkov on LinkedIn | Twitter The Volkov Law Group

Gabrielle Griffith, Director BPE Global, is an expert in trade compliance issues. Gabrielle assists clients in implementing effective trade compliance programs by addressing improvements within organizations’ people, processes, and systems. In the area of U.S. export controls, she advises clients on compliance with the International Traffic in Arms Regulations, the U.S. Export Administration Regulations, and the various embargo and sanctions programs administered by the Office of Foreign Asset Controls. On import compliance matters, she advises on classification, country of origin, special duty programs such as USMCA, focused assessments, C-TPAT, antidumping/countervailing duty as well as Section 232 and 301 matters. Gabrielle joins Michael to discuss current trade compliance trends and expectations for 2024. The increase in national security risk has heightened the need for creative thinking to identify potential threats that may not be designated within regulations. This means that companies must go beyond traditional compliance measures and think outside the box to proactively address emerging risks to national security.Global companies are facing unprecedented risks and challenges in today's economy, leading to a greater emphasis on robust ethics and compliance programs. These programs are essential for promoting positive corporate citizenship and mitigating legal and economic risks associated with corruption and crime.Trade compliance is no longer a silo within a compliance department but must be integrated into the entire operation of a company. This means that trade compliance considerations should be incorporated into all aspects of a company's business processes, from product development to supply chain management.The Department of Justice is ramping up efforts to prosecute companies for trade compliance violations, particularly in relation to national security. This increased focus on enforcement means that companies need to be proactive in ensuring compliance with export control regulations and other trade compliance requirements.Over-controlling trade compliance can hinder business operations while under-controlling can lead to violations. Finding the right balance is crucial. Companies should strive to implement effective trade compliance measures that align with their specific business needs, avoiding unnecessary restrictions while still ensuring compliance with applicable regulations.The government should collaborate more with industry consultants to bridge the gap between enforcement agencies and companies, ensuring effective communication and guidance. This collaboration can help companies navigate the complex landscape of trade compliance and provide valuable insights to regulators on emerging technologies and industry practices. Resources Michael Volkov on LinkedIn | X(Twitter) The Volkov Law Group Gabrielle Griffith on LinkedIn BPE Global

The Justice Department and the Office of Foreign Assets Control had a big year in 2023. Criminal and civil enforcement continue to increase. The DOJ has warned corporations that aggressive sanctions enforcement actions are coming -- to that end, the DOJ assigned 25 new prosecutors to the National Security Division to execute on its promise. Meanwhile, OFAC had a record year in collecting $1.539 billion in penalties, largely the result of two blockbuster settlements -- British American Tobacco and Binance, the cryptocurrency exchange. It's important for companies to ensure they have U.S. expertise to effectively address potential violations of U.S. sanctions laws, as unfamiliarity with these laws can hinder prompt identification and response. Having a strong compliance program based in the United States is a valuable lesson learned from OFAC.Global companies are facing unprecedented risks and challenges in today's economy, leading them to prioritize robust ethics and compliance programs. These programs play a crucial role in promoting positive corporate citizenship and mitigating legal and economic risks.In 2023, there was a significant increase in sanctions enforcement by the DOJ and OFAC, with plans for even more aggressive actions in the future. With 17 enforcement cases and $1.5 billion in penalties, it is evident that compliance areas such as third parties and internal controls are of utmost importance.Various countries, including Russia, Cuba, and Iran, continue to be the focus of global sanction schemes. While Venezuela's sanctions were temporarily relaxed, companies must stay vigilant and monitor the upcoming election. The British American Tobacco case, with its $629 million settlement, serves as a model for future enforcement actions.The Binance case, involving a $4.3 billion settlement, shed light on criminal violations in the cryptocurrency industry. This highlights the critical importance of compliance in this rapidly evolving sector. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

For the Justice Department and the SEC, 2023 was a slow year in FCPA enforcement. Despite promises of aggressive enforcement, DOJ and the SEC failed to achieve increases in FCPA enforcement. DOJ and the SEC issued no blockbuster enforcement actions or settlements. The SEC's number of enforcement actions was steady and eclipsed its 2022 number by one. Equally significant was DOJ's reduction in individual criminal prosecutions, thereby raising legitimate questions as to its ability to deliver on its promise of aggressive enforcement against individual FCPA violators. Despite a slower enforcement year, DOJ dedicated significant resources to issuance of new policy statements encouraging voluntary disclosures, incentivizing clawbacks, elevating compliance programs and offering new safe harbors for mergers and acquisitions. In this episode, Michael Volkov reviews FCPA enforcement in 2023 and outlines new compliance trends in the anti-corruption field. Clear Channel's former Chinese subsidiary, Clear Media, was charged with bribery violations involving expensive gifts, entertainment, and travel given to influence contract renewal negotiations with Chinese government officials.Clear Media engaged in deceptive practices, such as falsely documenting payments to cleaning and maintenance companies to fund illegal payments. They used oral agreements, omitted gift recipients, and created false invoices and tax records to disguise payments through shell company intermediaries.Senior executive complicity was another trend observed in the cases discussed. In some instances, senior executives were aware of the bribery schemes but either turned a blind eye or actively participated in the misconduct.Internal audits conducted from 2012 to 2017 identified deficiencies, red flags, and indicators of bribery within Clear Channel. However, the company failed to take aggressive remedial actions to address these issues.Clear Media resisted internal auditors and even provided false information, hindering the detection and resolution of bribery-related problems.Despite these challenges, Clear Channel cooperated extensively with the investigation. They promptly shared relevant facts, produced necessary documents, and facilitated interviews with current and former employees. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

Bribery is rampant in many countries around the world, and in this episode of Corruption, Crime, and Compliance, we take a look at a recent FCPA case involving SAP, a global software company. SAP’s violations spanned multiple countries, including South Africa and Indonesia, and resulted in prosecution and a hefty $220 million dollar penalty. However, many people were baffled with the resolution of this case. The DOJ lacked aggressiveness and failed to impose an independent compliance monitor. Join the host, Michael Volkov, as he analyzes the intricacies of this case and the implications for FCPA enforcement in the coming years. The SAP is a recidivist company, but DOJ’s enforcement action against them did not seem to take that into account when holding them accountable for instances of bribery that spanned the globe.As the DOJ seemed to take a step back, the SEC made an aggressive push to hold companies accountable for violating internal controls, which is what happened in the SAP case.SAP's repeated failure to follow internal control requirements governing third parties serves as a cautionary tale for companies to ensure that their procedures are not only in place but also actively implemented and monitored.Clear Channel's former Chinese subsidiary, Clear Media, engaged in deceptive practices to fund illegal payments, including creating false invoices and tax records, but even after internal audits, Clear Channel failed to take aggressive remedial actions.Clear Channel demonstrated a clear commitment to addressing the issues in the investigation that followed, highlighting the importance of cooperation, as it can lead to more favorable outcomes and potentially mitigate the severity of penalties imposed. KEY QUOTES "DOJ is turning its focus and pulling back on FCPA enforcement." - Michael Volkov "The SAP resolution, which totals only $220 million, was far below the amount that a recidivist should have paid for its global bribery operations stretching into multiple countries." - Michael Volkov "The SEC's approach demonstrates a more aggressive application of internal control enforcement." - Michael Volkov "If a company is going to craft these internal controls, the company has to enforce those controls or face serious enforcement risks." - Speaker: Michael Volkov Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

How do you manage risk when the vulnerabilities are outside your organization’t in your hands? In this episode of Corruption, Crime, and Compliance, we delve into the world of third-party risk management with our guest, Natalie Druckmann, from Certa. As we discuss the regulatory landscape in EMEA and the US, Natalie highlights the higher regulatory burden faced by companies in EMEA, and how Certa uses AI to streamline workflows, provide intuitive data visualization, and enhance risk forecasting capabilities. AI is the future of third-party risk management, now and in the future.  Cybersecurity has become one of the top concerns for organizations. In 2012, Target worked with a third-party vendor and, as a result, suffered an attack that exposed their customers’ credit data. Since then, compliance departments have started working closely with IT to prevent such vulnerabilities. Unlike the US, EU companies don’t benefit from gaps created between state and federal regulations. EMEA faces a mandatory and substantial regulatory burden, particularly in areas like ESG and compliance. A forced labor scandal can sink a company, so ESG’s importance is on par with cyber security.Global companies are increasingly recognizing the importance of addressing ESG topics alongside cybersecurity and financial risks. ESG considerations, such as diversity, modern slavery, and gender pay gaps, have significant reputational and revenue impacts.AI is changing the world in many ways, including compliance. Certa aims to provide a comprehensive solution for third-party risk management, compliance, and operational risks by streamlining processes and incorporating AI capabilities to enhance efficiency and effectiveness.Certa utilizes various AI capabilities, including design AI, which allows users to create workflows using plain language. They don’t need to know anything about tech; they can simply dictate the process, and AI generates the necessary code and infrastructure for it. This allows the company to remain flexible and able to quickly adapt to change.Insights AI is another capability that collects and analyzes data, making it far more accessible and efficient in managing up-to-the-minute risks and developments. This technology also uses design AI, allowing for plain language inputs to immediately create actionable, detailed reports.Recall AI allows companies to guarantee rapid and consistent responses from suppliers and customers by recalling past interactions to create surveys, forms, workflows, and processes. This removes the back-and-forth burden on all parties while still retaining the human touch.Smaller and midsize companies should prioritize their risk management processes and consider automated solutions like Certa. These companies can benefit from the efficiency and effectiveness of an automated platform, regardless of their industry or size. KEY QUOTE “I think there is a very strong drive here for companies and stakeholders, not just to do the right thing… but doing the good thing as well.” - Natalie Druckman Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group Natalie Druckman on LinkedIn Certa Email Natalie: nat@certa.ai

In this week's episode of Corruption, Crime, and Compliance, we usher in the New Year with a deep dive into something that happened in November of last year. As we begin 2024, it's crucial to reflect on the substantial shifts in the healthcare industry's compliance framework. The HHS Office of Inspector General's Comprehensive Compliance Guidance, released late last year, has set a new standard for healthcare companies, reinforcing the importance of an independent compliance function and outlining a robust framework for effective compliance programs. Michael Volkov meticulously dissects the seven key elements of this groundbreaking guidance, emphasizing its relevance not just in healthcare, but across the spectrum of compliance practices. You’ll hear Micheal discuss: The HHS Office of Inspector General issued the Comprehensive Compliance Guidance (GCPG) in November 2023, a significant document for the healthcare industry, emphasizing the need for independent and robust compliance programs.The guidance is structured around seven core elements: written policies and procedures, effective compliance leadership, training, open lines of communication, enforcing standards, risk assessment, and responsive corrective action for detected offenses.The role of a Chief Compliance Officer is critical, and they should:Report directly to the CEO or have independent access to the board,Have sufficient stature within the entity equal to other leaders,Demonstrate unimpeachable integrity, judgment, assertiveness and approachable demeanor, andHave sufficient funding, resources and staff to operate the program. Emphasizing the separation of legal and compliance functions, the GCPG recommends that compliance officers focus solely on compliance, avoiding roles in legal or financial departments.The GCPG advises the establishment of a compliance committee, meeting quarterly, with responsibilities spanning legal regulation analysis, policy review, training effectiveness, and annual risk assessment.The CEO should include a signed introduction in the code of conduct. The board should include a signed endorsement or similar written statement to support the compliance commitment, and entities should review their codes when a new CEO is hired.Clear communication and board oversight is crucial, and they should be well-informed about compliance programs, and ensure that the compliance officer has sufficient access to them.How compliance officers and boards should respond when compliance concerns are reported or discovered, and focus on the root causes of the misconduct to prevent recurrence. Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

What is the cost of ignoring compliance? For the world’s largest cryptocurrency exchange, it’s $4.3 billion dollars. In this episode of Corruption, Crime and Compliance, Michael Volkov and his guest, Matt Stankiewicz, delve into one of the most significant financial crime prosecutions in the history of the Justice Department: Binance Holdings. Under the direction of its CEO, Changpeng Zhao, Binance blatantly disregarded compliance, had no AML programs, and willfully put growth over regulations. Now, they must pay out a settlement split among various agencies, including the DOJ, OFAC, FinCEN, and CFTC. In addition to the settlement, Binance has destroyed their reputation at a time when customers are demanding companies they can trust. Matt Stankiewicz is a compliance consultant, and currently a partner at The Volkov Law Group, specializing in anti-bribery, corruptions controls, and compliance programs. He previously served as a member of the Ethics and Compliance Monitoring Team, appointed by the DOJ and EPA, and his casework has included global audits of Fortune 100 companies, sanction violations investigations, risk-assessment for third party distributors, and much more. You’ll hear Michael and Matt discuss: Cryptocurrency companies allow customers to exchange government-backed currency for cryptocurrency, such as Bitcoin. Several major crypto companies, including FTX, Celsius, and BlockFi, have faced bankruptcy and legal issues due to non-compliance and shady practices, resulting in customers losing money.Binance, the world's largest cryptocurrency exchange, recently settled with multiple agencies in the Justice Department for over $4 billion, with penalties split between forfeiture and criminal fines.As part of the agreement, Binance’s main exchange is barred from operating in the US market, which accounts for a third of their revenue, and they also face increased scrutiny by two separate compliance monitors over the next several years.Their circumvention of laws and regulations include violations of the Bank Secrecy Act, failure to register as a money transmitting business, and multiple sanctions transgressions.Binance's founder and CEO, Changpeng Zhao (CZ), pled guilty to his own set of similar charges, including a failure to maintain an effective AML program, and is facing a multi-million penalty and a potential prison sentence of up to 18 months.Binance was established in China, but regularly moved their headquarters from country to country to avoid regulations. Their lack of compliance was driven from the top, with senior leadership actively prioritizing growth over compliance.Binance created its US-based exchange as “window dressing” to avoid regulations, and the customer service department assisted its customers in circumventing its own compliance controls, like using a VPN to get past IP blocking technology.Though Binance is large enough to continue operating despite the fines, this settlement has sent a strong message to the crypto industry about the importance of reputation, compliance, and customer trust.The cryptocurrency industry is currently lacking a “culture of compliance,” but it has reached an inflection point where lawlessness and shady practices are no longer acceptable. In addition to regulators cracking down on them, customers are also applying pressure for these companies to reform.The use of blockchain technology in the crypto industry provides unique tools for transaction monitoring and tracking funds, which can help ensure compliance with AML regulations and detect suspicious activities.Rogue countries like North Korea are experts in leveraging cryptocurrency in a way that threatens US National Security, so the DOJ must become more adept in investigating and taking action against those that violate US law. Resources Matt Stankiewicz on LinkedIn | X (Twitter) Michael Volkov on LinkedIn | X (Twitter) The Volkov Law Group

How can we build a culture that motivates people to do the right thing? In this episode of Corruption, Crime and Compliance, Michael Volkov and guest Steve Naughton, explore crucial questions about fostering ethical cultures within companies and practical steps compliance leaders can take to transform performance. Steve shares insights from his journey, detailing the evolution of compliance leadership roles and offering a glimpse into PepsiCo's growth in this area during his tenure as Chief Compliance Officer. For those considering careers in compliance, he emphasizes that expertise in this field can be developed without a law degree. Steve Naughton currently oversees Compliance and Enterprise Risk Management programs at Loyola University Law School. He previously served as Pepsi's Chief Compliance Officer, guiding the growth of their compliance program over 8 years. He is passionate about making sure compliance functions can work independently. You’ll hear Michael and Steve discuss: Steve began his career at major law firms before going in-house to manage litigation and M&A deals during pivotal moments at Quaker Oats and Snapple.PepsiCo’s iconic GC Larry Thompson asked Steve to build a new compliance program starting with just 3 people. Over 8 years, Steve grew Pepsi’s program from 3 to over 40 employees with global reach.Larry saw compliance as preventative and empowered Steve with independent reporting to the Board. Steve remarks, “[Larry] viewed [compliance] as much more preventative than reactionary … his take on compliance has always been, to the extent that we can prevent something or to the extent that as soon as we detect it, we'll go in and check it out instead of waiting till everything was fully investigated.”Pepsi has been on the World's Most Ethical Companies list for 15 years in a row, showcasing its success in following ethical practices.Pepsi has never faced serious enforcement actions, and this is attributed to turning ethical practices into a value-add for the business.Not every company has the resources or leadership seen at Pepsi, making it challenging to bring others along in the compliance profession.Steve emphasizes the importance of a risk-based approach in compliance and recommends developing a strategic five-year plan to address top risks progressively.He encourages companies to be disciplined and follow a plan, citing the Department of Justice's emphasis on showing work prospectively, not retroactively, to defend actions and maintain a strategic plan.Michael and Steve discuss the challenges of implementing change in compliance programs, emphasizing the importance of building a team and garnering support from other functions.They recommend a realistic 3 to 5 year timeframe for implementing changes.Cultures where people feel safe speaking up are foundational to compliance. This can aid in preventing and addressing ethical lapses and compliance challenges.Steve cites examples from Wells Fargo, Volkswagen, General Motors, and Boeing. In these organizations, where you would expect people to be skilled and ethical, employees often didn't speak up. This was because they thought their concerns wouldn't be listened to, or the culture didn't encourage open communication.Compliance is not just about following rules; it's about changing the culture in companies. We need to think differently and work towards making a culture where doing the right thing is not just accepted but encouraged. Steve runs a highly respected compliance curriculum at Loyola University which has prepared many future Chief Compliance Officers. However, compliance expertise doesn’t strictly require legal training. Resources Steve Naughton on LinkedIn | Loyola School of Law | Email Michael Volkov on LinkedIn | Twitter The Volkov Law Group

In the 300th episode of Crime, Corruption and Compliance, Michael Volkov examines the recent FCPA settlements with two major UK reinsurance brokers - Tysers and H.W. Wood - for their involvement in a bribery scheme in Ecuador. The DOJ took an unorthodox approach by going after individual people before the companies. This helped them get cooperation and gather evidence, resulting in over $36 million in fines and forfeited money. However, it also highlights common issues in FCPA cases, such as a lack of supervision and effective controls that let corruption happen. You’ll hear Michael discuss: The settlements with Tysers ($36M fine + $10.5M forfeiture) and Wood ($508K fine + $2.3M forfeiture) resolve a multi-year FCPA investigation in Ecuador.Several individuals were prosecuted first, including the chairman of two state-owned Ecuadorian insurance firms who pleaded guilty in 2020. This allowed the DOJ to build up cooperators and evidence. A third-party intermediary played an instrumental role, serving as the "glue" that coordinated all aspects of the scheme in exchange for significant profits.Neither Tysers nor Wood voluntarily disclosed. Tysers received a 25% discount for cooperation and remediation; Wood's fine was reduced to $508K based on inability to pay. The intermediary demanded a large split of commissions to funnel payments to officials, which Tysers and Wood accepted, triggering disputes among Tysers' own employees. The parties used coded language and fake investment contracts to disguise corrupt payments to officials' offshore accounts.The lack of financial controls and oversight of third-party payment allocations enabled suspicious activity to occur unchecked. Massive "commissions" paid to intermediaries raised obvious red flags that went unheeded.Going after individuals first and securing a declination for one company yielded major penalties for Tysers and Wood, proving the DOJ's strategy highly effective.The facts underscore the need for vigorous third-party due diligence and monitoring controls to detect and halt potential corruption. KEY QUOTES “DOJ has had a slow year in FCPA enforcement. Everybody knows that we may see a few more coming in the next few weeks before the end of the year…” - Michael Volkov “Unlike most third party FCPA cases, where a third party may be enlisted to further a bribery scheme by funneling payments directly to a foreign official, the intermediary in the Tysers and Wood cases played an instrumental role in arranging, managing and overseeing the bribery payments and overall scheme. The intermediary company truly operated as the glue that put together a large bribery operation from which it earned significant profits.” - Michael Volkov “...the timing of the corporate individual resolutions is certainly a unique pattern for DOJ to execute on and certainly raises the prospect that we may see other cases where individuals get prosecuted first and then you see a corporate resolution coming towards the end. So DOJ clearly here built up a reservoir of cooperators and information and intelligence that resulted in them being able to impose significant penalties against Tysers and Wood.” - Michael Volkov Resources Michael Volkov on LinkedIn | Twitter The Volkov Law Group

Bobby Butler joins Michael Volkov on this episode of Corruption, Crime and Compliance, to explore the evolution of compliance over 20 years. While enforcement actions sparked major progress, Bobby contends compliance is moving firmly into the realm of competitive advantage and performance multiplier. Millennials and younger generations ‘vote with their feet’, demanding ethical cultures, so compliance may increasingly drive talent retention as well. Bobby Butler has over 20 years of experience building world-class ethics and compliance programs. In his early career, he investigated export control issues and quickly became passionate about compliance. Known for his persistence and commitment to finding solutions, he is a pioneer who helped elevate compliance from an ad hoc function to a strategic asset. You’ll hear Michael and Bobby discuss: In the early 2000s, compliance programs were sparked by reactions to major DOJ enforcements rather than proactive investments. Companies finally dedicated ample resources when faced with "shock and awe" consequences.Bobby got his start investigating export controls issues at Conoco after unlawful server exports to Syria. He quickly became passionate about trade compliance and then FCPA compliance during the explosion of enforcements in the mid-2000s.Working at ground zero compliance teams at Vetco and Baker Hughes during monitorships gave Bobby deep experience with elements of gold standard compliance programs long before codified evaluation criteria.Bobby argues justifying significant resources without an enforcement action catalyst remains extremely challenging. Compliance fights for a seat at the table and has to insert compliance considerations into business meetings. Persistence and consistency in messaging are critical for credibility and influence as a compliance officer. Strong yet flexible personalities tend to thrive compared to introverts.Compliance has to focus on finding creative solutions to enable opportunities: frame compliance as a competitive advantage and performance multiplier.Tactics Bobby used to persuade executives include tying bonuses to compliance training completion, positioning compliance in sales materials and constant insertion into business meetings.The compliance skill set has grown into a dedicated career path with specialized education channels, not just a secondary legal role. Bobby sees government enforcements continuing to increase given complex technologies and geopolitics. KEY QUOTES “...we have to find ways for the business to grow. We've got to be sitting there at the table with them thinking of solutions. The more brain power you put at problem solving and doing it in a compliant way, that's how you build trust with people.” - Bobby Butler “And every day that goes by, when there's not a compliance issue and you can certify that controls have passed and the elements are there and you have outside counsel come in and do an assessment of your program and you continuously improve and each day goes by and you don't have an issue. Well, there's another positive impact to the investment and the return on shareholder value and more importantly, the company brand.” - Bobby Butler “...we're out there preaching the good news that compliance can be a good thing. Because at the end of the day, when the company does get in trouble, compliance sets policy, sets voluntary boundaries where the law sets mandatory boundaries.” - Bobby Butler Resources Bobby Butler on LinkedIn