In September, this author attended the 18th annual conference of the SCCE (Society of Corporate Compliance and Ethics). Among the keynote speakers were the Chief Compliance Officer of Volkswagen, Dr. Kurt Michels and Chief Compliance Officer of Oderbrecht S.A., Olga Pontes. Both shared actions they have taken to correct each companies’ violations and the lessons learned in that process, chief among them being: educating the organization, creating compliance ambassadors or compliance champions within the organization, and building relationships across the board within an organization. Below are a few key notes from the sessions attended:

• Assess Company Risk:

• Periodically focusing on high risk areas

• High risk v. low risk

• Worst case scenario

• What is your company required to do?

• Create an Internal Investigations Policy

• Have a plan in place to address wrongdoing in the company

• Create policy for criminal violations: no one is excluded.

• Create matrix to measure what’s being done is working.

• Track:

• Donations

• Merger and acquisitions

• Real estate

• Mitigate Trade Risks

• Assess risk

• Screen parties, places

• Classify items ( what export controls, if any apply)

• Document how classification is done

• Create a visual map of the movement of goods

• Multinational companies

• When conducting cross border investigations pay attention to local laws, especially employment laws.

• Create a culture of compliance

• After all is said and done take time to reflect on lessons learned

• Set up due diligence process for 3rd parties

• Small and midsize businesses are not excluded from having compliance programs

• Without compliance there is higher risk of exposure to wrongdoing

#compliance