In September, this author attended the 18th annual conference of the SCCE (Society of Corporate Compliance and Ethics). Among the keynote speakers were the Chief Compliance Officer of Volkswagen, Dr. Kurt Michels and Chief Compliance Officer of Oderbrecht S.A., Olga Pontes. Both shared actions they have taken to correct each companies’ violations and the lessons learned in that process, chief among them being: educating the organization, creating compliance ambassadors or compliance champions within the organization, and building relationships across the board within an organization. Below are a few key notes from the sessions attended:
Assess Company Risk:
Periodically focusing on high risk areas
High risk v. low risk
Worst case scenario
What is your company required to do?
Create an Internal Investigations Policy
Have a plan in place to address wrongdoing in the company
Create policy for criminal violations: no one is excluded.
Create matrix to measure what’s being done is working.
Merger and acquisitions
Mitigate Trade Risks
Screen parties, places
Classify items ( what export controls, if any apply)
Document how classification is done
Create a visual map of the movement of goods
When conducting cross border investigations pay attention to local laws, especially employment laws.
Create a culture of compliance
After all is said and done take time to reflect on lessons learned
Set up due diligence process for 3rd parties
Small and midsize businesses are not excluded from having compliance programs
Without compliance there is higher risk of exposure to wrongdoing