Whistle-blowers: Best Practices for Managing their Expectations and Experiences

Whistle-blowers: Best Practices for Managing their Expectations and Experiences

“If we could sum up all the causes of hurt, pain, and hatred in one word, it would be expectations.”  - Ancient Proverb

Imagine the courage it must take to blow the whistle on unethical activity at your job.  Whistle-blowers experience fear of being fired, being found out, retaliated again, and losing their reputation, while wrestling with the desire to do the right thing.  But once whistle-blowers have made their report, they’re often disappointed and disillusioned.  This is frequently compliance’s fault.

What Happened?

Surveys and academic research shows that the vast majority of whistle-blowers report internally before reporting to regulators or the media. One survey found that 90% of whistle-blowers reported internally before filing qui tam lawsuits.  Why did they report outside?  One of the major reasons was their perception that nothing was done about their report.

Managing Expectations…

Read More

In Praise of YOU!

In Praise of YOU!

“Self-esteem literally means what YOU think of YOU, not what other people think of you, or it would be called other esteem or their esteem,” noted author and therapist Marisa Peer.  In her book, #IamEnough, the author encourages all of us to give ourselves the praise that we need an deserve. Her reasoning is sound: “Praising yourself is simply improving your internal dialogue so you can reap the benefits that receiving praise brings – even if you’re the only one giving it.” 

Many of us struggle with the feeling that no one appreciates us or pays attention to what we do.  Author Peer states that our mind responds to praise from whatever source it comes from – whether external or internal.  You can choose to celebrate all that is good about you and your performance without being egotistical or narcissistic.  Here are three ways to do it…

Read More

Your Step-by-Step Guide to Developing a Risk-Based Due Diligence Process

Your Step-by-Step Guide to Developing a Risk-Based Due Diligence Process

This is a guest post by Ramsey Kazem, East Coast Vice President, Spark Compliance Consulting.  He can be reached at rkazem@sparkcompliance.com.

Last spring, the Department of Justice issued a guidance document, which outlines the specific factors prosecutors consider in evaluating a company’s compliance program and deciding whether to bring charges, negotiating plea agreements, or offering leniency in assessing penalties.  The guidance makes clear that a “well designed compliance program should apply risk-based due diligence to [a company’s] third-party relationships.”  That is, a company must have a process in place to perform an appropriate level of due diligence before engaging a new third-party.  This process must be current, effective, and risk-based.

While the expectation is clear, the process by which a company meets this expectation is not as straightforward.  As with most things in compliance, there is no one-size-fits-all solution to satisfying this standard.  Indeed, a company must develop an approach to third-party due diligence that fits the company’s size, structure, industry, geographical presence, and risk profile.     

So how does a company go-about designing a third-party due diligence process that will meet the expectations described in the DOJ’s guidance document?  In this two-part series, we will share some guidelines and best practices for undertaking this effort.  In this part I of the series, we will discuss how to define the scope of a third-party due diligence program.  In part II, we will explain how to develop a risk-based process to effectively screen the in-scope third-parties for compliance-related risks.

Defining the Scope of a Third-Party Due Diligence Program

The first step in designing a third-party due diligence program is to define the scope of the program…

Read More

Budget Season: Your Ultimate Checklist to Get What You Need

Budget Season: Your Ultimate Checklist to Get What You Need

It’s the most wonderful time of the year… no, not the holidays – Budget Season! It’s the time we cry and fight and claw our way into next year, making the case for what we need.  Sometimes you know exactly what is called for, but other years it can be difficult to know what to request.  No need to worry, we’ve got you covered.  Here’s the ultimate checklist to get what you need.

1.     Third-Party Due Diligence Reports

A risk-based approach to due diligence necessitates that higher-risk third-parties receive greater due diligence than lower-risk third-parties.  You need to have budget to request deeper dive reports – whether that means that a human who speaks the local language is performing a deep-dive desktop review, or, for your highest-risk third-parties, an on-the-ground review including reputation checks from various sources.  These reports can get expensive, but having a budget for at least a few will make your program significantly more defensible if there’s an investigation.

2.     Travel/Training Budget

Everyone knows that the most effective training is done in person.  There’s nothing like being on the ground in a high-risk territory to find out what’s really happening.  You can answer questions in real-time during training, and follow-up to ensure that people understood what you were saying.  Asking for a travel budget is critical.  If you can’t get a travel budget, at least try to get budget for an online face-to-face tool like Zoom or Adobe Connect.  Seeing someone’s face is the best way to engage.

3.     A Professional Risk Assessment

The DOJ’s recent Evaluation of Corporate Compliance Programs guidance made it clear: if you don’t have a current risk assessment, you need to make it your priority to get one…

Read More

Three Tiny Action that Will Invigorate Your Conference Experience

Three Tiny Action that Will Invigorate Your Conference Experience

It’s the most exciting time of the compliance year – Conference Season!  Whoo Hoo!  In the Northern hemisphere, summer has ended, and we’re all back to work.  Next week in National City, Maryland, the Society of Corporate Compliance and Ethics has their conference, followed later in the year by Compliance Week’s European conference.  From local conferences like the Health Care Compliance Association’s Nashville conference to technology vendors conferences held by Steele, NAVEX, and Convercent, conference season is in full swing.

Conferences can be exciting but also overwhelming.  The little things you do can make all the difference between successfully enjoying an event and coming back to work with nothing to show for your time.  Here are three tiny actions you can take that will make your experience significantly more rewarding.

Manage Expectations – Look to Pick Up One Great Tip…

Read More