DEFINITIVE GUIDE TO Ethics And Compliance Programmes

3y ago
787.46 KB
20 Pages
Last View : 7d ago
Last Download : 5m ago
Upload by : Kairi Hasson

DEFINITIVE GUIDE TOEthics andComplianceProgrammesYour essential guide to developing and implementing an effective programme1THE COMPLIANCE GUIDE – INTRODUCTION

ContentsIntroduction: Why Does Ethics And Compliance Matter?Defining Ethics and Compliance4Why Develop an Ethics and Compliance Programme?5The Costs of Non-Compliance7Benefits of a Strong Ethics & Compliance Programme8The Evolution of Ethics and Compliance Management11Plan: Creating An Ethics and Compliance Strategy13Establish the Structure and Reporting Lines14Define the Function’s Scope15Assemble the Right Team16Coordinate the Programme17Develop a Strategy19Implement: Establishing The Ethics and Compliance Programme23Best Practice: The Eight Essential Elements of an Effective Programme24Prevent-Detect-Respond Approach26Tailor Your Programme27The Risk Assessment28The 10 Key Steps of a Robust Ethics and Compliance Risk Assessment29Measure: Monitor, Assess & Improve Programme Effectiveness31Monitoring, Auditing and Measuring32A Story of Effectiveness33Benchmarking Your Programme33ConclusionAbout The AuthorAdditional Resources23THE COMPLIANCE GUIDE – INTRODUCTION343536

Defining Ethics and ComplianceCompliance means adherence to, or conformance with laws or regulations and with an organisation’s standards,policies, and procedures. From a legal perspective, compliance is the way organisations seek to ensure that they, theiremployees and representatives uphold the applicable laws and internal rules in order to prevent harm to themselves, theorganisation, or others. Based on this definition, it is evident that compliance is a form of risk management.INTRODUCTIONModern organisations are expected to go beyond doingthe bare minimum in complying with the law and internalpolicies. This means taking steps to develop and fosteran ethical workplace culture. Ethics forms the foundationof an effective ethics and compliance programmebecause it deals with concepts of right and wrongconduct, and is therefore rooted in "values".» Compliance implies conformity with applicable laws, regulationsand internal standards, policies and procedures.» Ethics are moral principles that control or influence a person’s behaviour1.» Business ethics is the application of ethics to business behaviour2.» Values are core ideas about how people should live and what ends they should seek3.» Integrity is the quality of being honest and having strong moral principles that you refuse to change4.» Ethics and compliance programmes help organisations manage risk, address regulatory complianceand foster an ethical workplace culture5.Ethics and compliance continues to grow in importance fororganisations of all sizes, right across the world, as lawmakersseek to tackle the harmful effects of illegal, corrupt and unethicalbusiness practices. At the same time, people increasinglyexpect the companies they interact with and buy from to reflectresponsible, ethical and sustainable values. In a globalisedeconomy, understanding these issues and the various national andinternational rules relating to them could be the difference betweenan organisation’s success, or failure.1Oxford Online Dictionary2 Institute of Business EthicsInternational Perspectives. 3rd ed., Prentice Hall, 2009, p.153THE COMPLIANCE GUIDE – INTRODUCTIONBy combining the two, organisations can moreeffectively manage risk and address regulatorycompliance requirements.Key definitionsWHY DOES ETHICS AND COMPLIANCEMATTER?3Whether "ethics" precedes "compliance" is a matter ofsemantics, but one thing is clear: an effective ethics andcompliance programme today requires a commitment toethical principles.43C. Fisher and A. Lovell, Business Ethics and Values: Individual, Corporate andCambridge Dictionary of English5NAVEX GlobalTHE COMPLIANCE GUIDE – INTRODUCTION4

Why Develop an Ethicsand Compliance Programme?Contrary to being a “nice to have”, an effective ethics and compliance programme is critical to running a productive,reputable and successful business. Without one, your business could expose itself to significant risk. When articulatingthe "whys" that justify investment in your programme, the following drivers are a good place to begin.Regulatory pressuresCompanies in the same industry and/or operating inthe same regions face similar regulatory pressures. Bymanaging compliance-related risks more effectivelythan their sector peers, it is possible for organisationsto establish competitive advantage. In fact, data fromEthisphere suggests companies that featured on its‘Most Ethical’ list – which rates an organisation’s ethicsand compliance programme among its evaluation criteria- perform better financially than their peers6.Regulations are numerous and complicated. They of coursevary from sector to sector, and across geographies too. Butmodern organisations are expected to comply regardless.Since the Enron scandal of 2001 and the introduction of theSarbanes-Oxley Act (SOX) the following year, the pace andmomentum of regulatory change has increased not justin the US, but at a global level. Commencing with the UKBribery Act (2010), the last decade saw an unprecedentedraft of anti-corruption, modern slavery, whistleblowerprotection and data privacy regulations take effect inEurope, Asia-Pacific and beyond.1993USAForeign CorruptPractices Act(FCPA)FranceLaw Sapin I20022010USAUKSarbanes Oxley UK Bribery ActSpainSpanishCriminal CodeUSADodd-Frank20152016201720182019GermanyGerman Acton CombatingCorruptionFranceLaw Sapin IIArgentinaCriminalLiability StatuteRussiaRussianCriminal CodeItalyBribeDestroyer ActNetherlandsDutchCriminal CodeSouth KoreaImproperSoliticitationand Graft ActMexicoIndiaSaudi ArabiaGeneral Law of Prevention of Anti-Bribery LawAdministration Corruption ActAustraliaResponsibilitiesUAECorporatePeruPenal CodeCrime BillLegislativeChinaDecree onAct18136123Today’s enforcement environment is intense andactive on all fronts. Whether it is a new regulation, newinterpretation or simply greater enforcement of existinglaws, compliance departments must be alert to the realand growing risk of fines and prosecutions.Statistics relating to Foreign Corrupt Practices Act(FCPA) enforcements bear this out. Between 1977 (whenthe FCPA was passed into US law) and 2000, no morethan 10 cases per year were enforced by the relevantenforcement agencies. Since 2001 an average of morethan 30 cases per year have been enforced7. The averagecost of fines has grown too, from 5m in 2015 to over 116m in 20198.At the same time, global regulators are collaboratingmore than ever to enforce regulations. This has resultedin organisations being subject to multiple fines, fromvarious regulators, for the same infringement.The introduction of global anti-bribery and corruption regulations has accelerated in recent years1977Increase in enforcement81021Enforcement agencies around the globe acknowledgethat ethics and compliance programmes are necessaryto help reduce the likelihood of legal violations and toeducate employees about what is expected of them.Effective ethics and compliance programmes (not justthose that “tick the box”) can therefore help organisationsbuild critical legal defences, limit damages and in someinstances avoid criminal prosecution altogether.Higher ethical standardsUp to now, the legal framing of compliance has drivensignificant progress. However, it’s become clear in recentyears that addressing ethics is equally (if not more)important.» Is the programme being applied earnestly andin good faith? In other words, is the programmeadequately resourced and empowered to functioneffectively?No longer can organisations apply a “checkbox”approach to their compliance obligations. To drivemeaningful behavioural change, an ethical culture is seenas essential.9Stakeholder expectationsStandards of corporate behaviour are continuouslyevolving to reflect society’s demand for greateraccountability. The desire to maximise profits is nowbalanced by a need to act in the best interests of notonly shareholders, but of all stakeholders - includingemployees, suppliers, customers, local communities andsociety in general. In other words, everyone who theydirectly or indirectly impact.To remain successful, organisations have a responsibilityto contribute positively to society, in accordance withethical and moral norms. It implies taking an inclusivestakeholder view to build and retain public trust.Increased investor attention on environmental, social,and governance (ESG) issues have prompted complianceteams to contemplate the importance of corporateresponsibility in the context of organisational success.In the wake of public scandals, financial crises andemergencies like the Covid-19 pandemic, it has becomeclear that the way in which companies conduct themselveswill help determine their future societal value. Those thatprotect their employees and prioritise longer term overshort-term shareholder interests are likely to be moreinsulated from external economic and reputational threats.The US Department of Justice (DOJ) “Evaluation ofCorporate Compliance Programs” guidance underlineshow important it is for a company to create and foster aculture of ethics. When assessing the effectivenessof compliance programmes, prosecutors are directedto ask:» How often and how does the company measure itsculture of ethics and compliance?» What steps has the company taken in response to itsmeasurement of the compliance culture?“The Department will continueto work aggressively with our partnersacross the globe to root out corruption.”Brian A. Benczkowski, DOJ Criminal Division.Number of major anti-bribery and corruption regulations65Ethisphere, World’s most ethical companies 2020.THE COMPLIANCE GUIDE – INTRODUCTION7FCPA, 20208Wilkie, Farr & Gallagher, 20209DOJ, Evaluation of Corporate Compliance Programs, June 2020, p2, p.16THE COMPLIANCE GUIDE – INTRODUCTION6

Benefits of a Strong Ethics and Compliance ProgrammeThe Costs of Non-ComplianceBetween 2016 and 2020, four companies were subject tocorruption fines of more than 1bn each. The largest ofthese, which involved a major aerospace manufacturer,totalled more than 3.9 billion and related to foreignbribery charges with authorities in the United States,France and the United Kingdom.While fines and financial penalties might providesufficient motivation to address compliance risk, they mayonly represent a fraction of the overall costs associatedwith non-compliance. Legal and ongoing monitoringcosts, falls in the company share price and lastingreputational damage can often have a far greater impacton the organisation's bottom line.The immediate benefits of a robust ethics andcompliance programme include reducing regulatory,legal and financial risk exposure, while creating significantcompetitive advantage. Longer term, it can significantlyimprove an organisation's capacity to manage compliancerelated risks, meet regulatory expectations and foster anethics-centred culture.Legal defenceNotable recent corruption finesAerospaceCorporationHQ elecomsCompany 4bn 3.5bn 1.78bn 1bnNetherlandsBrazilBrazilSwedenUS, UK, FranceUK, Brazil, SwitzerlandUSUS2020201620182019While legal standards vary, there are common strategiesorganisations can use to build a compliance-baseddefence should they be faced with prosecution orregulatory enforcement. Courts, juries and enforcementagencies are looking to reward organisations that makea substantial, good-faith effort to comply with the lawand encourage their employees to do the same. This canresult in non-prosecution or reduced penalties throughDeferred Prosecution Agreements (DPAs).For example, in 2012 the DOJ declined to prosecutea multinational investment bank when its employeeviolated the FCPA. In explaining its decision, the DOJhighlighted the bank’s efforts to regularly updateits internal policies, provide frequent training for itsemployees and conduct extensive due diligence on allnew business partners.In 2017, a global engineering company earned a 50%DPA discount from the UK’s Serious Fraud Office (SFO),which referenced “the full cooperation” and “improveddue diligence in respect of intermediaries” implementedat the affected organisation.These examples demonstrate how regulatory actionscan be tempered in cases where organisations canshow that they invest in and take self-directed action toaggressively limit their compliance risks.How do you earn a declination ora DPA discount?Have a robust complianceprogramme in placeAn effective ethics and complianceprogramme reduces the risk of prosecutionor regulatory enforcement in the first place.Should the worst happen, its existence willdemonstrate that your organisation has takensteps to mitigate compliance risk.Self-reportVoluntarily disclose the potential violation,all relevant facts and individuals involvedto the prosecutors prior to the threat of agovernment investigation. Timing is critical:if there is an unreasonable delay in reportingan offence to government authorities afterbecoming aware of it, the company maynot receive credit for having an effectiveprogramme in place.Cooperate with the authoritiesPreserve and disclose all evidence, coordinatethe company's internal investigation with theregulator’s investigation, and make relevantindividuals available for interviews. To ensurecooperation is timely and thorough, theorganisation should ensure its complianceofficer retains an open line of communicationwith prosecutors.Acknowledge mistakesDemonstrate timely and appropriateremediation of the violation by discipliningculpable employees and strengthening theethics and compliance programme to preventfurther similar violations.7THE COMPLIANCE GUIDE – INTRODUCTIONTHE COMPLIANCE GUIDE – INTRODUCTION8

A more ethical cultureEngaged workforceHealthier bottom lineReputational valueA strong ethics and compliance programme is tied toimprovements in organisational culture. A programmebuilt around a well-defined code of conduct and alignedto the company's values and risk profile can helparticulate who the organisation is - or aspires to be - andbind stakeholders to that vision.Ethical business practices help cultivate a culture of trust,goodwill, integrity, and compliance.Ethical companies are more successful and typicallyout-perform the competition financially, demonstratingthe connection between good ethical practicesand performance12. A strong ethics and complianceprogramme enhances employee morale and increasesengagement, which positively impacts productivity andcompany performance.Even a single compliance failure can deeply affect thepublic’s trust in an organisation.Not only is a strong focus on ethics likely to reduce thecost of misconduct, but it can also contribute towardsa solid corporate reputation, genuine employeecompliance, robust governance, and increasedprofitability.Many regulations, including those related to briberyand corruption, employment law and privacy, can tracetheir origins to the concept of ethics. These areas ofcompliance resonate with employees’ personal moralsand values, meaning an ethics-based approach tocompliance is likely to be more meaningful to them.Organisational pride and buy-in to an ethical cultureoften radiates beyond the physical barriers of the office.Rather, it extends deeply into employee communities,across the industry and into positive press and regulatoryrelationships. Recognition as an ethical place to worktends to be self-fulfilling by attracting and retaining highquality executives, employees, partners and customers.Employees who are treated fairly have a sense ofgoodwill and organisational trust, which translates into ahappier and more productive workforce.Moreover, establishing a reputation as an ethicalcompany helps earn the trust and loyalty of consumers.This is particularly true among younger consumers whoare likely to consider a company’s ethical values beforebuying their products13.An ethical orientation in an organisation serves as aninsurance policy against incivility in the workplace andemployee misconduct such as harassment, bullying,and discrimination. Academic research has also showna correlation between a strong ethics and complianceprogramme and less disciplinary action and employeesick time taken, and a consequent decline in humanresource costs10."A strong ethical culture directly supports astrong compliance program."FCPA Resource GuideNews reports frequently highlight how lapses inleadership in managing compliance-related risks havedamaged organisations and even exposed them tosubstantial fines and penalties. The financial penalty canbe managed, but the reputational impact can have farreaching consequences for many years.Stakeholders, investors and shareholders valuecompanies with reputations for acting ethically. Anethical reputation signals greater transparency, reducedrisk of wrongdoing, a stronger compliance cultureand, ultimately, future growth and success. "Sociallyresponsible investing" entails investing in well-managedand profitable companies that are also committed toupholding ESG standards that benefit society. Oncea niche approach, sustainable investing is gainingmomentum with ESG funds capturing record flows in2019. According to a Morgan Stanley survey, around 85%of investors are interested in sustainable investing14.Performance of the 'World's Most Ethical Companies'(Ethisphere 2020 Honorees), compared to the Large Cap index33% of Gen Z workers (born 1995-1999) said thata company’s reputation for ethical behaviourwas “very important” when choosing to work forthem, compared to just 22% for their Millennialcounterparts (born 1983-1994)11.Five-yearethics premium13.5%January 20152020 ETHXJanuary 2020Large Cap IndexSource: Ethisphere. World’s most ethical companies 2020. Performance of the 2020 honorees as compared to the large cap index.10J. Paul McNulty, Jeff Knox & Patricia Harned, What an Effective Corporate Compliance Program Should Look Like, The Journal of Law, Economics andPolicy, 9, no. 375 (Spring 2013): 383911Deloitte Millennial Survey, 2018THE COMPLIANCE GUIDE – INTRODUCTION12Ethisphere, World’s most ethical companies 202014Morgan Stanley Survey Finds Investor Enthusiasm for Sustainable Investing at an All-Time High.13Accenture Strategy Global Consumer Pulse Research, 2018THE COMPLIANCE GUIDE – INTRODUCTION10

The Evolution of Ethicsand Compliance Management» FCPA Guidance» US DOJEvaluation» EU WhistleblowerProtection Directive201220172021The ethics and compliance management landscape has witnessed rapid and significant development since it originatedin the US during the second half of the 20th century.» Defense IndustryInitiative (DII)» Committee of SponsoringOrganizations of the TreadwayCommission (COSO)» Medicare7-Elements» ThomsonMemorandum1986199219992003» Dodd-Frank Act» US DOJCompliance Counsel» Modern SlaveryAct» DOJ Evaluationrevised» OFAC Guidance2010201520191977199119972002201120162020» Foreign CorruptPractices Act(FCPA)» Federal SentencingGuidelines forOrganizations (FSGO)» OECD Anti-BriberyConvention» Sarbanes-OxleyAct» UK Bribery Act» ISO 37001» Sapin II» DOJ Evaluationrevised1960sThe first compliance programmes emerged in theAmerican corporate arena when large contractors in theheavy electrical equipment industry were prosecutedfor anti-trust violations. Thereafter, companies began toadopt antitrust training and other compliance measures.1970sA series of bribery scandals revealed by the US Securitiesand Exchange Commission (SEC) and IRS (InternalRevenue Service) led to the passage of the ForeignCorrupt Practices Act (FCPA). Multinationals basedin the United States had been caught bribing foreigngovernment officials to gain business advantages, andit became clear that informal compliance programmeswere no longer enough.11THE COMPLIANCE GUIDE – INTRODUCTION1980sAfter a series of defence procurement scandals, 18defense contractors formed the Defense IndustryInitiativ

3 THE COMPLIANCE GUIDE – INTRODUCTION THE COMPLIANCE GUIDE – INTRODUCTION 4 Defining Ethics and Compliance Compliance means adherence to, or conformance with laws or regulations and with an organisation’s standards, policies, and procedures. From a legal perspective, compliance is the way organisations seek to ensure that they, their

Related Documents:

Sampling for the Ethics in Social Research study The Ethics in Social Research fieldwork 1.3 Structure of the report 2. TALKING ABOUT ETHICS 14 2.1 The approach taken in the study 2.2 Participants' early thoughts about ethics 2.2.1 Initial definitions of ethics 2.2.2 Ethics as applied to research 2.3 Mapping ethics through experiences of .

Code of Ethics The Code of Ethics defines the standards and the procedures by which the Ethics Committee operates.! More broadly, the Code of Ethics is designed to give AAPM Members an ethical compass to guide the conduct of their professional affairs.! TG-109! Code of Ethics The Code of Ethics in its current form was approved in

"usiness ethics" versus "ethics": a false dichotomy "usiness decisions versus ethics" Business ethics frequently frames things out, including ethics Framing everything in terms of the "bottom line" Safety, quality, honesty are outside consideration. There is no time for ethics.

Values and Ethics for Care Practice Sue Cuthbert and Jan Quallington Cuthbert & Quallington Values and Ethics for Care Practice 9 781908 625304 ISBN 978-1-908-625-30-4 Values and Ethics for Care Practice Values and ethics are integral to the provision, practice and delivery of patient-centred health and social care.

1 Introduction to Medical Law and Ethics Dr. Gary Mumaugh Objectives Explain why knowledge of law and ethics is important to health care providers Recognize the importance of a professional code of ethics Distinguish among law, ethics, bioethics, etiquette, and protocol Define moral values and explain how they relate to law, ethics and etiquette

BUSINESS ETHICS (Please note that these notes are not comprehensive and therefore additional reading is recommended from diverse sources) Books Ethics and Mgmt by Hosmer Business Ethics by Shekher Business Ethics by Chakrobarthy (Oxford publication) Syllabus 1. Evolution of thought of ethics in busi

Intro in Medical Ethics Module 279-17-C Regulations, Standards and Ethics Unit C 17.6 Trends in Medical Research Ethics 17.6.0 Intro in Medical Ethics dr. Chris R. Mol, BME, NORTEC, 2015 What is medical ethics Basic principles . PowerPoint-presentatie Author: Chris Mol

Professional Ethics Professional societies develop polices for their own industries, and the societies hold their members to that code of ethics. Professional ethics is different from studying philosophical ethics. Professional ethics encompass how people work in a professional setting by following expected standards of behavior (Strahlendorf).