Key Steps to Creating a Strong Compliance Culture Through Effective Leadership

© 2015 Baker & McKenzie LLP

GOOD. SMART. BUSINESS. PROFIT.TM


Key Steps to Creating a Strong Compliance Culture Through Effective Leadership

March 18, 2015


Chelsie Chmela

Events Manager

[email protected]

847.293.8806

We encourage you to engage during the Q&A portion of today’s webcast by using the chat function located within your viewing experience.

HOST

QUESTIONS

RECORDINGThe event recording and PowerPoint presentation will be provided post event.

3


4

SPEAKING TODAY

Pyter StradiotoChief Compliance Officer, Embraer S.A.

John P. Cunningham

Partner, Baker & McKenzie

Crystal Jezierski Senior Associate, Baker & McKenzie

Baker & McKenzie LLP is a member firm of Baker & McKenzie International, a Swiss Verein with member law firms around the world. In accordance with the common terminology used in professional service organizations, reference to a "partner" means a person who is a partner, or equivalent, in such a law firm. Similarly, reference to an "office" means an office of any such law firm.© 2015 Baker & McKenzie LLP

Key Steps to Creating a Strong Compliance Culture Through Effective Leadership

Pyter Stradioto, Chief Compliance Officer, Embraer S.A.John P. Cunningham, Partner, Baker & McKenzieCrystal Jezierski, Senior Associate, Baker & McKenzie

Agenda

© 2015 Baker & McKenzie LLP 7

Agenda

‒ Culture and Leadership in a U.S. and Global Context

‒ Culture and Leadership in Recent FCPA Resolutions

‒ Best Practices for Building a Strong Culture Through Effective Leadership

Culture and Leadership in U.S. and Global Context


U.S. Sentencing Guidelines

‒ Under the U.S. Sentencing Guidelines an “effective” compliance program must, among other things, “promote an organizational culture that encourages ethical conduct and a commitment to compliance with the law”

‒ As a result, the Guidelines expect the chief compliance officer to have “appropriate authority within the organization, adequate autonomy from management, and sufficient resources to ensure that the company’s compliance program is implemented effectively”


Resource Guide to the FCPA‒ In 2012, the DOJ and SEC released their Resource Guide to the

FCPA, which provides direction on the connection between the role of corporate leaders, promoting a healthy compliance culture, and the “hallmarks” of an effective compliance program An effective compliance program promotes “an organizational

culture that encourages ethical conduct and a commitment to compliance with the law”

Both authorities consider the commitment of corporate leaders to building and maintaining a “culture of compliance” when assessing the sufficiency of a compliance program, recognizing that “a strong ethical culture directly supports a strong compliance program”


Key Global Guidance

‒ Global law enforcement and regulatory authorities also cite to strong corporate leadership as a key driver of a successful compliance program

‒ The “Good Practice Guidance” of the Organisation for Economic Co-operation and Development (OECD) Support from senior management that is strong,

explicit, and visible Oversight of the program by senior corporate officers

with sufficient resources, authority, and access to the board


Key Global Guidance (cont’d)‒ The UK Bribery Act’s “Adequate Procedures”

Top-level commitment (Principle 2) “Those at the top of an organisation are in the best position to

foster a culture of integrity where bribery is unacceptable”‒ Spanish Senate Approves New Criminal Code

Company’s directors required to adopt a compliance program Program must be supervised by a body or individual authorized

to exercise high-level control– Brazil’s Clean Company Act

In determining sanctions, “the existence of mechanisms and internal integrity procedures . . . and . . . denunication of irregularities in applying the code of conduct” within the legal entity will be considered

Culture and Leadership in Recent FCPA Resolutions


Recognition by Authorities of Effective Leadership and Impact on Culture‒ U.S. Attorneys’ Manual – Principles for Prosecution of

Business Organizations “a corporation is directed by its management and

management is responsible for a corporate culture in which criminal conduct is either discouraged or tacitly encouraged”

‒ Recent SEC NPA with U.S. Company Company leadership “thoroughly reviewed its pre-

existing program and undertook steps to further update and enhance its compliance program, and successfully implemented those new enhancements”


Major Concern: Turning a “Blind Eye”

‒ In 2014, a European engineering, power, and transportation company settled foreign bribery allegations with the DOJ for over $700 million in fines and penalties DOJ faulted the company for failing to have

procedures in place surrounding due diligence, payments to consultants, and high-risk transactions -- to ensure compliance with its policies

Executives were said to have known “or knowingly failed to take action that would have allowed them to discover” improper conduct


Major Concern: Failure to Address Misconduct

‒ In 2014, a U.S. products company resolved FCPA charges, resulting in fines and penalties totaling $135 million, involving improper gifts, travel, and entertainment provided to Chinese government officials Internal Audit executives agreed to remove discussion

suggesting that gifts and hospitality provided to government officials may have violated the FCPA from a final, internal investigation report

DOJ faulted the company’s leadership: “for years its corporate parents, rather than putting an end to the [improper conduct], conspired to cover it up”


Major Concern: “Permissive” Environment

‒ In 2013, a multinational company agreed to pay more than $250 million to settle cases with the SEC, DOJ and other U.S. federal agencies involving allegations of improper payments to foreign officials made through joint ventures, and improper commercial transactions with Cuba, Iran, Syria, and Sudan

‒ Lack of adequate compliance culture was specifically cited in the enforcement action papers: Due to its “failure to implement such internal accounting

controls, a permissive and uncontrolled environment existed” within the company

17

Best Practices for Building a Strong Culture Through Effective Leadership


I. Engage High-Level Stakeholders

‒ Report to your board of directors quarterly (ideally) on the following: Ongoing internal investigations Compliance program status, compliance challenges facing

your company, and initiatives underway to address them General enforcement developments related to your areas of

legal and regulatory compliance risk‒ Regularly (e.g., annually) train the board of directors‒ Separately engage your board’s audit committee to facilitate

ongoing dialogue between primary compliance officer and the board on program developments


II. Collaborate with Officers and Senior Management‒ It is important that employees at all levels of the company view the

CCO, CEO, board, and other senior leaders as a team, equally committed to the program’s success Actively solicit your CEO’s input (e.g., monthly meetings) and

engage your CEO in program design, implementation, and, in particular, compliance messaging

Meet regularly with the business heads to obtain their feedback on evolving risks, program design, and program implementation

Conduct monthly meetings with company leaders responsible for other compliance related functions (i.e., Legal, Internal Audit, Accounts Payable, CFO, Finance, HR) to ensure adequate communication on compliance program effectiveness


III. Implement Performance Incentives

‒ Incorporating specific compliance requirements into annual evaluation criteria and connecting compensation to meeting these criteria can be an effective means of guiding employee behavior towards greater respect for compliance Apply incentives at all levels of company Work with senior management and HR to incorporate

unique evaluation criteria for senior executives that encourages them to take a leading role in promoting compliance throughout their areas of responsibility


IV. Push Compliance Out to Field

‒ Identify and designate compliance liaisons or representatives throughout your corporate operations Determine numbers and location based on regular risk

assessments Incorporate performance incentives into their evaluation

and compensation criteria to ensure accountability Train them to conduct future training in their local office

or assigned department (i.e., “train the trainer”)


V. Deputize Compliance Reps in Field

‒ When effectively utilized, compliance representatives allow you to extend the reach of key parts of your program Duties can include ongoing monitoring of compliance

with the program’s policies and procedures in the compliance representative's department

Can serve as another channel through which your company’s compliance communication messages are delivered

Develop a system to facilitate regular implementation updates to central compliance


VI. Develop and Implement a Strategic Communications Calendar

‒ Plan out your compliance communications on an annual basis to ensure regular and consistent messaging from senior management Time delivery of messages to ensure company’s commitment to

compliance remains “top of mind” throughout the year Target client alerts to specific areas of the business based on

recent enforcement developments Ensure business leaders reinforce message as part of regular

operational interactions and meetings (e.g., develop incentives for middle managers to include compliance with policies and procedures as part of weekly coordination meetings)


VII. Diversify Delivery of Compliance Message

‒ Harness internal communications mechanisms such as internal blogs and video systems, intranet, and social media to deliver compliance message throughout your organization

‒ Work with internal marketing staff to develop compliance messages and themes Showcase leaders from across business areas and functions

to demonstrate senior management’s full commitment to the successful implementation of the compliance program

Implement a compliance messaging series focused around key members of senior management such as your CEO


VIII. Identify Key Initiatives to Lead

‒ Certain initiatives should be led by the CCO, ensuring centralized evaluation and management of your company’s highest risks Regular risk assessments allowing you to understand the

business’s risks across all operations as the business evolves and changes

Implementation of key compliance policies and procedures Serve as the gatekeeper and evaluator of risk screening

and analysis for high-risk transactions Oversight of monitoring, auditing, and testing processes


IX. Incorporate Training into Supervisor Performance Evaluations

‒ An effective training program is critical to the success of your compliance program, yet ensuring that employees keep up with their training is an ongoing challenge Enlist the partnership of supervisory personnel by

connecting their performance evaluation to the training completion rates of personnel they superviseo Requires supervisors to re-enforce message of

importance of complianceo Fosters greater employee accountability for completiono If possible, employ technology to track training


X. Make Training Compliance Professionals a Top Training Priority

‒ Ensure compliance department personnel participate in key compliance conferences and trainings annually

‒ Ensure personnel from offices that are key compliance partners (e.g., Legal, Internal Audit) participate in annual compliance conferences as well

‒ Provide function specific compliance training where appropriate (e.g., provide Accounts Payable training on key anti-corruption red flags)


XI. Coordinate Audit and Testing Plans

‒ Compliance policies and procedures should be audited and tested in consultation with the CCO The CCO should provide feedback on areas of the

program in need of verification as informed by risk assessments and continuous program monitoring led by the CCO (i.e., compliance “health checks”)

Similarly, subsequent program enhancements should be designed and led by the CCO in consultation with Audit and any other relevant personnel


Baker & McKenzie - Additional Resources

Follow ongoing developments in global anti-corruption enforcement and compliance via:

http://globalcompliancenews.com/

Baker & McKenzie’s acclaimed “Inside the FCPA” Newsletter http://www.bakermckenzie.com/insidethefcpa/

http://globalcompliancenews.com/

http://www.bakermckenzie.com/insidethefcpa/

Thank you! Questions?


Contact Information for Presenters

John P. Cunningham, Partner, Washington, DC Email: [email protected] Phone: + 1 202 835 6148

Pyter Stradioto, Chief Compliance Officer, Embraer S.A.

Crystal Jezierski, Senior Associate, Washington, DC Email: [email protected] Phone: + 1 202 835 6168


This webcast and all future Ethisphere webcasts are available complimentary and on demand for BELA members. BELA members are also offered complimentary registration to Ethisphere’s Global Ethics Summit and other Summits around the world.

For more information on BELA contact:

Laara van Loben SelsSenior Director, Engagement [email protected]

Business Ethics Leadership Alliance (BELA)

mailto:[email protected]


Thursday, March 19 at 12:00 p.m. ET

Optimizing Compliance Programs in Organizations: A Top-Down Approach

All upcoming Ethisphere events can be found at:http://ethisphere.com/events/

PLEASE JOIN US FOR

http://ethisphere.com/events/



THANK YOU