Wynn, Part II: Third-Party Oversight

Wynn

Today we revisit Wynn Resorts and the report its compliance monitor released last month. As you might recall, that report is a sweeping review of how Wynn has tried to rectify its operations after a sexual harassment scandal forced the departure of its founder and long-time CEO, Steve Wynn.  Last month we took a deep…

Read More

Some Good Guidance on Third-Party Risk

third-party risk

One of the nation’s top banking regulators just dropped some fresh guidance about third-party risk management, well worth any compliance professional’s time if you’re looking for advice on regulatory compliance or just good insight on third-party risk generally. The Office of the Comptroller of the Currency, regulator for the country’s community banks, published the guidance…

Read More

DOJ on FCPA and Agent Liability

fcpa

The Justice Department’s top criminal prosecutor talked FCPA compliance at conference in Washington this week, raising a few points to consider about oversight of third parties and the importance of compliance program. Let’s get into them.  Assistant attorney general Brian Benczkowski, head of the Criminal Division, made his remarks at the annual FCPA Conference happening…

Read More

Dealers, Drugs, and FCPA Insight

dealers

I always welcome questions from compliance and audit professionals, and the following came to me last week: “What type of third party falls under ‘dealer’ for FCPA purposes?” The compliance officer who posed this question works at a company under settlement with the Justice Department for overseas bribery. He’s building up the company’s third-party oversight…

Read More

Supply Chain Risk: We’re Looking at It Wrong

supply chain

I was reading the New York Times this weekend when an article jumped out at me: yet another example of misconduct in a large company’s supply chain suddenly bursting into public view, bringing grief to a company that clearly hadn’t known trouble was afoot. Ethics and compliance officers should take note. When we dissect exactly…

Read More

Stats on Third-Party Oversight

third-party risk

Uneasy with your company’s third-party risk? Looking for some validation that your organization is normal? No worries — a fresh survey from Deloitte confirms that plenty of other organizations have only a precarious grip on their third parties, too. The report, released Tuesday and based on data from a Deloitte webcast held in October, found…

Read More

SEC Dings Vantage $5M on FCPA Issues

fcpa

Texas-based Vantage Drilling International has agreed to pay $5 million in disgorgement to the Securities and Exchange Commission for sloppy FCPA accounting controls that let the company’s largest outside director and various third parties pay bribes to Brazilian government officials in the 2000s. The SEC’s settlement order recounting the failures reads like a long, torturous…

Read More

Survey: Third-Party Data Risk Still a Mess

third-party risk

Another year, another report confirming what most compliance and IT security officers already know: third-party vendors are an enormous security and privacy risk, and oversight of those parties is a mess. That’s the message of a report released Thursday by Opus and the Ponemon Institute, which surveyed more than 1,000 IT and data security professionals…

Read More

Update on Third-Party Risk Programs

third-party risk

Navex Global gave a sneak peek this week of its latest report on third-party risk. The headline: too many compliance departments still rely on paper-based systems to track third parties, and therefore too many probably underestimate the risks their third parties truly pose. The 2018 Navex Global Third-Party Risk Management Benchmark Report, which surveyed 1,200…

Read More

Bad Control Environments Ruin Everything

automation

The compliance and audit worlds like to rely on lingo such as “control environment” and “control activities” all the time. The scandal of Corporate America’s payments to Michael Cohen, personal lawyer and fixer to President Trump, reminds us what those words really mean, and why a bad control environment can sour all the control activities you…

Read More