EthicsPoint Resources

Practicalities of an Ethics Management Program

Mon, 14 May 2012 08:26:26 GMT

Current FCPA Compliance Program Best Practices: Lessons Learned from Recent DPAs

Thu, 10 May 2012 08:56:02 GMT

If you are a compliance department professional, in-house counsel or independent compliance practitioner, this is the event for you to learn about and help your company incorporate the current best practices into its FCPA compliance program.

The ROI of GRC: Making the Business Case for an Automated Governance, Risk and Compliance Solution

Tue, 17 Apr 2012 00:00:00 GMT

The implementation of a robust Governance, Risk, and Compliance (GRC) program

should be a primary concern for all organizations. Organizations that have a strong

commitment to GRC management consistently out-perform those that do not:

Businesses with superior governance practices on average generate 20%

greater profits than other companies (MIT Sloan School of Management);

Companies who had open communication saw 7.9% shareholder returns

over ten years vs. just 2.1% for those who didn’t (Corporate Executive

Board);

Non-compliance costs are 2.65 times that of the cost of compliance for

companies (Ponemon Institute), and

Companies that had good GRC programs had 14% lower operating

costs than those that didn’t (EthicsPoint data).

Whistleblowing 2.0: Upgrading From Compliance to Performance

Fri, 06 Apr 2012 16:55:07 GMT

Whistleblower Claims? Get HR Involved Early

Tue, 20 Mar 2012 13:26:58 GMT

IEM User's Guide

Mon, 19 Mar 2012 00:00:00 GMT

EthicsPoint Issue and Event Manager Professional and Enterprise puts an array of incident tracking tools in your hands, allowing you to capture and track multiple aspects of any issue or event.

This guide is organized into sections that correspond to the tabs you see at the top of Issue and Event Manager. To learn about Professional and Enterprise features, refer to the section that matches the tab.

IEM Administrator’s Guide

Mon, 19 Mar 2012 00:00:00 GMT

EthicsPoint Issue and Event Manager Professional/ Enterprise offers a comprehensive set of administrative tools to give you the flexibility you need to manage your users and their ability to work with case.

This guide introduces and explains basic concepts used in the administration of Professional/ Enterprise, in addition to in-depth descriptionsn of the administrative tools. Look for real-world examples and tips that you can use as starting points when you set up your own system.

epIEM Release Notes

Sat, 17 Mar 2012 00:00:00 GMT

EthicsPoint is committed to improving

your ability to capture and track multiple

aspects of any issue or event. Regular

releases provide you with new features and

enhancements for Issue and Event Manager

Foundation, Professional, and Enterprise.

These release notes detail the changes to

Issue and Event Manager in recent releases,

including system requirements, new

features, and enhancements.

IEM Administrator's Quick Reference

Sat, 17 Mar 2012 00:00:00 GMT

The Issue and Event Manager Quick Reference is designed for Foundation or Professional Administrators, as well as Enterprise System or Tier Administrators. This guide provides basic information for adding access levels and users to tiers.

Data Privacy Supplemental Guide

Sat, 17 Mar 2012 00:00:00 GMT

This quick reference guide presents general best practices and gives detailed instructions for handling data privacy reports and cases. It also includes special sections for administrators to manage users who are assigned to handle data privacy reports and cases.

Evaluating Your Compliance Program Under FERC's Penalty Guidelines

Thu, 08 Mar 2012 14:21:54 GMT

IEM Product Release 1 2012

Tue, 06 Mar 2012 00:00:00 GMT

View the changes coming to IEM with our next release in March 2012.

FAQ Release 1 2012

Tue, 06 Mar 2012 00:00:00 GMT

Frequently Asked Questions about EthicsPoint's upcoming IEM release in March 2012

Industry Leaders Merge to Form Leading Ethics and Compliance Company

Fri, 02 Mar 2012 00:00:00 GMT

ELT, EthicsPoint and Global Compliance Complete Merger, Forming Largest Full-Service Governance, Risk and Compliance Company

Charlotte, N.C., Portland, Ore. and San Francisco – March 2, 2012 – Today, leading ethics and compliance organizations, ELT, Inc., EthicsPoint, Inc. and Global Compliance Services, Inc., announced the completion of their merger with global private equity firm, The Riverside Company, as their key investor.

The new organization will be a leading player in the governance, risk and compliance (GRC) industry with the capacity to meet the expanding needs of customers all over the world. The merger expands on each organization's strengths, providing clients with a single comprehensive resource to help protect their organizations from adverse risk, enhance their corporate cultures and drive better business results.

The new company will have significantly expanded capabilities and resources, a workforce of several hundred employees, a client base of nearly 6,500 organizations around the globe and an unmatched commitment to quality and continuous innovation. Nearly 75 percent of the Fortune 100 is already a customer of the combined organization.

The company will be renamed pending a rebranding and will have offices in Portland, Ore., San Francisco, Red Bank, N.J. and Charlotte, N.C.

"We're thrilled about bringing together three world-class companies to create a dynamic provider of GRC services," said Loren Schlachet, Managing Partner with The Riverside Company. "Together, these companies will offer even more exceptional service thanks to increased expertise and more diverse and integrated services."

EthicsPoint's President & CEO Mark Reed is now CEO of the merged organizations. ELT President & CEO Shanti Atkins serves as the combined company's president & chief strategy officer. Global Compliance CEO Jim Burke sits on the new company's board of directors.

"Enterprise risk and compliance issues have become more complex and globalized, increasing both regulation and enforcement along with escalating litigation risk," said Reed. "These factors place an increasing focus on ethics and compliance, making a single organization that can help companies respond to these risks from beginning-to-end both unique and highly sought after."

"Our new organization will provide clients with in-depth expertise formed via unparalleled industry experience, data and analytics," said Atkins. "We are deeply committed to helping create positive workplace cultures, protecting both employers and their people."

The Riverside Company (www.riversidecompany.com or www.riversideeurope.com)

The Riverside Company is a global private equity firm focused on acquiring growing businesses valued at up to $200 million (€200 million in Europe). Since its founding in 1988, Riverside has invested in more than 275 transactions. The firm's international portfolio includes more than 75 companies, and it has $3.2 billion/€2.5 billion in assets under management.

ELT, Inc. (www.elt.com)

ELT provides online training solutions to help employers manage their most important workplace compliance challenges. ELT specializes in the topics that create the greatest legal risks, and where effective employee training can prevent misconduct, establish powerful legal defenses, and help to create a culture of ethics, inclusion and respect, including ethics training, harassment training and wage & hour training. ELT features legal content from Littler Mendelson, the world's largest employment law firm, and is endorsed by the Society for Human Resources Management (SHRM), the world's largest human resources association. With more than a decade of market-tested success and millions of employees trained, ELT is trusted by today's most respected employers.

EthicsPoint, Inc. (www.ethicspoint.com)

EthicsPoint, a leading provider of enterprise risk awareness solutions, helps organizations align their governance, risk and compliance (GRC) processes with overall business strategy. We protect corporate cultures and reputations by proactively revealing risk-related trends via the collection, management and understanding of their GRC-related data. More than 2,400 organizations currently use our solutions to increase the quality of GRC data reported to boards and executive teams to facilitate better business decisions. To find out how, please visit www.ethicspoint.com.

Global Compliance Services, Inc. (www.globalcompliance.com)

Global Compliance is the leading global provider of comprehensive, integrated corporate compliance solutions, including the industry's first and largest whistleblower hotline supporting more than 25 million customer employees around the globe. Global Compliance serves more than 4,000 organizations by providing a full range of solutions necessary to achieve the highest degree of ethical behavior and corporate compliance. The Company's ethics and compliance services include whistleblower hotlines and case management, online training and awareness programs, expert advisory consulting by the Ethical Leadership GroupTM, performance benchmarking and third party risk solutions for vendor and supplier due diligence.

Download a PDF of this Press Release:

The Impacts of Corporate Culture: Results of the CEB’s Risk Clarity Survey

Tue, 21 Feb 2012 15:04:28 GMT

IEM User's Guide Excerpt (March 2012 Release DRAFT)

Mon, 20 Feb 2012 00:00:00 GMT

This document is for informational purposes only. It contains DRAFT excerpts from the IEM User's Guide about additions or changes to Issue and Event Manager. Complete, final documentation will be delivered with the March 2012 release.

Common Factors in Financial Misreporting

Wed, 15 Feb 2012 10:52:26 GMT

The FCPA in 2012: Enforcement Trends and New Best Practices

Tue, 14 Feb 2012 15:51:46 GMT

Hotline Reporting

Tue, 14 Feb 2012 00:00:00 GMT

How many hotline reports should I receive?

You would think that there was a simple answer to the question: “How many hotline reports should I receive through my anonymous hotline? However, when you start to really look at an answer, it is far more complicated than you think.

Over the past 7 years, I have discussed hotline benchmarking with compliance officers, HR executives, auditors, and legal counsels at organizations all over the globe. The common expectation is that about 1% of all employees will use a hotline every year. This metric is not so cut and dry however, as factors such as demographics of the workforce, geography and culture at your facilities, and the other processes that you support for issue reporting.

According to the corporate executive board almost 80% (50% unreported & lost, 30% stuck or siloed) of all risk data gets lost, stuck or siloed. Over the years, I have probably read over 1,000 codes of conduct, and have found that a great majority of the time the code suggests that “to raise a concern and employee should go to management, senior management, human resources, compliance and ethics, or use the anonymous reporting process.” In the majority of situations the code also provides for non-retaliation, which means that the company is guaranteeing that regardless of how the employee raises a concern, they are protected. These two written statements seem like a utopia compared to reality. Since we know that employees don’t bring information forward and retaliation does exist in organizations, how can we make effective decisions without employees feeling confident in reporting all issues?

So now, let’s take a look at how many reports you should get per year based using industry metrics as our variables (Sources: Compliance & Ethics Leadership Council, Ethics Resource Center)

15% of employees observe misconduct (CELC) Turning Ethics into Outcomes (Page 4)

50% goes unreported (CELC) Turning Ethics into Outcomes (Page 4)

Of the misconduct that is reported ~5% comes through the company prescribed anonymous “hotline” (ERC) 2011 National Business Ethics Survey (Page 21)

 

10,000 employees * 15% = 1,500 employees observed misconduct

1,500 observed issues * 50% actually brought forward by employees = 750 reports

750 Reports * 5% reported through the hotline = 38 hotline reports per year.

 

Note: This assumes that of those 15% they each only saw one issue of misconduct. We know that more than one issue is observe, so these are very conservative estimates

This means that there are 712 issues that are never reported because they are lost or stuck and siloed in the organization. Your hotline gives you a very small window into the actual risk in the organization, and while valuable, is not a good representative example of what his happening in your company.

Now that we have given you a model for determining a baseline answer of the number of reports your hotline should receive, it is still not accurate because there are so many factors into why issues are not reported. If you are trying to minimize risk, increase transparency and improve culture you can start by:

Analyzing your code of conduct – highlight any areas that provide instructions for people to report – open door, hotline, conflict of interest, gift approval etc.

Analyzing the current process and determine if they are consistent and measurable.

Developing process to minimize data getting lost stuck and siloed.

If you follow these three steps, it will give you a good starting point to improving your reporting program and giving you even better insight into not only the number of hotline reports but misconduct overall but improving reporting across the board.

Whistleblower Compliance WebinarThe SEC recently issued its final regulations to Dodd-Frank's whistleblower bounty provisions. This presentation will highlight salient aspects of those provisions, identify the attendant risks, and provide practical ways to head-off whistleblower claims and strengthen defenses where litigation is unavoidable.Check out our archived webinar to learn about whistleblower compliance and the Dodd-Frank Act.

About Stephen MolenStephen Molen is the Director of Strategic Solutions for EthicsPoint, a leading provider of Governance, Risk and Compliance software & services that help clients protect their culture and reputation by providing visibility into the actual risks impacting their business. Stephen and EthicsPoint are based in the pacific northwest just outside of Portland Oregon.Stephen has been working in the Governance, Risk and Compliance market for the past 7 years, and has advised numerous companies on the adoption of best practice solutions to aide in the evolution of their GRC Strategy and the protection of their brand. Prior to leading the solutions team, Stephen was the National Account Manager for the Oil & Gas, Energy, Utilities, Hospitality & Leisure, Real Estate & Construction, and Manufacturing market segments, working with Global 500 customers.Stephen is a frequent speaker on ethics & compliance solutions and has worked with the SCCE, OCEG, EthicsPoint, and at national conferences. In his off time, Stephen looks to celebrate life with friends and family. As an avid cook, he loves to experiment with new ingredients and local flavors, specializing in Caribbean fare to carry on the traditional foods of his family’s heritage.

ACUA Webinar: Understanding and Implementing the New IIA Standards

Wed, 08 Feb 2012 15:24:32 GMT

Last Day at LegalTech 2012 Brings Mergers, Collection Tools

Thu, 02 Feb 2012 00:00:00 GMT

February 2, 2012

Yesterday was the last day of LegalTech New York 2012, and though vendors and legal professionals alike have left, many of the product launches, announcements, case studies and panel discussions will stay with them for some time.

The New Justice League

And yet, just because it’s the last day, doesn’t meant that there weren't announcements. EthicsPoint, ELT and Global Compliance announced that they were joining forces to lead an ethics and compliance company, essentially expanding their capacity to meet the needs of customers all over the world.

There’s no question that increased regulations and calls for compliance have challenged industries to adapt and adopt new methodologies for creating, storing and managing information across platforms and technologies. Such challenges seem to have provided the impetus for these three companies to partner and become a champion for GRC.

Mark Reed, EthicsPoint, President & CEO, will assume the CEO position of the merged organizations. Shanti Atkins, ELT, President & CEO, will serve as the combined company’s President & Chief Strategy Officer. Jim Burke, Global Compliance, CEO, will serve on the company’s Board of Directors.

After investing in two businesses in 2011, the firm has quickly exited two investments, including compliance company Global Compliance Services, which it held for roughly eight years.

Thu, 02 Feb 2012 00:00:00 GMT

Private Equity International Magazine

February 2, 2012

Angelo Gordon is pouring on the realisations.

In the past two months the firm has sold compliance business Global Compliance Services to the Riverside Company and exited auto finance company Gateway One.

Angelo Gordon invested in Global Compliance Services from its fully invested $155 million second buyout fund and acquired Gateway One using capital from its $350 million third fund.

“We’re in the latter stages of harvesting Fund II,” Arthur Peponis, co-head of Angelo Gordon Private Equity, told Private Equity International. “Global Compliance Services was one of the earliest investments [from fund II] but will be one of the latest [portfolio companies] sold.”

Angelo Gordon held Global Compliance for roughly eight years before selling to Riverside, which will merge the company with ELT and Ethics Point, two other businesses in the governance, risk and compliance industry.

Angelo Gordon is currently investing its $650 million fourth buyout fund, which is over half invested, according to Peponis.

“We still have enough fire power for a number of investments in Fund IV,” he said.

In 2011, the firm purchased two businesses, acquiring a minority stake in Hamilton State Bancshares as part of its strategy to acquire banks through the FDIC government auction process and purchasing a controlling stake in restaurant company Firebirds.

“I thought it was a terrific year for us in terms of the amount of capital we put forth as well as the harvesting,” Peponis said. “We’re quite satisfied in terms of our ability to get a couple of these realisations on the board.”

Angelo Gordon focuses on businesses in the financial services, healthcare and consumer & retail sectors, making investments in transactions ranging from $50 million to $500 million.

Riverside Co. Forms GRC Platform with Acquisition Of EthicsPoint

Wed, 01 Feb 2012 00:00:00 GMT

By Beina Xu

Lake Oswego, Ore. | Dow Jones LBO Wire

Riverside Co. is making a big bet on the growth of the governance, risk and compliance industry.

The firm inked a deal to buy EthicsPoint Inc., and will merge the business with its existing portfolio companies ELT Inc. and Global Compliance Services Inc. The combined platform will have an enterprise value exceeding $200 million and $25 million in Ebitda. Mark Reed, president chief executive of EthicsPoint, will serve as chief executive of the merged organization, which does not yet have a new name. All three enterprises are roughly the same size.

Riverside invested in ELT in December 2010, and a year later added Global Compliance Services to its portfolio after eyeing it for some time as a potential add-on, according to Loren Schlachet, managing partner at Riverside. EthicsPoint hadn't originally been up for sale, but was introduced to the firm through an intermediary outside of a formal auction process. Riverside was a client of the company's.

"This industry is expanding exponentially, largely due to all the regulations in a number of markets," said Reed.

GCS originally began in the hotline and whistleblower space, but also has case management capabilities as part of its core business, although it's added consulting and training services. ELT is primarily focused on human resources and workplace-related training. EthicsPoint leans more on the technology side, offering policy, case compliance management.

The industry has seen a lot of growth in the overall healthcare realm in both training and technology deployment, according to Reed. Other high-growth markets include energy and utilities, due to regulations.

There has also been a real spike in activity related to the relatively recent U.K. anti bribery act, which Reed calls "one of the strongest legislative pieces we've seen so far" in the industry.

The advent of Dodd-Frank has also created another market for the platform, similar to the way the Sarbanes-Oxley Act "was one of the real catalysts for initial growth in the market. back in early 2000s," Reed said.

"Back then people were buying this type of technology as an insurance policy; it was more of a reactive type of purchase," he said. "What's happened is that as corporations and boards want to more aggressively manage their risk, they became more proactive in their purchases. Our deal sizes have increased exponentially because of that."

The scrutiny that the private equity and financial services industry have faced has also opened up a fast-growing market, particularly on the certification side, as firms have scrambled to meet SEC registration deadlines.

"As it relates to certifications, registration and compliance with specific regulated industries, we do have a potential to expand into those areas," said Joe Lee, principal at Riverside.

"The whole certification piece-that's a very interesting way to extend our reach," Reed said.

The merger is anticipated to close at the end of February.

Reach Riverside at 216-344-1040.

Private Equity Bets On Compliance Market With EthicsPoint Deal

Wed, 01 Feb 2012 00:00:00 GMT

By Nick Elliott | Wall Street Journal Corruption Currents Blog

In a further sign of rising demand for compliance services, private equity firm Riverside Co. has signed a deal to acquire EthicsPoint Inc., which it will merge with its existing portfolio companies ELT Inc. and Global Compliance Services Inc.

Beina Xu at Dow Jones LBO Wire interviewed both EthicsPoint President and Chief Executive Mark Reed and Loren Schlachet, managing partner at Riverside. (sub req.)

Reed told her that the market was “expanding exponentially, largely due to all the regulations in a number of markets.”

Specifically, he cited the U.K. Bribery Act and the Dodd-Frank law in the U.S., with Sarbanes-Oxley Act of 2002 providing an earlier boost for compliance businesses.

“Back then people were buying this type of technology as an insurance policy; it was more of a reactive type of purchase,” Reed said. “What’s happened is that as corporations and boards want to more aggressively manage their risk, they became more proactive in their purchases. Our deal sizes have increased exponentially because of that.”

The Riverside deal brings together EthicsPoint’s focus on policy and case management with the hotline, consulting and training services already offered by the platform company.

EthicsPoint acquired, to merge with rivals

Wed, 01 Feb 2012 00:00:00 GMT

February 1, 2012

EthicsPoint Inc., a Lake Oswego-based maker of compliance and risk management software with around 200 local employees, has been acquired by a private equity firm and will be merged with two of its rivals.

The Riverside Co., a private equity firm with headquarters in both Cleveland and New York, on Wednesday announced that it had acquired EthicsPoint and will merge it with its portfolio companies San Francisco-based ELT Inc., and Charlotte, N.C.-based Global Compliance Services Inc., which it acquired in December.

The name and headquarters location of the merged company — which will employ close to 500 — hasn’t been determined.

But it will be led by EthicsPoint CEO Mark Reed, who took the helm of the Lake Oswego company in July following the resignation of founder David Childers.

Terms of the deal were not disclosed. The transaction will be complete by the end of the month.

EthicsPoint makes software used by large companies to set-up hotlines, manage compliance and internal policy issues, and make executives more aware of potential compliance risk.

It has more than doubled in size over the past four years, rising from 87 people and $12 million in sales in 2008 to around 200 people and around $30 million in sales in 2011.

By combining, the merged company will service a customer base of 6,500 that includes 75 percent of the companies in the Fortune 100 list.

“This merger is truly a watershed event in the (governance, risk and compliance) industry, and I am energized to lead the combined company through this next phase of growth,” Reed said in a news release. “Collectively, the merged companies offer an unmatched level of experience and knowledge with a broad and complementary set of technology and content solutions to help global customers manage risk.”

Shanti Atkins, ELT’s president and CEO, will serve as the combined company’s president and chief strategy officer. Jim Burke, who was CEO of Global Compliance, will join the company’s board of directors.

Lake Oswego-based EthicsPoint sold to private equity firm

Wed, 01 Feb 2012 00:00:00 GMT

February 1, 2012

A private equity firm has agreed to purchase Lake Oswego-based compliance software maker EthicsPoint Inc. and merge it with two other companies in the governance, risk and compliance industry.

Terms of the deal were not disclosed. EthicsPoint, a privately held company with about $30 million in sales last year, has almost 200 employees, all but three of them in Lake Oswego.

EthicsPoint provides risk-management software, whistleblower hotlines and consulting services that large organizations use to monitor risk and employee behavior, comply with industry standards and field complaints. The private equity firm, New York-based Riverside Co., had previously purchased EthicsPoint's largest competitor, Charlotte-based Global Compliance Services Inc., as well as a San Francisco company that provides online compliance training tools, ELT Inc.

EthicsPoint's chief executive, Mark Reed, will lead the combined organization. He said in a news release that collectively, the three companies offer unrivaled experience and complementary technology to help companies manage risk.

No decision has been made as to where the combined company will be headquartered or whether there is any overlap that would result in layoffs, according to Simmi Singh Corcoran, an EthicsPoint spokeswoman.

EthicsPoint is owned predominantly by Oregon-based angel investors who helped launch the company in the late 1990s. Its former chief executive, David Childers, resigned last summer after being treated for cancer. Childers said at the time that he favored more aggressive expansion than the company's other board members, which include retired Air Force General Merrill McPeak. Childers said the board was resistant to seeking outside capital to finance growth.

ELT, EthicsPoint and Global Compliance to Merge Forming Leading Ethics and Compliance Company

Wed, 01 Feb 2012 00:00:00 GMT

Acquisitions to expand The Riverside Company's investment

in the Governance, Risk and Compliance industry

San Francisco, CA, Portland, OR, Charlotte, NC, February 1, 2012 – ELT Inc., EthicsPoint, Inc., and Global Compliance Services, Inc. announced their intent to merge, forming a leading player in the Governance, Risk and Compliance (GRC) industry with the capacity to meet the expanding needs of customers all over the world. The merger is anticipated to close at the end of February, subject to customary approvals. Terms of the deal were not disclosed.

The combination of these complementary platforms will create a company with significantly expanded capabilities and resources, a workforce of several hundred employees, a client base of nearly 6,500 organizations around the globe and an unmatched commitment to quality and continual innovation.

"At a time when many global leaders and businesses are questioning the need for increased regulations, we are championing GRC," said Loren Schlachet, Managing Partner with The Riverside Company. "We believe that these tools, along with embracing good old fashioned ethics, are actually the roots to creating lasting value for a business."

Mark Reed, EthicsPoint, President & CEO, will assume the CEO position of the merged organizations. Shanti Atkins, ELT, President & CEO, will serve as the combined company's President & Chief Strategy Officer. Jim Burke, Global Compliance, CEO, will serve on the company's Board of Directors.

"This merger is truly a watershed event in the GRC industry, and I am energized to lead the combined company through this next phase of growth," said Reed. "Collectively, the merged companies offer an unmatched level of experience and knowledge with a broad and complementary set of technology and content solutions to help global customers manage risk."

Enterprise risk and compliance issues have become more complex and globalized. Greater regulation and enforcement is expected in the future, escalating litigation risk and an increasing focus on ethics and compliance.

Riverside invested in ELT in December 2010 and both organizations committed to the compliance and ethics industry further in December 2011 with the acquisition of Global Compliance Services. Separately, ELT and Riverside entered into a definitive purchase agreement to acquire EthicsPoint at the end of January 2012. The combined entity intends to deliver an industry-leading, comprehensive platform that provides clients with access to the best solutions to protect their organizations, enhance their workplace environments and drive better business results. Solutions include:

whistleblower hotlines;

advanced case management;

reporting and analytics;

robust online training and awareness programs;

expert advisory consulting;

performance benchmarking;

data privacy; and

third-party risk analysis.

"Global Compliance has helped to define the GRC industry since launching the first employee hotline 30 years ago," said Jim Burke of Global Compliance. "Our new partners share our vision of integrated and comprehensive ethics and compliance solutions, and we look forward to working with them as we develop new solutions for clients in this fast-changing regulatory environment."

"ELT and Riverside share a vision for building a world-class GRC company that will take the leading position in expert content, data-driven solutions and phenomenal learning experiences for our clients and their employees. I am very pleased we have been able to incorporate Global Compliance and EthicsPoint into that vision. We are fully committed to protecting employers, their people and the broader communities that surround them," said Shanti Atkins of ELT.

Working with Schlachet on the transaction for Riverside were Joe Lee, Principal; Jeff Goodman, Operating Partner; Dan Haynes, Assistant Vice President; John McKernan, Senior Associate; Steve Rice, Associate, and Mary Anne McLaren, Finance Director. Riverside's investments in Global Compliance Services and EthicsPoint were sourced by Amy Margolis, Regional Director – Origination and Scott Gilbertson, Principal – Origination, respectively.

The Riverside Company (www.riversidecompany.com or www.riversideeurope.com)

The Riverside Company is a global private equity firm focused on acquiring growing businesses valued at up to $200 million (€200 million in Europe). Since its founding in 1988, Riverside has invested in more than 275 transactions. The firm's international portfolio includes more than 75 companies, and it has $3.2 billion/€2.5 billion in assets under management.

EthicsPoint, Inc. (www.ethicspoint.com)

EthicsPoint, a leading provider of enterprise risk awareness solutions, helps organizations align their governance, risk and compliance (GRC) processes with overall business strategy. We protect corporate cultures and reputations by proactively revealing risk-related trends via the collection, management and understanding of their GRC-related data. More than 2,400 organizations currently use our solutions to increase the quality of GRC data reported to boards and executive teams to facilitate better business decisions. To find out how, please visit www.ethicspoint.com.

Global Compliance Services, Inc. (www.globalcompliance.com)

Global Compliance is the leading global provider of comprehensive, integrated corporate compliance solutions, including the industry's first and largest whistleblower hotline supporting more than 25 million customer employees around the globe. Global Compliance serves more than 4,000 organizations by providing a full range of solutions necessary to achieve the highest degree of ethical behavior and corporate compliance. The Company's ethics and compliance services include whistleblower hotlines and case management, online training and awareness programs, expert advisory consulting by the Ethical Leadership GroupTM, performance benchmarking and third party risk solutions for vendor and supplier due diligence.

ELT Incorporated (www.elt-inc.com)

ELT provides online training solutions to help employers manage their most important workplace compliance challenges. ELT specializes in the topics that create the greatest legal risks, and where effective employee training can prevent misconduct, establish powerful legal defenses, and help to create a culture of ethics, inclusion and respect, including ethics training, harassment training and wage & hour training. ELT features legal content from Littler Mendelson, the world's largest employment law firm, and is endorsed by the Society for Human Resources Management (SHRM), the world's largest human resources association. ELT's award-winning courses engage employees with compelling stories drawn from actual cases and real events. Leveraging the latest technology and high-end media, ELT's solutions reflect the level of quality that organizations want to associate with their compliance programs. With more than a decade of market-tested success and millions of employees trained, ELT is trusted by today's most respected employers.

Policies and Investigations: Improve Efficiency Through Organization and Knowledge

Thu, 26 Jan 2012 13:16:23 GMT

There is a way to tie all violations of ethics & compliance into the appropriate policy, procedure or guideline it violates, both quickly and easily. EthicsPoint’s Policies, Procedures and Guidelines (PPG) Library provides a dynamic, searchable knowledge base for investigative procedure documents, applicable policies, workflow diagrams, as well as any other pertinent program information that may be useful to investigators and case managers.

Whistleblower Compliance

Fri, 23 Dec 2011 00:00:00 GMT

Whistleblower Compliance: Risk Mitigation for Your Compliance Regime

Summary

Running a compliance program with hindsight as your driving factor provides little value to an organization. For example, when a a claim turns to litigation, it’s can sometimes be too late to make related changes to a compliance program that have an impact on the case. Your program didn’t address the issue before the activity occurred and the uncertainty of adequacy becomes real and processes seem overwhelming. Steven Pearlman, partner at Seyfarth Shaw L.L.P., specializes in pre-trial preventative counseling, litigation defense and post-trial remedial measures and understands these issues. Over the past year, regulatory changes to Sarbanes-Oxley (SOX) and Dodd-Frank Acts have required increased awareness and attention to the rules your organization has in place to govern whistleblowing. The expectation of compliance with new rules is increasingly robust. In the EthicsPoint webinar, “Understanding the New Whistleblower Regime and How To Minimize the Risks,” Pearlman explains the methodology, developed at Seyfarth Shaw L.L.P., to initiate an update process and sheds light on key clarifications to test the adequacy of your program. This webinar is a great resource for those who building or remodeling a compliance program. The following is a brief overview of what was discussed and conclusions drawn during the discussion.

 

Sarbanes-Oxley Whistleblower Compliance

As Pearlman indicated, initially SOX established new standards of accountability and oversight for publicly traded companies and promised powerful protections for whistleblowers who reported corporate fraud and malfeasance. The seriousness of resulting litigation and increased focus on combatting corruption and bribery have changed the way we look at conducting business. The problem or confusion arising from currently enforced compliance law is the lack of continuity across the business communities; currently companies, and even entire industries, can essentially choose their level of involvement with whistleblower compliance. Unfortunately for those organizations, negligence is not considered a defense for non-compliance. Earlier in 2011, jurisdiction of SOX, in addition to the implementation of Dodd-Frank, vastly expanded the scope and breadth of whistleblower protections to include private subsidiaries of publically traded companies.

The May 2011 decision, Sylvester v. Parexel Int’l LLC,clarified the broad scope of protected conduct for SOX whistleblowers. There are three main developments from this decision: a complaint doesn’t need to include any language the whistleblower had a “good faith” belief there was fraud, the report can be considered to adequately inform of fraud, even if the fraud has yet to happen, and a report doesn’t need to “definitively and specifically” be related to fraud in order for a penalty to be issued. As long as the whistleblower attests to the loss, or potential for future loss, of money it can be considered fraud.

 

Whistleblower Types

Pearlman elaborated on certain legal perspective whistleblower cases, those not often explored by compliance departments. From a legal perspective there are two defined types of “whistleblower.” The first type is defined by those trying to gain leverage, or power, against their employer for the purpose of gaining a severance package or an employment opportunity. The second type of “whistleblower” is defined by people who see themselves as an extension of the government. These individuals consider it their civic duty to report illegal activity, are not really motivated by money, and seldom will take settlements. As we learn more about what motivates whistleblowers, there will be greater emphasis on identifying and educating the different profiles and understanding how compliance and ethics departments can answer the needs of both these types of reporters.

 

Sarbanes-Oxley Whistleblower Litigation Structure

The Sarbanes-Oxley whistleblower reporting process contains two main steps: the report investigation and the court hierarchy.

First, noted Pearlman, a whistleblower must file a report with the Occupational Safety and Health Administration (OSHA). Whistleblowers may report internally if they choose. Though many assume that an employee cannot report internally before reporting to OSHA, this is false and often a lost opportunity for employers and compliance professionals to encourage internal reporting. Whether reported internally or not, a report must be filed with OSHA within 180 days of the incident. After the report is filled, it goes through a rigorous litigation process at OSHA. There are three pieces of evidence OSHA requires to begin the investigative process: the submission of three different position statements, sources of documentation and live witness interviews.

In the second step, the compliant goes up the chain of command at the Department of Labor (DOL) to the administrative law judge at OSHA for adjudication. After the ruling is given by the judge there are two possible options for appeal the whistleblower can pursue:

First option: Even if the employer wins the summary decision, the employee has the ability to kick the claim to Federal District Court. The Federal District Court has a three-step appeal process: right to trial by jury, federal circuit court of appeals and, finally, the United States Supreme Court.

Second option: If the employee does not want to kick claim to federal court, then the claim goes from the Administrative Review Board to the Federal Circuit Court of appeals.

Both options are lengthy and take time to mature. However, better understanding of the reporting process can help companies teach and encourage internal reporting.

Most of this information is murky to the majority of those charged with developing compliance programs or those who face litigation. With nearly 50 whistleblower regulations spread across 33 governing bodies, it is nearly impossible to remain up to date with an ever-evolving industry such as compliance, where new precedent is added every day. As whistleblower compliance becomes better defined, companies must understand the risks they face and create internal processes to address the dangers. Since the strategies to combat risk are just continuously changing as legal precedent, any clarifying information is a huge asset for compliance development. Compliance professionals need the resources, tools, and strategic partners top build their programs in a way that is effective and sustainable for their organizations. A perceived problem is often the lack of momentum between “compliance theory” and “compliance management.” In my option, looking at Pearlman’s insight can help you find practical examples to gain traction and streamline compliance process.

Whistleblower Compliance Webinar

The SEC recently issued its final regulations to Dodd-Frank's whistleblower bounty provisions. This presentation will highlight salient aspects of those provisions, identify the attendant risks, and provide practical ways to head-off whistleblower claims and strengthen defenses where litigation is unavoidable.

Check out our archived webinar to learn about whistleblower compliance and the Dodd-Frank Act.

 

About the Author

As EthicsPoint’s Director of Marketing, Jeff Mills is responsible for developing and executing marketing strategy, customer acquisition, and prospect cultivation, branding, interactive marketing, PR, analyst relations programs. Jeff brings more than 10 years of experience in sales and marketing, the last eight of which have focused entirely on interactive marketing and customer acquisition. Prior to EthicsPoint, Jeff worked as Vice President of Products and Director of Strategy and Sales for an interactive marketing agency. And prior to that as a researcher and project manager for Gartner.

Ethics Issues In Business

Mon, 12 Dec 2011 00:00:00 GMT

Ethics Issues in Business:

Creative License and the Cartman Effect

Business leaders know that one of the ethics issues every company faces is the honesty and integrity of employees. Are some employees more likely to stretch the truth than others?

A recent study published in the Journal of Personality and Social Psychology asserts that right-brained creative types are 40%-80% more likely to wander into the ethical gray area than their more analytical counterparts. As the branding/creative here at EthicsPoint, this grenade landed right under my chair. I had to investigate.

Author Dan Ariely of Duke University was intrigued by the psychological profiles of various Enron, Tyco and WorldCom masterminds. Ariely decided to see if there were any common personality traits. Understand the mouse, build a better trap? I wanted to be insulted, but the results were not at all surprising when you break it down.

Creative people are driven to challenge perceptions. We want to help you look at things in a different way. As a result, we tend to be handy with things like divergent – or ‘outside the box’ – thinking, and cognitive flexibility (sort of bending reality to our own purposes). Anecdotally, I can also say that creatives tend to have slightly larger egos. It can result in their feeling exempt from the rules or entitled to change them as needed. Truly great creatives treat reality like a loose tooth: it’s to be persistently wiggled and poked at and pried out in favor of designing something bigger and better.

 

The Unethical Business Leader

Enter: former Enron CEO, Jeffery Skilling. A very creative guy. When those pesky rules of commodities trading were slowing him down, he simply designed some new math. He built tools for assigning actual value to the potential success of a venture before it even left the drawing board. Neat trick. It was like me telling my bank manager I’ll be depositing $500,000 on Thursday, so I’d like to go ahead and collect my first interest payment today, if you please. Yes, large bills are fine.

It’s widely thought that Skilling didn’t see this as cheating. He never once shied away from his creation. In fact, he crowed about it loudly and often. Enron wrote an entirely new reality for itself and Skilling saw that It Was Good. And on the seventh day, he cooled his heels in a Federal penitentiary where he’ll spend 24 years getting creative with an orange jumpsuit.

While most of us won’t ever defraud the public on such a grand scale, we all engage in some degree of rule-bending. Then the scope and severity of that bending increase as additional considerations are met:

The action won’t cause any immediate or obvious harm, or the impact would be very removed/abstracted from the cheater. (I know the material, I just don’t test well; it’s okay if I get the answers in advance).

The action or potential impact is seen as deserved in any way. (My company doesn’t pay me what I’m worth, so it’s only fair that I should accept kickbacks from my vendors, etc.). This Robin Hood/Che Guevara argument is especially powerful because it turns immoral behavior into justifiable retribution.

Finally, we’re FAR more inclined to cheat when there’s a low likelihood of getting caught. We’ll do a lot of very unsavory things if we’re sure no one will find out. Clearly we don’t mind being dishonest, we just don’t want to be seen as dishonest.

It’s good to know that there are at least a few natural valves for controlling our darker impulses. But we can see how a creative personality may be better equipped to build a convincing rationale for improving their condition through unethical means.

 

The Cartman Effect

After dining on academia, I decided to cleanse my palette with a little South Park. Ironically, the show had Cartman in a ‘Stand and Deliver’ situation – upside down and backward, of course. In the Edward James Almos role (complete with comb-over and thick glasses), Eric was trying to convince a classroom full of Hispanic kids that they needed to cheat on an upcoming test. ‘How else do you think white people have gotten ahead in everything? They CHEAT!’ The show was zeroed in on a videotaping scandal with the New England Patriots. But a number of recent college athletics scandals and the Occupy Wall Street events made this a nicely-timed rerun.

We all know that South Park is just a raunchy, deliberately inflammatory cartoon. However, this piece of subtext is resonating on a large scale right now: Those in power have an unwarranted or ill-gotten advantage over the little guy. Cheating simply levels the playing field.

As an ethical business leader, the last thing you need is a bunch of Robin Hoods and Che Guevaras (or Eric Cartmans) running amok in your operation. How are you addressing this kind of thinking?

 

Ethics in Business: Real world implications

Realize this is first-and-foremost an excellent communication opportunity. Bring your Creatives back from the Dark Side and get them engaged in problem-solving. Challenge: Show everyone that they are real stakeholders in the success of the organization.

Get a few of your crackerjack marketing specialists to design an internal campaign around your Open Door policy – we’re actively promoting transparency, enforcing our policies at every level, and showing real appreciation to those who come forward to help. Remember the third rule of rule-bending: People are far less likely to engage in questionable behavior when there’s a high likelihood of getting caught. Find ways of saying “we’re watching” without actually saying “we’re watching.”

Then make sure that you have the systems in place with sufficient fail-safes at every level to ensure that issues are getting documented and handled effectively. When your people feel heard and see consistent behavior in their leadership, they are more inclined to contribute to an ethical work environment.

 

Business Ethics Webinar

Have you ever worried that pushing your employees for results may increase the use of unethical means to achieve stated goals? How can you change the organizational climate in order to encourage ethical behavior? New research shows that productivity goals may increase unethical behavior but that subtle symbols, posters, and slogans may work to increase ethical mindfulness.

Check out our archived webinar to learn about new research that shows that productivity goals may increase unethical behavior, and the tactics you can use to increase ethical mindfulness in a competitive work place.

About the Author

With a life-long love of the arts and music, Julie’s professional career can best be described as a Creative Evangelist. Her message: Principles of good design and creativity are not just for Marketing. They need to be pulled up and applied across the entire organizational strategy. In short, good design is good for business.

Prior to joining the EthicsPoint team in 2010, Julie spent 12 years running her own creative agency. Her work can be found in thousands of campaigns around the world for clients like adidas, Nike, Tektronix, and Stanford Hospital & Clinics. When she’s not turning business owners into aficionados, Julie is a passionate foodie, published poet and essayist, and she plays a mean tambourine.

The Culture of Whistleblowing: Two Experts Debate the Impact of Dodd-Frank Bounty Protections on Internal Compliance Programs

Wed, 07 Dec 2011 15:59:53 GMT

Effective April 2011, the new Dodd-Frank whistleblower protections and their controversial bounty program for reporting fraud within an organization are hot topics for compliance professionals this year. Commentary from industry experts, analysts and lobbyists runs the gamut from “the sky is falling” to “same old, same old (as False Claims Act).” Join us to debate with leaders from both sides of the issue – corporate interests and whistleblowers.

The Dodd-Frank Act: A Best Practice Approach to the Ethics & Compliance Implications

Wed, 07 Dec 2011 13:38:33 GMT

The Dodd-Frank Act includes a new provision that introduces substantial incentives to internal corporate "whistleblowers" who report instances of fraud to the U.S. Securities and Exchange Commission SEC. Now, the failure to adequately capture and respond to employee concerns increases overall employer risk.

Productivity vs. Ethics: Winning at Both

Tue, 06 Dec 2011 13:27:02 GMT

University Compliance Culture

Mon, 05 Dec 2011 00:00:00 GMT

University Compliance Culture: Lessons from Penn State and Syracuse

Maintaining open communication is a cornerstone of building a great organization, company and culture. A culture of compliance and an environment of transparency provide a means for both opportunities and issues to be brought to the foreground and effectively managed. According to the Corporate Executive Board (CEB), when employees are comfortable sharing honest feedback, it correlates with strong business returns and provides the organization with “integrity capital.”

No event provides a clearer contrast between “philosophy” and “behavior” than recent issues in the athletic departments of both Penn State and Syracuse universities as chronicled in the media. At Penn State, the football program’s motto, “Success with Honor,” was largely predicated on Joe Paterno’s brand and commitment to academic integrity along with athletic excellence. There is no telling if either brand can ever be repaired, but future generations will have a very different perspective.

When a distraught graduate assistant told Paterno in 2002 that he had seen Sandusky with a boy in the locker-room showers, Paterno reported the incident to the athletic director but did nothing further, according to the grand jury statement. In other words, the great molder of young men discharged his legal obligation and moved on, according to the New York Times.

I can’t think of a better way to demonstrate “integrity capital” than by responding appropriately to issues and concerns. With Penn State we have a clear example of the risk of information being lost, stuck or siloed, and only a glimpse to the harm that can occur as a result. The reduced donations from alumni, the reduction in applications and pain being felt by a community as a result of the scandal and the loss of trust in their leadership will be devastating.

Both academic and athletic excellences are grand motivations to build a university around, but in this situation they fell apart due, in part, to poor communication. According to the HOW Report, a recent study by The Boston Consulting Group, The Center for Effective Organizations at the University of Southern California and LRN, organizations where purpose and values inform decision making and guide behavior have fewer instances of misconduct, higher retention, loyalty and higher levels of financial performance. That was not the case in this instance as no one followed up on reports made about Jerry Sandusky beyond what they were required to do – not head coach Paterno, not the graduate assistant – and the chain of responsibility appears to have ended with the athletic director and/or university president.

To avoid that occurring at your own organization, building a great culture and installing values and purpose throughout your organization or business should be viewed as a critical objective. Having clear benchmarks, metrics and collecting relevant information is a key component to operating an effective program that responds adequately to any issue, risk or opportunity in the stakeholder community. This measurement, described as “Organizational Justice” by the CEB, and as “self-governance” in the HOW report, can and should be measured and improved.

The CEB says that organization justice is the dominant source of integrity capital, defined by an employee’s agreement that the company responds quickly and consistently to verified or proven unethical behavior, and that unethical behavior is not tolerated. I am sure we can agree that the broader community will say that this is precisely where both Penn State and Syracuse fumbled the ball.

Ensuring effective implementation of compliance, ethics and communication programs requires organizations to take a more rigorous approach to documenting, routing and measuring this information throughout the stakeholder community. Providing managers, faculty, staff and students with consistent processes, policies and procedures helps to start the process. Ultimately how the organization then responds to the information and provides feedback becomes mission critical to not only reducing risk, but to building a great culture.

About Stephen Molen

Stephen Molen is the Director of Strategic Solutions for EthicsPoint, a leading provider of Governance, Risk and Compliance software & services that help clients protect their culture and reputation by providing visibility into the actual risks impacting their business. Stephen and EthicsPoint are based in the pacific northwest just outside of Portland Oregon.

Stephen has been working in the Governance, Risk and Compliance market for the past 7 years, and has advised numerous companies on the adoption of best practice solutions to aide in the evolution of their GRC Strategy and the protection of their brand. Prior to leading the solutions team, Stephen was the National Account Manager for the Oil & Gas, Energy, Utilities, Hospitality & Leisure, Real Estate & Construction, and Manufacturing market segments, working with Global 500 customers.

Stephen is a frequent speaker on ethics & compliance solutions and has worked with the SCCE, OCEG, EthicsPoint, and at national conferences. In his off time, Stephen looks to celebrate life with friends and family. As an avid cook, he loves to experiment with new ingredients and local flavors, specializing in Caribbean fare to carry on the traditional foods of his family’s heritage.

Dodd Frank Act Solutions

Thu, 17 Nov 2011 00:00:00 GMT

The Dodd-Frank Act Solution

In a recent customer discussion with a large technology firm, the Chief Compliance Officer reminded me of a story that demonstrates the problem the Dodd-Frank Act is attempting to solve.

A group of people are asked to go into a dark room and touch what they find there – an elephant. Each one feels a different part, but only one part, i.e. the side or the tusk. They then compare notes and learn that they are in complete disagreement as to what was in the room.

Resulting from Sarbanes-Oxley Act (SOX) guidelines, organizations have been tasked with implementing whistleblower hotlines to provide employees with a confidential avenue to report wrongdoing. These hotlines provide a small fraction of the complete picture of organizational risk across the enterprise and often are seen as a “last resort” communication channel. Most companies provide a variety of other channels for employees to report issues (including managers, human resources, and company leadership), but fail to effectively document this information.

From my point of view as an employee in a leadership position, I believe it is critical to the success of our business that we have a great company culture. Not only does a great culture give me confidence that we provide a great product, but it provides stability for people and their families and enables employees’ personal work experience to be fulfilling and meaningful.

 

Do we need the Dodd-Frank Act?

It surprises me that Dodd-Frank was needed in the first place. Don’t business executives around the country all strive to operate businesses with a great corporate culture? I guess, as a person who pays attention to recent media headlines, the answer would have to be “no.”

Recent studies including “Big Headlines, Not-So-Big Impact” from the Society of Corporate Compliance & Ethics (SCCE) found that almost 70% of respondents would not be changing their program at all as a response to Dodd-Frank. So if fraud is still prevalent, are we to assume that SOX did not work and that Dodd-Frank is additional legislation attempting to force businesses to implement a greater degree of transparency? I believe the answer is “yes” and that the compliance community should consider the broader ramifications.

If we are only measuring whistleblower hotline report volume, we really have no idea of what is truly being reported within our own organizations. According to the Compliance & Ethics Leadership Council, 80% of the data that provides a clear picture of enterprise risk is being lost, stuck or siloed, and not being gathered to create a complete picture.

In addition recent study by the National Whistleblowers Center found that almost 90% of employees who eventually seek litigation initially reported their concerns internally, either to a supervisor or the legal/compliance department.

This information demonstrates how the failure to adequately capture and respond to employee concerns increases the risk of escalation to government channels and the potential for significant costs related to litigation, fines and damage control.

 

Avoid Dodd-Frank Act Fines: Combat Complacency

Increase awareness and strengthen internal communications about how, what and where to report. This reduces the likelihood employee will report to the federal government or seek outside legal counsel. A strong program also gives the organization a defensible position during a legal action or investigation by the government. Consider an internal marketing campaign and employee surveys to increase feedback and knowledge.

Demonstrate Greater Visibility: Gain a more complete picture of actual risk events being faced by your organization by increasing documentation and consistency across all channels. Value: company can take care of issues before they get out of hand reducing likelihood of morale issues or litigation exposure. Streamline investments in training, education and other risk mitigation strategies.

Create a streamlined issue management processes to ensure consistent handling and successful resolution of issues. Value: happy employees, ensures employees are treated fairly and consistently creates a better, more productive work environment.

Improve Employee Perception: Defined as “organizational justice” by the Compliance & Ethics Leadership Council, leading companies show employees that when unethical behavior is uncovered, people are held accountable and the company does the right thing. Consider writing a blog or posting stories to help employees get clarity on your vision and tone of your culture.

Engender strong employee confidence in monitoring programs. This results in higher productivity, lower turnover and better brand integrity which, according to the Compliance & Ethics Leadership Council, yields 5.8% higher shareholder returns.

Dodd Frank Act Webinar

The Dodd-Frank Act includes a new provision that introduces substantial incentives to internal corporate "whistleblowers" who report instances of fraud to the U.S. Securities and Exchange Commission SEC. Now, the failure to adequately capture and respond to employee concerns increases overall employer risk.

Check out our archived webinar to view the components of our Dodd-Frank solution and how it provides your most relevant employees with the case management tools and repeatable processes they need to most effectively comply with Dodd-Frank regulations.

About Stephen Molen

Stephen Molen is the Director of Strategic Solutions for EthicsPoint, a leading provider of Governance, Risk and Compliance software & services that help clients protect their culture and reputation by providing visibility into the actual risks impacting their business. Stephen and EthicsPoint are based in the pacific northwest just outside of Portland Oregon.

Stephen has been working in the Governance, Risk and Compliance market for the past 7 years, and has advised numerous companies on the adoption of best practice solutions to aide in the evolution of their GRC Strategy and the protection of their brand. Prior to leading the solutions team, Stephen was the National Account Manager for the Oil & Gas, Energy, Utilities, Hospitality & Leisure, Real Estate & Construction, and Manufacturing market segments, working with Global 500 customers.

Stephen is a frequent speaker on ethics & compliance solutions and has worked with the SCCE, OCEG, EthicsPoint, and at national conferences. In his off time, Stephen looks to celebrate life with friends and family. As an avid cook, he loves to experiment with new ingredients and local flavors, specializing in Caribbean fare to carry on the traditional foods of his family’s heritage.

Special Breakfast Event - The UK Bribery Act and Beyond: Compliance in a Global Market

Mon, 14 Nov 2011 10:54:52 GMT

Ethics in Higher Education Administration, the Duties and Responsibilities of an Ethics Officer

Wed, 09 Nov 2011 14:22:58 GMT

Understanding Global Fraud in 2011: The Kroll Annual Global Fraud Report

Tue, 08 Nov 2011 14:10:40 GMT

The Bribery Act 2010: The SFO's Approach to Enforcement

Wed, 26 Oct 2011 13:36:10 GMT

With enforcement of the Bribery Act of 2010 expected to begin in April 2011, there remain questions with regard to a number of key areas within the legislation. The head of UK’s Serious Fraud office, responsible for enforcement of the Act, will join us for an informative and frank conversation aimed at clarifying much of this uncertainty.

EthicsPoint Among Fastest Growing Tech Companies

Wed, 19 Oct 2011 00:00:00 GMT

EthicsPoint Ranked Number 340 Fastest Growing Company in North America on Deloitte’s 2011 Technology Fast 500™

Strong Growth Attributed to Increased Demand for Innovative Governance, Risk and Compliance Solutions

Portland, Ore., October 19, 2011 — EthicsPoint today announced it ranked No. 340 on Deloitte’s Technology Fast 500™, an annual ranking of the 500 fastest growing technology, media, telecommunications, life sciences and clean technology companies in North America. EthicsPoint grew 237 percent during the relevant period.

EthicsPoint’s chief executive officer, Mark Reed, credits the way the company has been able to effectively answer growing market needs for governance, risk and compliance (GRC) software with the achievement of 237 percent revenue growth.

“Given the current economic climate, we’ve been fortunate to provide software and services that address a growing business need, enabling organizations to identify, analyze and address their fragmented GRC data,” said Reed. “EthicsPoint clients consistently realize better employee relations, improved brand equity and higher share value than they had prior to deployment.”

“EthicsPoint, like all 2011 Technology Fast 500™ companies, has excelled in fostering innovation and channeling it into spectacular growth -- against the backdrop of one of the most challenging economies in history,” said Eric Openshaw, vice chairman and U.S. technology, media and telecommunications leader, Deloitte LLP. "Deloitte recognizes EthicsPoint for its remarkable accomplishment.”

“We are pleased to honor EthicsPoint as a 2011 Technology Fast 500 company,” said Mark Jensen, managing partner, technology and venture capital services, Deloitte & Touche LLP. “As one of the fastest growing tech companies in North America, EthicsPoint has demonstrated excellence in technological innovation, entrepreneurship and rapid growth.”

Overall, 2011 Technology Fast 500™ companies achieved revenue growth ranging from 134 percent to 70,211 percent from 2006 to 2010, with an average growth of 1,736 percent.

About Deloitte’s 2011 Technology Fast 500™

Technology Fast 500, which was conducted by Deloitte & Touche LLP, a subsidiary of Deloitte LLP, provides a ranking of the fastest growing technology, media, telecommunications, life sciences and clean technology companies – both public and private - in North America. Technology Fast 500 award winners are selected based on percentage fiscal year revenue growth from 2006 to 2010.

In order to be eligible for Technology Fast 500 recognition, companies must own proprietary intellectual property or technology that is sold to customers in products that contribute to a majority of the company's operating revenues. Companies must have base-year operating revenues of at least $50,000 USD or CD, and current-year operating revenues of at least $5 million USD or CD. Additionally, companies must be in business for a minimum of five years, and be headquartered within North America.

About EthicsPointEthicsPoint, a leading provider of enterprise risk awareness solutions, helps organizations align their governance, risk and compliance (GRC) processes with overall business strategy. We protect corporate cultures and reputations by proactively revealing risk-related trends via the collection, management and understanding of their GRC-related data. More than 2,400 organizations currently use our solutions to increase the quality of GRC data reported to boards and executive teams to facilitate better business decisions. To find out how, please visit www.ethicspoint.com.

###

Is the Sky Falling? Three Things You Need to Know To Respond Effectively to the New Corporate Whistleblower Rules Under Dodd-Frank

Fri, 07 Oct 2011 09:50:58 GMT

ROI of GRC Series: Improving Operational Efficiencies

Fri, 30 Sep 2011 09:47:28 GMT

Leveraging Technology to Improve the Intake and Management of HR Issues: A Conversation with EthicsPoint

Mon, 19 Sep 2011 15:32:32 GMT

EthicsPoint Retools

Fri, 16 Sep 2011 00:00:00 GMT

The last several months have been transformative at EthicsPoint Inc. After more than a decade of rapid growth behind founder Dave Childers, the Lake Oswego-based maker of compliance and risk management software is entering a new phase with new leadership.

Mark Reed, a former consultant to the company, took over as CEO and president following Childers’ July 1 resignation, said he has crafted a new strategy that will grow EthicsPoint "in an organic and disciplined fashion."

That EthicsPoint is growing and will continue to grow appears to be a given among the company’s current and past leadership.

Read the full story

Health Care Information, HITECH Breach Notification and HIPAA Privacy & Security: Can you Demonstrate a Good Faith Effort?

Wed, 07 Sep 2011 14:37:10 GMT

The Cost of (non) Compliance

Tue, 06 Sep 2011 09:22:27 GMT

Compliance Week Editorial Roundtables

Tue, 30 Aug 2011 00:00:00 GMT

Every year, Compliance Week hosts a number of intimate "on-the-record" Editorial Roundtables.

These unique invitation-only events are designed to foster the sharing of ideas with a small group of compliance and risk leaders in a forum that is relaxed and informal.

Hosted by Compliance Week editor-in-chief Matt Kelly and attended by a Compliance Week reporter and photographer, the Roundtables are covered in a subsequent edition of Compliance Week. This ensures that all Compliance Week readers can benefit from the "thought leadership" generated at the event.

Read More

10 Common Misconceptions that Increase the Likelihood of FCPA Violations

Mon, 22 Aug 2011 11:19:03 GMT

Join this conversation among a panel of experts,

including the authors of the 10 Common Misconceptions

that Increase the Likelihood of FCPA Violations white paper.

Why Ethics are Needed When the Law Governs

Thu, 18 Aug 2011 09:23:19 GMT

Tactics for Defining and Executing Systematic, Risk-Based Third-Party Due Diligence for FCPA Compliance

Tue, 16 Aug 2011 14:57:20 GMT

Learn how to create a third-party management program – providing the confidence your Executives and Board of Directors demand – that exceeds DoJ, SEC and international enforcement agency anti-corruption compliance requirements.

National Restaurant Assocation Internal Auditors Study Group

Tue, 16 Aug 2011 08:33:28 GMT

2011 ACUA Annual Conference

Tue, 16 Aug 2011 08:21:08 GMT

Effective Reporting to the Board on Compliance and Ethics Issues

Fri, 12 Aug 2011 16:57:39 GMT

Understanding The New Whistleblower Regime And How To Minimize The Risks

Wed, 10 Aug 2011 09:19:59 GMT

Policy Management Compliance

Tue, 09 Aug 2011 00:00:00 GMT

Policy management has become a hot topic lately. Thanks to several recent trends and incidents in compliance—dumb employee use of social media here, a class-action lawsuit over pay discrimination there, and regulatory enforcement actions all over the place—companies are dusting off their policy manuals with an eye toward streamlining and reforming their approach to corporate policy making. These developments are a stark reminder to all companies that the mere existence of a policy means nothing if it isn't applied and enforced at the corporate level.

At a recent editorial rountable in Boston hosted by Compliance Week and software firm EthicsPoint, compliance, legal, and audit executives shared how they manage the policy-making process. Participants talked through the need for a “policy on policies,” the distinction between policies and procedures, the difficulties of setting uniform policies worldwide, the eternal hassle of exception requests, and the training needed to ensure that policies are followed.

The most vexing challenge, many agreed, is developing a single corporate policy that can be applied across global operations. Boston Scientific, for example, is expanding its business operations at a rapid pace in various countries around the world. “Marrying the corporate objectives of a policy with the local laws and cultural considerations in countries where we are doing business is an area of focus for us right now,” said Jessica Pill, director of global compliance investigations for the $7.8 billion medical device maker.

Shop Talk: Executing Enterprise-Wide Policy Management

Tue, 09 Aug 2011 00:00:00 GMT

Creating Organizational Value While Increasing Efficiency

Wed, 03 Aug 2011 11:03:49 GMT

Demonstration of EthicsPoint Benchmarking

Wed, 03 Aug 2011 11:02:53 GMT

Join us for an interactive demonstration of the newly released Benchmarking Module of our Issue & Event Manager application. In the discussion we will review how, by taking a closer look at your own data over time as well how you compare against your industry or other similarly-sized organization within the EthicsPoint customer population, you can gain valuable insight into internal GRC-related trends.

Best Practices to Promote Your Code Of Conduct

Wed, 03 Aug 2011 11:02:43 GMT

We all know that simply having a code of conduct doesn't mean employees will understand it, adhere to it, or even know that it exists. The challenge is to find creative ways to communicate it internally so it will encourage employees to become active participants in upholding your company's high standard of business ethics.

Hotlines in the European Union

Wed, 03 Aug 2011 11:02:34 GMT

Join Amanda Mayhew, General Counsel, Corporate Secretary and Privacy Officer of EthicsPoint and Mike Hyatt-Evenson, Director of Client Services, as they discuss recent legal rulings on the use of hotlines within European Union countries with strict data privacy laws.

Quick Tips & Tricks That Will Make Your Life Easier - for Professional and Enterprise Clients

Wed, 03 Aug 2011 11:02:26 GMT

Learn About Intake Models and the Value of Web Intake Forms

Wed, 03 Aug 2011 11:01:23 GMT

Tips and Tricks for Using Pivot Grids

Wed, 03 Aug 2011 11:01:11 GMT

A Campus Conversation on Ethics

Wed, 03 Aug 2011 11:01:01 GMT

This session will describe Texas Tech University’s journey though an institutional ethics movement involving faculty, staff, administration, and students. The ethics initiative began to meet the Quality Enhancement Plan requirement of TTU’s accrediting body—the Southern Association of Colleges & Schools—but has taken a life of its own to the entire campus through the passion and dedication of the people involved.

Expert Panel: HR's Role in Fostering Ethics and Compliance

Wed, 03 Aug 2011 10:49:49 GMT

The Emergence of the Chief Risk Officer

Wed, 03 Aug 2011 10:42:51 GMT

This webinar will help the attendee understand how an organizational structure that includes a Chief Risk Officer can help the institution look at risk in a comprehensive manner.

Got Breached? Protect Your Company’s Reputation and Business with Effective Crisis Management Planning

Wed, 03 Aug 2011 10:39:12 GMT

When a data breach occurs in your company, how will you respond? Do you have a crisis management plan in place?

Unraveling the Mysteries Around User Setup in Professional and Enterprise

Wed, 03 Aug 2011 10:38:59 GMT

Risk and Incident Management: Getting the Right Information at the Right Time

Wed, 03 Aug 2011 10:37:50 GMT

When an issue is brought forward in a face to face conversation with a manager or HR, how do you ensure the follow up is consistent across your organization? Answer this question and more as you join David Wilber, COO for Eggleston Services, for an in-depth webinar on risk and incident management.

Meric Bloch - II - Is Your Organization Adequately Prepared to Fight Today's Workplace Fraud?

Wed, 03 Aug 2011 10:34:54 GMT

You won't want to miss nationally acclaimed speaker Meric Craig Bloch, Vice President - Compliance and Corporate Investigations, Adecco Group North America. He is an expert on workplace investigations and author of An Insider’s Guide to Workplace Investigations, Building the Process in Your Company. Meric will focus on preparing investigators, auditors, mid-management, and other investigation process owners to increase their readiness to detect and prevent workplace fraud.

Meric Bloch Series Part 2: Fundamentals of a Workplace Investigation

Wed, 03 Aug 2011 10:34:43 GMT

You won’t want to miss the opportunity to hear renowned author Meric Craig Bloch present this extraordinary three-part series based on his newly released book, “An Insider’s Guide to Workplace Investigations.”

Take Advantage of Valuable GRC Resources Through our OCEG Partnership

Wed, 03 Aug 2011 10:34:32 GMT

Proactive Case Management: Returns on Investment

Wed, 03 Aug 2011 10:34:21 GMT

This webinar will demonstrate how companies can realize an immediate ROI through proactive case management of reported issues and events.

Feds Put Companies on Notice: Detecting and Responding to “Red Flags” of Identity Theft

Wed, 03 Aug 2011 10:34:09 GMT

Do you know how your business will be affected by the new Identity Theft “Red Flag” regulations recently enacted by the FTC? Are you ready to respond?

Gaining Efficiency & Insight by Taking an Enterprise Approach to Issue & Event Manager

Wed, 03 Aug 2011 10:33:49 GMT

Stronger Spotlights, Larger Stages: The Expanding Role of the Chief Compliance Officer

Wed, 03 Aug 2011 10:33:29 GMT

Frequently Asked Questions in 2009

Wed, 03 Aug 2011 10:33:18 GMT

Recent trends in sexual harassment and discrimination in the workplace

Wed, 03 Aug 2011 10:33:08 GMT

This seminar is rescheduled from April 20th. If you were registered for that event you do not need to re-register. This web seminar is designed for senior HR professionals and managers who already have some understanding of HR policies and procedures dealing with sexual harassment and sex discrimination. Ms.Gutek will discuss how to protect your company through its' code of conduct.

SAS 112 – Does it Make a Difference to Your Campus' Audit?

Wed, 03 Aug 2011 10:32:57 GMT

The AICPA has issued Statement of Auditing Standards (SAS) 112, "Communicating Internal Control Matters Identified in an Audit." External audits of colleges and universities will be conducted under this new standard which significantly impacts the communication requirements and definitions surrounding internal control matters. This webinar focuses on highlights of this new standard.

An Interactive Dialogue and Discussion on Updates to Data Privacy Laws

Wed, 03 Aug 2011 10:32:37 GMT

Join Amanda Mayhew and Bill Piwonka as they review the critical information you need to know about data privacy, and provide best practice advice and considerations for operation of your whistleblower hotline while debunking some popular myths.

Tricky Issues! Conducting C-Suite Investigations

Wed, 03 Aug 2011 10:32:26 GMT

The Dark Side of Aggressive Goal Setting in the Workplace: A Shortcut to Unethical Behavior

Wed, 03 Aug 2011 10:32:16 GMT

Join us for an intriguing discussion on how setting goals can have systematic, negative effects and can focus attention too narrowly, increase risk taking, and lead to unethical behavior.

Good Governance in Government – Launch of Rutgers Center for Government Compliance and Ethics

Wed, 03 Aug 2011 10:32:08 GMT

Join Emil Moschella and Paula Desio to learn about the recently-established Rutgers Center for Government Compliance and Ethics.The Center's mission is to advance the application of compliance and ethics governance principles, as originated in the Federal Sentencing Guidelines for Organizations and reflected in over two decades of experience with industry best practices, to government organizations at all levels.

The SEC's New Regulations To Dodd-Frank -- Whistleblowing On Steroids

Wed, 03 Aug 2011 10:31:57 GMT

Be the first to learn about the SEC’s newly issued regulations to the Dodd-Frank Act’s whistleblower provisions, learn best practices for identifying and minimizing risks related to SOX and Dodd-Frank whistleblower claims and gain insight into the effective methods of defending these claims where litigation is unavoidable.

Meric Bloch - I - Is Your Organization Adequately Prepared to Fight Today's Workplace Fraud?

Wed, 03 Aug 2011 10:31:47 GMT

You won't want to miss nationally acclaimed speaker Meric Craig Bloch, Vice President - Compliance and Corporate Investigations, Adecco Group North America. He is an expert on workplace investigations and author of An Insider’s Guide to Workplace Investigations, Building the Process in Your Company. Meric will focus on preparing senior executives, mid managers and practitioners to meet today’s challenges. Be one of the first 30 to register and receive a free copy of Meric's book.

Meric Bloch Series Part 1: Making the Business Case for Workplace Investigations

Wed, 03 Aug 2011 10:31:36 GMT

Healthcare Compliance – What every Senior Leader Needs to Know in 2011

Wed, 03 Aug 2011 10:31:23 GMT

Healthcare compliance has never been so critical, nor have the consequences for compliance failures been so severe. Join Jones Day Partner Frank Sheeder as he offers practical insight that every Healthcare Director, Officer and Senior Leader needs to hear in this challenging environment.

Best Practices for Managing Your Privacy Program

Wed, 03 Aug 2011 10:31:07 GMT

Does your organization have a plan in place to reduce the risk of sensitive data loss? Attend this webinar to learn how to assess your company's privacy program and develop a privacy strategy.

Conducting Investigations in a University Environment

Wed, 03 Aug 2011 10:30:56 GMT

In the university environment, allegations of fraud and misconduct can present significant economic and reputational risks. Learn from a panel of experts in this area, how to maximize the value of internal investigations on campus.

Demonstration of EthicsPoint Visualization Manager

Wed, 03 Aug 2011 10:30:46 GMT

Join Dave Drennan, Senior Product Manager, as he demonstrates the first new application added to the EthicsPoint software Framework announced in May.

Not Your Father’s Board Training - What Today’s Boards Need to Know About Ethics and Compliance

Wed, 03 Aug 2011 10:30:36 GMT

Attendees will better understand the context and rationale for modern board training and engagement on compliance and ethics, including specific recommended techniques and best practices, to meet current heightened expectations for board oversight and discharge duty to prevent corporate wrongdoing.

Corruption and Bribery: How EthicsPoint Solutions can Help

Wed, 03 Aug 2011 10:30:27 GMT

As part of our Corruption and Bribery webinar series, we are providing a follow-on webinar where we will demonstrate how our solutions and services can help you get a handle on the complex world of compliance management.

Kroll Global Fraud Report 2009 / 2010: Assessing the Impact of the Global Economic Decline

Wed, 03 Aug 2011 10:30:17 GMT

This webinar will explore how the financial crisis has changed the effects of the risks underlying fraud and assess its impact on businesses around the world. Kroll will share its unrivalled expertise in dealing with fraud and corruption with this executive audience and offer actionable strategies to protect company interests at home and abroad.

Data Breach “Cyber” Insurance and Response

Wed, 03 Aug 2011 10:30:08 GMT

Are you prepared to manage the risks associated with a data breach? Do you know what your response should entail?

Attendees can expect to better understand the risks associated with information security and privacy, how to respond to an event and the insurance options available to them.

The FCPA Year In Review: How Recent Investigations and Prosecutions Will Impact Compliance Programs

Wed, 03 Aug 2011 10:29:48 GMT

Enforcement and prosecutions for violations of the United States <A href="http://www.ethicspoint.com/resources/knowledge-center/fcpa-and-uk-bribery-act.aspx">Foreign Corrupt Practices Act (FCPA)</A> continue to increase in number and magnitude with respect to the implications for others. In this session, our presenters speak on the lessons that can be drawn from recent enforcement actions and how these lessons can be applied in practical, cost-effective ways to mitigate corruption compliance risk.

The FCPA Year in Review: How Recent Investigations and Prosecutions Will Impact Compliance Programs

Wed, 03 Aug 2011 10:29:36 GMT

Dan Newcomb, a dean of the FCPA bar, and Philip Urofsky, a former FCPA prosecutor, both now at Shearman & Sterling LLP, a leading global law firm, speak on the lessons that can be drawn from recent enforcement actions and how these lessons can be applied in practical, cost-effective ways to mitigate corruption compliance risk.

Financial Aid Fraud: It Can Happen Here!

Wed, 03 Aug 2011 10:29:27 GMT

Join Leonard Loria, Senior Auditor at Cornell University, as he discusses how to uncover financial aid fraud, where to look for financial aid fraud, and what you need to know to evaluate its extent at your institution. Additionally, you will learn how to comprehensively investigate financial aid fraud, including use of internet resources.

Lessons Learned & Benefits Realized from Taking an Enterprise Wide Approach

Wed, 03 Aug 2011 10:29:16 GMT

Detecting and Responding to “Red Flags” of Identity Theft in the Energy & Utilities Markets

Wed, 03 Aug 2011 10:29:07 GMT

This webinar is key to helping leaders of energy and utility suppliers that issue credit to customers determine how they will be affected by the new Identity Theft “Red Flag” regulations recently enacted by the FTC. This webinar will explain to attendees how to efficiently and effectively prepare for compliance with the regulation deadline of November 1, 2008.

Increasing Insight through the Utilization of Advanced Reporting Capabilities

Wed, 03 Aug 2011 10:28:56 GMT

Join us as we provide some insight, tips, and best practices around the new analytics and dash boarding features of Issue and Event Manager Professional and Enterprise.

Developing a Culture of Honesty and Integrity...It's Not Easy!

Wed, 03 Aug 2011 10:28:45 GMT

How committed is your organization to developing a culture that

fosters open and honest behavior? If an organization is committed, they need to be willing to work hard to achieve that goal. Learn from Bob Phillips, co-author of the book "Absolute Honesty; Building a Corporate Culture That Values Straight Talk and Rewards Integrity," about the tools he has developed over his 30-plus years of business experience. Tools that he’s successfully used to introduce cultural change initiatives.

Demonstration of EthicsPoint Benchmarking

Wed, 03 Aug 2011 10:28:34 GMT

Unprecedented Whistleblower Provisions Created by the ARRA (aka "Stimulus Bill")!

Wed, 03 Aug 2011 10:28:23 GMT

Are you one of the thousands of companies receiving stimulus funds from the American Recovery and Reinvestment Act (ARRA)? Do you fully understand the impact the much-extended reach of the whistleblower provisions has on your compliance program? Join Frank C. Morris, Jr., Esquire, as he provides key insights into compliance with the sweeping whistleblower provisions and new level of accountability applicable to a broad range of recipients of covered funds.

What are Issue and Event Manager (IEM) Report Forms? Learn About Different Types of Intake Models and the Value of IEM Report Forms

Wed, 03 Aug 2011 10:28:13 GMT

Designing and Operationalizing an Incident Response Plan

Wed, 03 Aug 2011 10:28:02 GMT

Maintaining the privacy and protection of your customers’ and employees’ personal information is a risk management issue for all organizations. Is your organization prepared to effectively handle a data breach?

Professional Services: Lessons Learned from a Year in the Trenches

Wed, 03 Aug 2011 10:27:52 GMT

Addressing Your Most Pressing Compliance Challenges: Explore Innovative, Effective and Comprehensive Ethics & Compliance Solutions

Wed, 03 Aug 2011 10:27:43 GMT

Whistleblower Hotlines in the EU

Wed, 03 Aug 2011 10:27:33 GMT

This webinar will give you an update on the current trends and best practices in implementing and operating whistleblower hotlines in the EU. Our knowledgeable presenters, considered experts in this field, focus primarily on those EU countries with specific whistleblower guidelines including: France, Germany, Holland, Belgium, and the United Kingdom.

Not Just Another Day at the Office: Recent Changes in the Law Affecting the Workplace

Wed, 03 Aug 2011 10:27:22 GMT

Join Mark Downey, Partner, Munsch Hardt Kopf & Harr, P.C., as he discusses how employment laws affecting the workplace are changing significantly, requiring employers to change with them. With the information presented, employers will be in a better position to assess their current employment policies and practices to ensure compliance.

Under the Microscope: The New AdvaMed Codes of Ethics and Anticipated Transparency Regulations

Wed, 03 Aug 2011 10:27:09 GMT

Join Andrew Van Haute and Tom Schumacher, original members of the drafting committee of the new AdvaMed Code of Ethics as they discuss proposed transparency initiatives regarding industry interactions with health care providers.

Post-Breach Forensics

Wed, 03 Aug 2011 10:26:56 GMT

Once a data breach has occurred, there are critical steps that should be taken that can minimize the loss. This webinar focuses on a high level discussion regarding post-breach forensics and response to minimize losses.

Get Creative! Are You Optimizing Your Hotline Portal Page to Increase Employee Awareness?

Wed, 03 Aug 2011 10:26:38 GMT

FCPA Compliance & Investigative Due Diligence

Wed, 03 Aug 2011 10:26:22 GMT

This presentation provides an overview of current FCPA trends and highlights elements to implement an effective FCPA compliance policy. Join Ellen Zimiles, Founder and CEO, Daylight Forensic and Advisory LLC as she discusses the importance of Investigative Due Diligence and how to maximize its effectiveness.

IP Fraud/Protection - A Proactive Approach to Brand Protection

Wed, 03 Aug 2011 10:26:11 GMT

Is your company's brand adequately protected against the rapidly growing threat by counterfeit and grey market activity? Learn from Kroll's Business Intelligence and Investigation Division about proactive practices that can be implemented to guard against this threat.

Ethical Integrity Leadership: Setting the Tone from the Top

Wed, 03 Aug 2011 10:25:55 GMT

Studies show that organizations with ethical leadership at the top experience ethical behavior throughout. Is your senior management 100% engaged in demonstrating ethical leadership effectively? Join Howard Sklar, VP Compliance & Ethics at American Express Co. as he shares his extensive knowledge and gives examples of methods other large organizations have put into action using senior management to communicate ethics and values.

HR + Ethics & Compliance = A Critical Partnership

Wed, 03 Aug 2011 10:25:39 GMT

In this webinar, Vicki Sweeney, KPMG’s Principal in charge of day-to-day ethics and compliance activities, will share best practices on how to cultivate a relationship with your Human Resource department and practical tools that will ensure the partnership is mutually beneficial.

Managing Unethical Behavior at the Team Level

Wed, 03 Aug 2011 10:25:29 GMT

Join us on April 5, 2011 to gain a better understanding of the unique nature of unethical behavior in groups and teams along with potential solutions to the problem.

NCAA Compliance Auditing

Wed, 03 Aug 2011 10:25:16 GMT

The NCAA requires that “at least once every four years, its rules compliance program is the subject of evaluation by an authority outside of athletics department.”

Whistleblowing and the New Race to Report: The Impact of the Dodd-Frank Act and Proposed Changes to the U.S. Federal Sentencing Guidelines

Wed, 03 Aug 2011 10:25:03 GMT

Attendees will learn ten things organizations can do to evaluate and enhance their whistleblower systems in light of the Dodd-Frank Act’s whistleblower bounties and proposed changes to the Federal Sentencing Guidelines.

Grid Controls, Search Capabilities and Analytics

Wed, 03 Aug 2011 10:24:49 GMT

Ethics by Fear and Contract – The Explosion of New Rules and Risks in Federal Contract Activities; The Need for Effective, Preventive Compliance Measures

Wed, 03 Aug 2011 10:24:33 GMT

Join Alan Dickson, Partner, Holland & Knight LLP, as he shares the dramatically intrusive recent developments in the rules of ethical and compliant business operations concerning U.S. Government contracting and subcontracting and the increasingly severe consequences of failure to erect effective compliance measures.

The UK Bribery Act – Analyzing the Impact for UK and US-based Companies

Wed, 03 Aug 2011 10:24:18 GMT

The passage of the UK Bribery Act in the spring of 2010 heralds a new era in British anti-corruption enforcement. This Act is significantly stronger than the FCPA and is a game changer for UK and US-based companies. In this session, our presenter will discuss the Act and identify strategies for identifying whether your current compliance program is sufficient to meet these new requirements, and if not, provide best practice advice on complying.

What have you done for me lately: Adding business value through your workplace investigation

Wed, 03 Aug 2011 10:24:05 GMT

“What have you done for me lately?” How investigations can add value throughout an organization. This webinar examines how you can increase the value of the investigative department and furthers the goals of the corporation.

Fairness Matters: Driving a Culture of Justice and Respect

Wed, 03 Aug 2011 10:22:29 GMT

Join Dr. Stephen Gilliland, Arnold Lesk Chaired Professor of Leadership and Department Head, Eller College of Management, University of Arizona, for a practical demonstration on the what, why, and how of managing organizational fairness. With the information presented, attendees will learn how a culture of fairness can create a powerful differentiator for your organization.

Kroll Global Fraud Report - Corruption & Bribery

Wed, 03 Aug 2011 10:21:13 GMT

Pumping trillions of dollars into the world economy creates a once in a lifetime opportunity for corruption. How large the issue is, and the potential consequences on corporations, will be discussed in this webinar and the latest issue of the Kroll Global Fraud Report.

Data Privacy

Wed, 03 Aug 2011 10:20:02 GMT

Corruption Risks in Brazil, Russia, India and China: Real World Advice for Detection and Prevention

Wed, 03 Aug 2011 10:19:43 GMT

With an expected increase in transactions and business events in the emerging markets of Brazil, Russia, India, and China, companies can be especially vulnerable to FCPA and local country corruption violations. What are some of the different country specific corruption risks you may face when conducting business in these countries? Join us as we discuss specific corruption challenges companies may face in each of these emerging countries.

Employee Helplines: Safety Valve or False Security? (why many don't work and what to do about it)

Wed, 03 Aug 2011 10:19:22 GMT

Join Donna Boehme, Principal, Compliance Strategists LLC (and former Group Compliance and Ethics Officer of BP plc), for a frank, interactive discussion on the confidential employee helpline. With the information presented, attendees will learn key issues to address when structuring the helpline, the common gap areas, debunking some myths, why helplines can't operate in a vacuum and best practices of leading companies.

Beyond the Hotline: Best Practices in Issue Intake

Wed, 03 Aug 2011 09:30:18 GMT

ECOA 2011 Annual Ethics and Compliance Conference

Tue, 02 Aug 2011 23:23:49 GMT

Policy Management 101

Mon, 01 Aug 2011 00:00:00 GMT

Matt Kelly | August 01, 2011

Who knew that compliance officers could get so animated about policy management?

You did, apparently, since Compliance Week had a full house recently when we held our most recent editorial roundtable on that very subject in Boston with co-hosts EthicsPoint. Faithful readers of my column will recall that I'm a recent convert to the importance of policy management, but now I consider it one of the most engrossing challenges compliance officers face. Given the (as usual) excellent discussion at the roundtable the other week, so do you. Let me review some of the highlights here.

First, I was struck by one best practice that sounds like something out of Dilbert, but actually makes much sense: having a policy about policies. More than a few roundtable participants professed to having one, and others all thought it was a good idea.

10th SCCE Annual Compliance & Ethics Institute

Fri, 29 Jul 2011 18:04:57 GMT

Corporate Candor

Sat, 23 Jul 2011 00:00:00 GMT

Dante M. Velasco | Philippine Daily Inquirer

Only a few days ago, 11 members in the Cabinet of President Benigno Aquino signed the Integrity Pledge, with this vow: “To maintain transparent and appropriate financial reporting mechanisms,” among other things. The National PR Congress will focus on “transparency in communication,” and will highlight the Integrity Initiative of Journalist Che-che Lazaro.

Do we know enough of the new mantra called “transparency?” And while we are asking this question, the “Freedom of Information” bill is supposed to be bolstered by Presidential support.

A light and handy book— with heavyweights in leadership and management studies —is perched comfortably in any major bookstore, with a title that introduces a new buzz word—“culture of candor.” The full title is: “Transparency: How Leaders Create a Culture of Candor. The authors are known for groundbreaking ideas: Warren Bennis, Daniel Goleman and James O’Toole.

The book is tidily divided into three major sections: Creating a Culture of Candor, which was jointly written by Bennis, Goleman and Patricia Ward Biederman; Speaking Truth to Power, by O’Toole; and the New Transparency, by Bennis. It is a thin book of 130 pages, and yet every paragraph is packed with insights, research data, narrative of events to illustrate a point, and even a journey to antiquity as far back as 2,500 years ago—to show that man hasn’t changed; only technology is fast changing.

Immediately, the book advances a caveat: “Complete transparency is not possible.” The book cites that court records could not possibly reveal the details of a case, especially witnesses whose lives would be at risk.

And yet the book cites a compelling reason for organizational candor: it maximizes the probability of success.

George Washington is known for demanding unbiased information. He solicited intelligence from as many people as possible, even civilians, before going into battle. “He had an intuitive grasp of the dangers of the “shimmer effect.” The authors say, the “shimmer effect” confers god-like qualities to leaders and ascribe to them infallibility. Shades of the Pope’s infallibility!

A myth has even persisted in management practices that include this advice: “It is better to make a bad decision than making no decision at all.”

The authors recall the Bay of Pigs fiasco in 1962, when the late President Kennedy ordered an invasion of Cuba based on intelligence data that were not validated beyond the supposed experts. The US military and the State Department assured Kennedy of an armed underground of Cubans would rise against Castro. They did not tell him that a year-ago poll that showed majority of Cubans still supported Cuban strongman Fidel Castro.

So, how does one evolve a culture of candor in an organization, despite hard-to-break values of hoarding or hiding information?

The authors say it must begin with the CEO. “Leadership must show that speaking up is not just safe but mandatory.” It must be a policy to hear critical information, whoever delivers it—because, if we don’t, it may put the entire enterprise at risk.”

Transparency has given birth to new industries or research projects.

For example, Joel Kurtzman who developed a transparency measure called the “Opacity Index.” Opacity, which is the lack of transparency, can indeed be measured.

The book points out that, in the most recent Opacity Index, the United Kingdom topped the transparency index, followed by Finland, Hong Kong and the United States came fourth. The least transparent were Nigeria, Lebanon, Indonesia and Saudi Arabia. The book did not mention if the Philippines was included in the research.

Another enterprising move was the development of the Whistleblower Software, offered by EthicsPoint and Global Compliance Services. This software allows employees to anonymously report to management any suggestions or case of wrongdoing.

And yet some corporate values frustrate transparency, while encouraging, opacity. The authors said the tradition of “family secrets” have been brought to the boardroom in the form of company secrets— which discourage transparency.

They also identified “group think” as another barrier to corporate candor. Decisions are made by the top leaders, and are not shared downwards. Their research showed that the higher the leaders rise, the less honest feedback they get from followers about their leadership, due to this group think of limiting information sharing with the old boys network.

Lack of candor can be very disastrous. The book recalls the ill-fated Challenger which exploded in mid-air in 1987. Nasa did not learn its lesson: In 2003, there was the Columbia shuttle disaster. The authors lament Nasa’s organizational culture where engineers were afraid to raise safety concerns with managers who were more worried about meeting flight schedules.

The book is convincing when it prescribes ways to nurturing the culture of candor. Transparency is enhanced when an organization’s leaders are committed to it.

Actually, the authors cited a sobering fact: “Even when leaders resist it, transparency is inescapable in the digital age.”

Google has it impossible for any candidate to deny past actions or statements. YouTube has changed America’s political discourse.

In this idea-packed book, leaders and managers will have a roadmap toward transparency—or culture of candor. They speak of three elements to achieve this: Transparency, trust, and speaking truth to power.

“Speaking truth to power” is a new phrase in our leadership vocabulary. It means speaking the truth to your superior even if he is wont to shoot the messenger—meaning, you.

The devotees of candor should not be perturbed. The leaders who signed the Integrity Pact may want to go further and heed the advice of the three leadership gurus: Provide equal access to information to all, refrain from punishing those who constructively demonstrate imperial nakedness (remember the Emperor with no clothes?), refrain from rewarding spurious loyalty, and empower and reward principled contrarians.

The book introduces new words—necessarily so, because they are giving birth to a new leadership style. The contrarian is one who contradicts no matter of what. But they also advise that you should not be given to anger; don’t burn your bridges. The contrarians will take comfort in the fact that “we have a moral obligation to speak truth to power.”

The lack of privacy is perhaps the most unsettling aspect of the new transparency. “We are all public figures now,” said Thomas Friedman. The downside of transparency is we now live in glass houses.

The authors dish out this advice: “With the digital age’s millions of intrusive cameras, its constant potential for trumpeting past indiscretions through cyberspace, the new reality will force us to adapt or go mad. Since the cameras aren’t going away anytime soon, we’ll have to find a way to lower the blinds in our glass houses, if only in our minds.”

Better still, folks, lower the curtains, once you have bought this book. It will give you a wealth of insights and contexts that will make you an informed devotee of corporate transparency—or candor.

EthicsPoint Strengthens Leadership Team

Mon, 11 Jul 2011 00:00:00 GMT

Local SaaS Provider Adds One Executive, Promotes Another to Lead New Phase of Accelerated Growth

PORTLAND, Ore. — July 11, 2011 — EthicsPoint, a leading provider of enterprise risk awareness solutions, today announced the appointment of Bob Conlin as senior vice president of business strategy and the promotion of Tom McNamara to senior vice president of global sales.

Conlin will be responsible for leading the company’s strategy to package and deliver market-leading risk awareness solutions that drive increased value for clients. McNamara will take on increased responsibility for global sales as the company looks to expand its footprint overseas.

Conlin joins EthicsPoint with strong technology industry experience and a broad background in business development. In his former assignment as vice president of marketing at Accero, Conlin owned responsibility for marketing, business development and product management. Prior to joining Accero, he served as the chief marketing officer at Centive, where he led the successful transformation of the company from enterprise software to a pure-play SaaS provider and created a new product category – On-Demand Sales Performance Management.

“Bob brings the skills and experience a burgeoning company like EthicsPoint needs to achieve the accelerated organizational growth we are striving for,” said Mark Reed, president and CEO of EthicsPoint. “Together with the promotion of Tom McNamara, we are forming a core of executives who are committed to growing our business the right way, ensuring the building blocks of success are in place and team is equipped to achieve that growth.”

McNamara has led the EthicsPoint sales team since 2008, during which time sales growth has increased from $12M to $24M per year under his guidance. Along with revenue growth, he has led the effort to create the methodology and infrastructure needed to support the expansion EthicsPoint has experienced. This has included creating a sales management team, developing and deploying a rigorous training program for the sales organization, improving the utilization of a CRM solution and reducing the turnover rate, all of which have contributed to EthicsPoint gaining multiple Fortune 500 clients under his watch.

About EthicsPoint

EthicsPoint, a leading provider of enterprise risk awareness solutions, helps organizations align their governance, risk and compliance (GRC) processes with overall business strategy. We protect corporate cultures and reputations by proactively revealing risk-related trends via the collection, management and understanding of their GRC-related data. More than 2,400 organizations currently use our solutions to increase the quality of GRC data reported to boards and executive teams to facilitate better business decisions. To find out how, please visit www.ethicspoint.com.

2011 EthicsPoint User Forums

Fri, 24 Jun 2011 15:31:51 GMT

Slideshow: Fastest-growing companies

Thu, 23 Jun 2011 00:00:00 GMT

Portland Business Journal

Robert Goldfield, Special sections editor

June 23, 2011

Of the special sections I've edited over the course of the year, the Fastest-Growing Private 100 Companies is my favorite.

The list it contains gives a snapshot look of companies achieving great things despite a difficult economy. The section also allows me to learn about companies that I don't know well.

This year, for example, I learned about Velotech, a Portland-based e-tailer of bike gear for road cyclists. And I found out about Conducive Technology, whose website FlightStats.com updates users on flight delays and airport weather conditions.

This slideshow illustrates those companies and more, including the top three businesses on this year's list and all of this year's winners of our Lighthouse Award, given to those companies that have made it onto the list five years in a row.

Check back on Friday afternoon for another slideshow capturing the scene at the Business Journal's 100 Fastest-Growing Private Companies' event, held Thursday evening at the Portland Art Museum and attended by more than 800 people.

Caption: John Hall, senior vice president of EthicsPoint Inc., said demand for the Portland company's products never wavered during the recession. Those products involve software that allows companies to integrate their governance, risk and compliance processes. EthicsPoint's 2010 revenue of $20.3 million capped three-year growth of 56.6 percent — good enough for the No. 46 spot on the fastest-growing list and the receipt of a Lighthouse Award.

Foreign Employment Litigation in U.S. Courts

Thu, 09 Jun 2011 17:15:24 GMT

The program takes a strategic approach: Learn where the overseas employment risk areas are, and learn how to minimize risk of lawsuits, and support both compliance and corporate social responsibility.

Foreign Employment Disputes

Tue, 07 Jun 2011 00:00:00 GMT

One of the most fundamental concepts common to labor/employment law jurisprudence around the world is the territorial application of the law of the place of employment. In almost every jurisdiction, including the United States, all the important employee-protection laws -- laws on severance, discrimination, wage/hour, health/safety, discrimination/harassment, vacation/holidays and the like -- tend to apply by force of public policy, and therefore cannot be opted out of, even (in most cases) by a choice of law foreign clause in an employment agreement.

Corpedia and EthicsPoint Announce Partnership to Provide Critical Risk Awareness, Benchmarking and Training Solutions

Mon, 06 Jun 2011 00:00:00 GMT

Companies to offer single resource for critical components of comprehensive ethics & compliance programs

Phoenix, Ariz. and Portland, Ore. — June 7, 2011 — Today, Corpedia, a leading provider of governance, risk and compliance (GRC) advisory services and training, and EthicsPoint, a leading provider of enterprise risk awareness solutions, announced a strategic partnership to provide customers with more seamless employment training, program benchmarking and risk awareness solutions. With this partnership, the two organizations will together add valuable guidance and tracking to businesses seeking more comprehensive risk and compliance solutions across their corporation.

Organizations today face an ever-expanding list of regulatory mandates which require them to maintain compliance, as well as additional pressure from governmental agencies increasing enforcement activities around these directives. With these regulations, it is imperative companies closely monitor and understand the impact of their risk and compliance programs on their business as well as implement policies and processes to ensure potential risks are brought forward and investigated consistently and efficiently. The Corpedia and EthicsPoint partnership addresses this issue through software solutions and information services.

“Companies are continually striving to uncover and implement leading practices,” commented Erica Salmon-Byrne, managing director of Corpedia’s Compliance Advisory Services. “The linkage between transparency and program improvement is top of mind in the C-Suite. EthicsPoint’s industry leading solutions coupled with the breadth of Corpedia’s benchmarking capabilities and practical and actionable advice will allow us to serve companies more holistically and help companies serve customers, employees and stakeholders even more effectively.”

The companies will begin each engagement with complimentary diagnostics on key program components in order to identify critical risk areas, prioritize them and provide actionable plans for mitigating these risks – taking the guesswork out of timelines and costs. Using proprietary methodology with state-of-the-art tools and resources, each baseline diagnostic is done via phone with an experienced compliance professional.

The two organizations then work together to provide clients with a robust roadmap for Corpedia-led training or program benchmarking and – depending on client needs – either case management, compliance management, policy management or business risk analytics solutions implementation from EthicsPoint to meet those identified needs. Additionally, organizations will be able to use the EthicsPoint solutions to benchmark against companies of similar size or within their industry as their central repository of GRC-related information grows.

The results are feasible, in-depth recommendations and solutions tailored to industry, company size and organizational goals. Moreover, the joint solutions address how client programs stack up against important government criteria, as well as against reasonable and best practices of analogous companies which include compliance training and risk awareness solutions.

“Risk and compliance leaders are more aggressively including technological tools into their programs, allowing them better insight into the risks that face their organizations and providing tools to combat those risks,” said David Childers, president & CEO, EthicsPoint. “Combining what EthicsPoint does with the comprehensive training, program benchmarking and risk assessments from Corpedia complement risk and compliance programs with a larger suite of tools to strengthen their programs.”

About Corpedia

Corpedia, founded in 1998, is a leader in ethics and compliance e-learning, risk assessment, code of conduct services, and many other areas of ethics and compliance consulting. Working with over 500 customers in more than 150 countries, the company offers measurable and effective online instructional programs and supporting systems that help eliminate exposure and guide organizations through the complexities of today's compliance requirements. Corpedia offers an array of e-learning topics from antitrust to global privacy and protection and also specializes in code design, rewrite and review, and in-depth risk assessment consulting for those organizations that need to weigh their risk areas.

For more information, visit www.corpedia.com.

About EthicsPoint

EthicsPoint, a leading provider of enterprise risk awareness solutions, helps organizations align their governance, risk and compliance (GRC) processes with overall business strategy. We protect corporate cultures and reputations by proactively revealing risk-related trends via the collection, management and understanding of their GRC-related data. More than 2,400 organizations currently use our solutions to increase the quality of GRC data reported to boards and executive teams to facilitate better business decisions. To find out how, please visit www.ethicspoint.com.

Global Workplace Health and Safety Compliance

Mon, 06 Jun 2011 00:00:00 GMT

Laws regulating workplace health and safety are local to each jurisdiction. And therefore so is compliance. Regulation of workplace machine guarding, protective eyewear, and ergonomic keyboards, for example, differs depending on the jurisdiction, as do workers’ compensation systems. This is why multinational employers approach most aspects of workplace health and safety compliance from a local perspective, from the ground up. A top-down, cross-border compliance strategy may not work if the laws

to be complied with do not cross borders.

US-Based Multinational Employers and the Social Contract Outside the United States

Mon, 06 Jun 2011 00:00:00 GMT

The modern social contract in almost every country is an implicit bargain where employees offer their good citizenship and earnest labor in exchange for a viable package of benefits (or at least a viable social safety net) that, in large part, is employer-provided.

This employee-friendly social contract paradigm exists

almost everywhere in the world—rich and developing economies alike. But it does not apply in the United States, which operates

under a unique, market-driven version of common law employment-at-will.

Under US-style employment-at-will, as distinct from employment laws elsewhere (and subject to certain isolated exceptions), broadly applicable rules generally do not force employers to give their workers a cap on hours worked, holidays (paid or unpaid), vacations (paid or unpaid), paid sick leave or paid maternity leave, medical insurance, employer profit sharing, year-end bonuses, or severance pay or pre-termination notice.

SEC sets new rules for corporate tipsters

Tue, 31 May 2011 00:00:00 GMT

May 31, 2011

Aarti Maharaj

Corporate Secretary/Business Insider

Whistleblowers could be cashing in on lump sum payouts for reporting financial fraud to the US government under new rules adopted by the federal regulator.

On Wednesday, a divided SEC voted 3-2 to adopt a new whistleblower program that will pay $1 million or more to those who provide high quality tips that uncover corruption and lead to successful enforcement. The new policy, which will take effect in July, was mandated last year by the Dodd-Frank Wall Street Reform Act and applies to all original information the SEC receives after July 22, 2010.

SEC chairman Mary Schapiro says the new whistleblower rules will help the agency’s enforcement efforts. ‘For an agency with limited resources like the SEC, it is critical to be able to leverage the resources of people who may have first-hand information about violations of the securities laws. While the SEC has a history of receiving a high volume of tips and complaints, the quality of the tips we have received has been better since Dodd-Frank became law.’

Some industry leaders supported the announcement as a step forward.

‘While we are still reviewing the text, we appreciate the SEC’s willingness to work with the industry and make important and necessary changes to the internal reporting provisions,’ says Ira Hammerman, senior managing director and general counsel of the Securities Industry and Financial Markets Association (SIFMA). ‘We now encourage the Commodity Futures Trading Commission (CFTC) to revise their proposed rule to come into greater alignment with the SEC’s final rules, to ensure regulatory consistency and clarity.’

As Corporate Secretary previously reported, experts disagree on the merits of the whistleblower provisions of Dodd-Frank, primarily because bounties could be quite hefty given enforcement settlements of the recent past. On July 15, 2010, for instance, the SEC announced that Goldman Sachs would pay a record $550 million for misleading investors about a subprime mortgage collateralized debt obligation that the firm marketed.

Industry observers further believe that the SEC will take this program seriously, given the public black eye it suffered over its mishandling of several recent scams and frauds. Harry Markopoulos, an independent fraud investigator, approached the SEC many times over several years to express concern about Bernie Madoff, but nothing was done. ‘The SEC cannot afford another Madoff,’ says David Childers, chief executive officer of Portland, Oregon-based EthicsPoint.

 

CSCS 13th Annual Corporate Governance Conference

Tue, 24 May 2011 12:57:31 GMT

National Retail Federation Loss Prevention Conference & Expo

Mon, 23 May 2011 20:46:02 GMT

TechAmerica Oregon Names Winners of the 2011 Oregon Technology Awards

Fri, 20 May 2011 00:00:00 GMT

May 20, 2011

TechAmerica Oregon announced its 2011 Oregon Technology Award winners in a ceremony held last night at the Portland Art Museum. The winners represent the year’s top Oregon and Southwest Washington-area technology companies in four categories: System/Hardware, Software, Technology-Service and Rising Star, as well as the Cool Product of the Year, which was selected via live voting at the event.

“We received many compelling applications this year from a wide range of innovative local technology companies that we’re fortunate to have in our region,” said Jennifer Bosze, Regional Vice President of TechAmerica Oregon. “The selection committees had a difficult job choosing only a handful of these companies to be recognized, and we thank them for their assistance as well as the event sponsors and volunteers whose continued support makes it possible for us to hold this event year after year.”

The annual Oregon Technology Awards program, now in its third year managed by TechAmerica Oregon, celebrates excellence and achievement in the region’s technology industry. This year’s celebratory event provided sponsors and attendees an opportunity to invest in Oregon’s future innovators with proceeds going to support local math, science and technology education. The 2010 Awards program generated over $12,500 for the Oregon Robotics Tournament and Outreach Program (ORTOP), and nearly $2,000 for Chess for Success.

System/Hardware Company of the Year

FLIR Systems, Inc.

Software Company of the Year

Jive Software

Technology-Service Company of the Year

EthicsPoint, Inc.

Rising Star Company of the Year

Elemental Technologies, Inc.

The Cool Product of the Year was decided upon last night via a live vote. Event attendees used their mobile devices to select one of three finalist products as the winner. Results were tabulated and announced in real-time. The winner of this award is:

Cool Product of the Year

Elemental Technologies, Inc. – Elemental Live

Gregory K. Hinckley, President of Mentor Graphics, was also honored as the Executive of the Year, and the Richard “Dick” I. Knight, former Tektronix executive, the Lifetime Achievement recipient. A selection committee made up of the program’s previous Technology Executive of the Year and Lifetime Achievement Award recipients chose these winners from a group of nominees that came in from committee members as well as the greater technology community.

The Oregon Technology Awards Program is produced by TechAmerica Oregon and supported by various generous financial and in-kind sponsors. The presenting sponsors of the 2011 event are CresaPartners and UnitedHealthcare. Other sponsors include Woodruff Sawyer & Co., First Tech Federal Credit Union, KMPG LLP, Spitball Media, Zurich, McClenahan Bruer Communications, Pop Art, Inc., USI, Stoel Rives LLP, Perkins Coie LLP and Spirit Media. To learn more about the Oregon Technology Awards, please visit http://www.oregontechawards.com.

- # # # -

About TechAmerica

TechAmerica is the leading voice for the U.S. technology industry – the driving force behind productivity growth and jobs creation in the United States and the foundation of the global innovation economy. Representing approximately 1,200 member companies of all sizes from the public and commercial sectors of the economy, it is the industry’s largest advocacy organization and is dedicated to helping members’ top and bottom lines. TechAmerica is also the technology industry’s only grassroots-to-global advocacy network, with offices in state capitals around the United States, Washington, D.C., Europe (Brussels) and Asia (Beijing). It was formed by the merger of AeA (formerly the American Electronics Association), the Cyber Security Industry Alliance (CSIA), the Information Technology Association of America (ITAA) and the Government Electronics & Information Technology Association (GEIA). Learn more about TechAmerica at www.techamerica.org.

Elemental, FLIR among Oregon tech award winners

Fri, 20 May 2011 00:00:00 GMT

Video processing technology startup Elemental Technologies Inc. emerged as a big winner in this year’s annual Oregon Technology Awards.

Portland-based Elemental was named the state’s “rising star company of the year” in the annual awards ceremony hosted by TechAmerica Oregon.

The company’s “Elemental Live” product — a technology that allows content providers to encode audio and video for live streaming to multiple device types — also took home the “cool product of the year” honors as part of a live vote during Thursday’s awards presentation.

The Oregon Technology Awards, in its third year being managed by TechAmerica Oregon, are given annually to the top tech companies on Oregon and Southwest Washington.

The other winners:

FLIR Systems Inc., a Portland-based maker of infrared cameras and systems, System/Hardware Company of the Year.

Jive Software Inc., a Palo Alto, Calif.-based developer of social media software for business, Software Company of the Year. The company was founded and based in Portland until shifting its headquarters to the Bay Area a year ago.

EthicsPoint Inc., a Lake Oswego-based developer of governance, risk and compliance software, Technology-Service Company of the Year.

Greg Hinckley, president of Wilsonville-based Mentor Graphics Corp., Executive of the Year.

Richard I. Knight, former Tektronix Inc. executive, Lifetime Achievement Award.

Winners were chosen by a committee of previous award winners

Insight from the SEC

Sun, 01 May 2011 00:00:00 GMT

In preparing for a presentation I have coming up, I ran across a speech SEC Chairman Mary Shapiro gave on March 23, 2011 to the Securities Industry and Financial Markets Association's (SIFMA) Compliance and Legal Society Annual Seminar. While her remarks were certainly aimed at the financial industry, I found them to be relevant to all compliance professionals. Here are just a few snippets for your consideration:

Our examiners will be looking to see if registrants have embraced “a culture of compliance [my emphasis],” including enterprise risk management, within their firms.

A comprehensive approach to enterprise risk management is important for several reasons. For example, inattention to risk management can lead to seemingly minor corner-cutting on compliance issues which eventually snowballs into a serious problem for management and investors.

And, without a commitment to good governance and risk management, silos can form and the interdependence between risk categories can be overlooked.

Further, she elaborated that going forward, their examiners intend to focus on understanding how risk management is embedded in key business processes and decision-making at a number of levels. They will be asking questions such as:

How are the business units of an entity ensuring they are taking and managing risk effectively?

Are key risk management, control and compliance functions structured and funded to be effectively embedded in the business process?

How are senior managers ensuring effective oversight of enterprise risk management?

And how is the internal audit process independently verifying and providing the board and senior management with assurance about the operating effectiveness of the risk management, compliance and control functions?

These comments resonated with me, because this is also what I am hearing from our most forward-thinking clients and from industry analysts. The compliance function is growing up - and it needs to be funded appropriately in order to be effective. Tom Fox, a recognized expert in the FCPA, retells a great anecdote he heard from a former prosecutor: When told by a company identified as violating a compliance regulation that they properly fund the compliance effort, the prosecutor would simply ask, "how much did you spend last year on paper clips/Post-It notes?" If greater than the funding for the compliance department/function, the company would inevitably find itself in more trouble.

But more than just funding, compliance activities must be integrated into the ongoing operational processes of the business in order to be effective. The "whack a mole" approach to dealing with the most pressing compliance issue at hand simply won't suffice as we continue to operate in an environment where governmental agencies are committed to issuing new legislation and aggressively enforcing those and existing laws.

The question going forward won't be, "do you have a compliance program?" It will be, "how can you demonstrate your compliance program is effective?" So what are you doing in this area?

The Evolution of GRC: Adaptation and the Growth Continuum

Fri, 29 Apr 2011 00:00:00 GMT

Business change comes rapidly; however, on a day-to-day basis, those shifts are often experienced slowly. There is one constant however, that transcends all businesses – the need to change, to adapt - to the shifts around them. If businesses are to successfully thrive, predicting change and adapting to that change are paramount. Every organization will experience change and the way they respond to those factors will, at least in part, determine their success.

Using Technology to Manage Policy Lifecycle and Communication

Mon, 25 Apr 2011 00:00:00 GMT

Policy management — done right — articulates corporate culture, the boundaries of individual and business behavior, and

personal conduct. These policies clearly define, articulate, and communicate the organization’s boundaries, practices, and

expectations. The right policy defines and communicates what the organization believes.

PPG Library Administrator’s Guide

Mon, 18 Apr 2011 00:00:00 GMT

This guide provides detailed information and step-by-step procedures for PPG Library users. This includes administration of user profiles; management of policies, procedures, and guidelines (PPGs); and maintenance of issue types related to case investigations in IEM.

EthicsPoint Visualization Manager Release Notes

Mon, 18 Apr 2011 00:00:00 GMT

These release notes detail the changes to epVisualization Manager, including system requirements, new features, and enhancements.

Adaptive GRC

Fri, 15 Apr 2011 00:00:00 GMT

I spent the first part of this week at the Health Care Compliance Association's Annual Compliance Institute, where I had the pleasure of listening to Daniel Levinson, the Inspector General of the Office of Inspector General give a keynote. (Also heard James B Stewart give an overview of his new book, Tangled Webs, which I think every compliance officer will want to read, but I digress...).In Mr. Levinson's speech he reviewed what makes a strong compliance program, and I was once again reminded of how similar all the best practice frameworks are in their guidance.Earlier this year I spent some time reviewing guidance in the US Federal Sentencing Guidelines, those from the OECD on effective compliance, FCPA program advice, and recently the Adequate Procedures from the Ministry of Justice on Anti-corruption programs. All of these shared commonalities, echoed by Mr. Levinson, on what needs to be present in an effective and evolving compliance program:Tone from the Top - Senior Leadership must be committed to fostering an environment of integrity and compliance, and ensure this culture permeates throughout all employee ranksRisk Assessment - An organization must periodically review and assess the perceived risks facing it, which subsequently leads to...Policies, Procedures, Controls and Guidelines - Once risks are identified, appropriate policies and controls must be created and distributed to those likely to be affected. And these stakeholders must be trained, and often attest to their understanding of the policy and their commitment to abide by the expectations set within.Reporting Mechanism - We are all human, so despite best intentions, it is recognized violations of existing policies will occur. When this happens, an organization must have the ability to effectively collect reports of possible violations where ever they come forward. A hotline is not enough - organizations should challenge themselves to ensure they are capturing reports that surface in face to face meetings with managers, HR business partners, and other local supervisors, exit interviews, through alerts or exceptions that are flagged through technology, etc.Monitor and Assessment - A compliance program is not static; it needs to adapt as the business changes. New regulations can be mandated by the government, the business environment may be altered through mergers & acquisitions, economic prosperity or downturns, expansion into new markets, etc. Risks that weren't anticipated during the periodic assessments may become visible. An effective compliance program must be able to collect risk-related data, manage it consistently and appropriately, learn from it, and ultimately adapt to these learnings in order to support the overall business objectives.It is with this understanding as a foundation that is driving us here at EthicsPoint. We understand that every organization is on a GRC continuum - the level of sophistication and complexity of the compliance program will be dictated by the unique combination of different factors - industry, and associated level of governmental regulations, organizational structure (domestic vs multi-national, single site vs multi-site, blue collar vs white collar, etc.) and corporate culture/commitment to compliance. Furthermore, the compliance obligations of today will not be the same twelve months from now.This is why we have put so much effort into delivering the EthicsPoint Adaptive GRC Framework. We know that our solutions need to be able to fit into your organization today, regardless of where you are on the continuum, and adapt to your own internal processes and needs. Furthermore, we have to be able to support you as your compliance requirements change over time.Later tonight, we will be launching the latest evolution of our solution offerings, including:Enhanced Issue and Event Manager capabilitiesNEW Benchmarking module, enabling deep analysis of your GRC program and comparisons with other "like" organizations - by industry, company size and even against our entire population of clientsNEW Policy Manager product to help you effectively manage the lifecycle of your policiesEnhanced Visualization Manager capabilities that will assist you in identifying risk hotspots, patterns and trendsNew Service Offerings, including Global Whistleblowing Compliance, Third-party Risk Assessments and Third-party Privacy AssessmentsThis launch - while the largest and most ambitious in our company history - is only the beginning! And I couldn't be more excited about where we all are going as we adapt to ever-changing compliance needs!

10 Misconceptions That Increase the Likelihood of FCPA Violations

Thu, 14 Apr 2011 00:00:00 GMT

With the increase in litigation over the last four years around the 30-year-old Foreign Corrupt Practices Act (FCPA) putting a spotlight on bribery among public officials in foreign jurisdictions, consultancy Grant Thornton has teamed with enterprise risk specialist EthicsPoint to create a paper that looks at 10 common misconceptions that can increase the likelihood of corporate FCPA violations.

EthicsPoint Unveils Adaptive GRC Framework

Wed, 13 Apr 2011 00:00:00 GMT

EthicsPoint, a provider of enterprise risk awareness solutions to help companies raise visibility and mitigate operational risk, has unveiled Adaptive GRC Framework. The Framework allows EthicsPoint to not only meet customers' unique needs, but grow with them as their requirements shift and evolve.

EthicsPoint Unveils Adaptive GRC Framework, Provides Solutions to Address Growing GRC Needs

Tue, 12 Apr 2011 00:00:00 GMT

New solutions, products and services form critical component of effective compliance programs

PORTLAND, Ore. — April 12, 2011 — EthicsPoint, a recognized innovator in helping organizations raise visibility and mitigate operational risk, today announced the next phase in the evolution of governance, risk and compliance (GRC) management with our Adaptive GRC Framework. The Framework allows EthicsPoint to meet customers’ unique needs, but – most importantly – grows with them as their requirements shift and evolve.

“Being able to meet customers at any point along the GRC continuum is one of the most important things we can do to help them thrive as organizations as well as mitigate their risk,” said David Childers, President & CEO of EthicsPoint. “Providing solutions that help them evolve their ethics and compliance programs is of paramount importance to both existing and new clients.”

With the aim of providing clients better access to the intelligence their data can provide, while addressing key compliance needs, we have built the following solutions as part of the Framework:

Compliance Management is centered on enabling clients to manage internal and external obligations, resulting in reduced risk and improved business operations. EthicsPoint’s comprehensive compliance management solutions help identify the applicable requirements (defined by laws, regulations, contracts, strategies and policies), assess the state of compliance and ultimately assess the risks and potential costs of non-compliance against the projected expenses to achieve compliance. This includes management of external (industry and government) regulations and internal policies, procedures and controls.

Case Management enables organizations to implement a single system that enforces a consistent process for collecting reports of violations to their code of conduct or other policies, consistent investigation, documentation and collaboration across business units and delivers analytical capabilities to identify potential trends or areas of risk. The result is decreased risk and greater insight, leading to better business decisions.

Policy Management facilitates more effective management of the policy lifecycle. This element is crucial for the modern organization to function within the bounds of mandated obligations. A lifecycle approach to policy management addresses the challenges of managing the litany of policies needed to function within business boundaries — enabling employees, giving them the expectations to the boundaries they need to carry out their duties, and doing so in a way that protects the organization from harm.

Business Risk Analytics is a suite of products that drive further data-driven insight, creating greater visibility into business operations and allow more informed decision making. Continuously gathering data in a systematic approach to business risk management creates streams of GRC data that can be fed into dashboards that business users are able to access in order to proactively manage the business. That data can also be fed into a variety of analytics and business intelligence (BI) applications.

Additional Product Availability and Enhancements

In addition to solution sets within the Adaptive GRC Framework, EthicsPoint is announcing the general availability of our Policy Manager application as well as updates to existing case management and visualization applications.

Policy Manager, announced in 2010, provides customers with the ability to manage the policy lifecycle more effectively. Currently the process of policy management is often disparate and scattered across the enterprise with varied management of updates and changes to policies. Policy Manager allows clients to centrally manage policies, map them to objectives and guidelines, and promote awareness to support a culture of corporate governance. In addition, we have integrated our Policy Manager solution with our Issue and Event Manager so that organizations can review policies in-line with investigative processes and drive policy changes where needed.

“To consistently manage and communicate policies, organizations are increasingly turning toward defined processes, workflow and technologies like EthicsPoint’s Policy Manager to manage the policy lifecycle,” said Michael Rasmussen, leading GRC analyst and president of Corporate Integrity LLC. “The policy management lifecycle involves several stages from definition, approval, communication, awareness, attestation, maintenance and archiving – all of which are best supported by a technology infrastructure to manage the content and process of policy management.”

For Issue & Event Manager, our adaptive case management product, we have added further customer self-administration and configuration abilities, more robust business analytics capabilities and web services integrations. The current version also provides an optional Benchmarking Module, which expands customer access to business analytics data through self-administration of benchmarking data for the discovery and analysis of trends.

Visualization Manager, our data visualization dashboarding solution, has been given a brand new user interface that better facilitates quick and easy dashboard management. In addition, users will see an improved performance from the user interface and experience a look and feel more aligned to rest of the EthicsPoint product portfolio.

More information about EthicsPoint products and the Adaptive GRC Framework solutions available under its umbrella can be found at: http://www.ethicspoint.com/solutions/.

About EthicsPoint

EthicsPoint, a leading provider of enterprise risk awareness solutions, helps organizations align their governance, risk and compliance (GRC) processes with overall business strategy. We protect corporate cultures and reputations by proactively revealing risk-related trends via the collection, management and understanding of their GRC-related data. More than 2,400 organizations currently use our solutions to increase the quality of GRC data reported to boards and executive teams to facilitate better business decisions. To find out how, please visit www.ethicspoint.com.

# # #

 

Blow the Whistle and Be Damned

Sat, 02 Apr 2011 00:00:00 GMT

Tim Boreham, The Australian, April 02, 2011

GIVEN the choice, most companies would prefer to keep their dirty linen secreted in the closet. So when it comes to dealing with whistleblowers, boardroom lore is to tackle the matter in-house and with utmost discretion.

Unlike in the public sector, there's only a loose requirement for companies to protect whistleblowers and pursue their concerns in an appropriate manner -- which for a start means at arm’s length from the alleged perpetrators (who may be senior management).

There's even less of a requirement to report on the extent of whistleblower concerns and the effectiveness of stated misconduct procedures.

"Australian whistleblower legislation in the private sector is virtually non-existent," says Whistleblowers' Australia NSW president Peter Bowden.

"Australian whistleblower-protection laws are about the worst in the English-speaking world."

Given the lack of uniform reporting standards, it's hard to know how seriously our leading corporates treat the issue, beyond the customary statement of principles.

"If they don't have to report it then they are highly unlikely to, given the impact on the corporate brand," says Brett Warfield, chief executive of Sydney forensic accountants Warfield & Associates. "Companies talk about good governance and integrity, but I still think there's a concern about releasing this sort of information."

But standards are improving, led by global miners Rio Tinto and BHP Billiton -- both of which have had their reputations tarnished by corruption issues.

Rio's annual report includes an appraisal of its revamped Speak Out whistleblowing program, which discloses that 434 of its 77,000 employees were morally discomfited enough to contact the confidential hotline in 2010.

Of these, 211 related to "personnel" issues, with a further 80 concerned about breaches of policies and procedures. Almost half the calls resulted in action "in relation to the reported issue."

BHP operates a multilingual, 24-hour Business Conduct Advisory Service hotline through a third party, EthicsPoint. The service is available to the public as well as the miner's 100,000 staff and contractors.

In the 2009-10 year, the hotline received 305 inquiries, a big uptick on the previous year's 114.

"While the number has more than doubled, we believe that this is a result of a greater focus on the existence and availability of this service and enhanced accessibility, rather than an underlying change in the number of business conduct issues," BHP says.

One-fifth (21 percent) of the calls related to "inappropriate workplace behaviour", while a further 16 percent covered harassment concerns. Conflicts of interest (10 percent), employment equality (8 percent) and fraud and theft (7 percent) also rated highly, but bribery -- a perennial concern for miners operating in developing countries -- rated a lowly 2 percent.

"Rio's business ethics are very good in general, as with BHP Billiton's," says analyst Paul Rogers of corporate governance consultancy Regnan. "But they have to be, given the global operations and the scope for corruption."

Still, the big two miners' disclosures fall far short of tell-all -- and could best be described as baby steps in the quest to elevate misconduct to the same awareness plane as other "soft" measures such as environmental and safety reporting.

Unlike in the US, there's no hard and fast rule for corporates to implement whistleblower program, let alone report on them. The ASX's non-binding principles of corporate governance recommends systems to "measure and identify unlawful and unethical behaviour."

Other than the (missing) big stick, there are other motivations to take the whistleblowing game more seriously. As usual, corporates are prompted by that subtle mix of self-interest and an intrinsic desire to do the right thing.

Increasingly, shareholders and other interested parties are demanding that corporates don't just do the right thing, but are seen to do so as well. "In my experience whistleblower systems are one of the most important elements of an active business risk control program," Rogers says.

"It's something Regnan really rates quite highly."

In recent years, corporate Australia has been blighted by costly scandals, which have emerged only because of the willingness of an individual to speak up. When handled badly they have resulted, at best, in embarrassing headlines.

Take this week's leaked email from a senior Jetstar pilot, accusing colleagues of being fatigue-prone "princesses". The email came in to the hands of independent Nick Xenophon, who ambushed Qantas chief Alan Joyce in a Senate committee hearing. No doubt the issue would have been far less damaging if the emailer had had confidence in the airline's whistleblower hotline.

Other examples of whistleblower-related episodes include the foreign exchange fraud suffered by the National Australia Bank in 2003 (uncovered by a junior assistant on the forex desk), the Amcor and Visy Industry's cardboard box price-fixing racket (unveiled in an earlier iteration by an aggrieved Visy executive); and the personal misbehaviour allegations that led to the resignation of David Jones CEO Mark McInnes.

Rio itself moved to bolster the Speak-Out program after four of Rio's Shanghai based employees (including Australian citizen Stern Hu) were found guilty of accepting bribes.

BHP last year disclosed that at the behest of the US Securities and Exchange Commission, the company had uncovered evidence of "possible violation of applicable anti-corruption laws involving interactions with government officials". The admission was tacked on to the end of a quarterly exploration and development report.

Regnan, which has surveyed 177 of the top 200 ASX-listed companies, found that 15 percent of them had a whistleblower policy "we would consider to be best practice, with a full range of procedures such as an anonymous reporting hotline." Factors used to measure this include confidentiality and anonymity, multiple lines of reporting and protection of the individual.

A further 19 percent had most of the best-practice components, but were missing one or two elements. A further 23 percent are "missing the minimum expectations, but maybe it's just a disclosure problem"

That's a 57 percent "pass rate". "It's not bad that 15 percent had really strong systems and we hoped we would find more than that," Rogers says.

On the flip side, 15 percent didn't have a displayed whistleblower policy and 8 percent offered token statements. "They might disclose a code of conduct but, really, there's no evidence it constitutes a proper whistleblowing system."

Warfield describes the reporting standards as a "mixed bag."

Rogers is more generous, noting the pressure on boards to adopt corporate governance best standards whether it's mandatory or not. "Intuitively, you would think whistleblowing procedures would be improving -- I don't notice things moving backwards."

Without transparent disclosure it's hard for investors (and other account users) to gauge just how effective and whistleblower-friendly the procedures really are.

Still, companies afflicted by past scandals profess to have procedures that go beyond a phone line and a sympathetic ear.

NAB, which says the bank's program aims to help employees air "any matter of concern that can't be raised with their line manager or the HR division".

"Employees can raise their concern through a confidential alert line, email box or board alert email," says a NAB spokeswoman.

"All cases are treated seriously, acted upon quickly and with confidentiality. Callers are also protected from any reprisals."

The program is governed by a committee of senior business representatives, with six-monthly reports provided to the board.

In its annual report, Amcor notes that it operates a whistleblower service through a third party. "Matters raised under the whistleblower program are reported to the board through either the audit or compliance committee or the human resources committee and the program is periodically reviewed for its effectiveness."

In an apt touch given the price pain suffered by Amcor's box customers, a third-party complaints facility is available to suppliers, consumers, contractors and customers to report potential misconduct within the organisation.

David Jones offers an ethics hotline by which all reports are "investigated promptly and confidentially, without recrimination against the person reporting an incident".

The retailer's code of ethics and conduct says: "While most of us may take all due care and irresponsibility in our business dealings, unfortunately there may be instances where individuals or organisations compromise our code of ethics and conduct."

But Warfield points out the whistleblower procedures are "only as good as (a) "how widely staff know about the hotline and (b) how much they trust it."

Warfield says most companies avail of external hotline services offered by the likes of the accountancy firm, but the standard of call-centre operators varies. He says the crucial factor is what procedures are adhered to when reports go back to senior management.

"You can have the best reporting in the world but still lose credibility if nothing is seen as happening," he says.

"You can identify the info from the calls and report it, but the next stage is up to the businesses themselves. What's done is up to the senior level and it's usually an internal issue for the business."

Rogers adds that clear and transparent airing of such concerns makes for good business. Goldman Sachs, which recently crunched Regnan data, found the companies with the best business ethics outperformed during the GFC.

"Whistleblower procedures were one of the best indicators of outperformance," Rogers says.

Warfield cautions that no matter the degree of faith in corporate procedures, whistleblowers need to make sure they protect their own backs first and foremost.

"As much as we believe people should whistleblow, they need to protect themselves first -- there may be complications.'

Not that the emboldened approach is a sure-fire route to career suicide: just ask former intelligence officer Andrew Wilkie, the patron saint of public-sector whistleblowers now representing the denizens of Denison in federal parliament.

Demonstration of EthicsPoint Policy Manager

Thu, 31 Mar 2011 19:37:50 GMT

Join EthicsPoint for a demonstration of the newest application to be available in April 2011 – Policy Manager.

Ten common misconceptions increase the likelihood of FCPA violations

Wed, 23 Mar 2011 00:00:00 GMT

Despite the fact that the Foreign Corrupt Practices Act (FCPA) has been around

since 1977, it is only in recent years that this particular federal law has put

a spotlight on bribery among public officials in foreign jurisdictions. As a

result of this increased scrutiny, Grant Thornton LLP’s FCPA professionals have

combed past decisions to reveal 10 common misconceptions that can increase the

likelihood of corporate FCPA violations.

“The Department of Justice and the SEC are intensely focused on enforcing the

FCPA and penalizing corporations and individuals that violate this act,” says

Bill Olsen, Grant Thornton LLP Economic Advisory Service principal and the

firm’s FCPA practice leader. “The large number of ongoing FCPA cases and the

formation of specialized FCPA units within DOJ agencies suggest that this is a

long-term initiative for government regulators. While working with our clients

to address issues in this area, we have observed that many multinational

organizations are especially interested in tactics that will fully address their

FCPA risks.”

“Best practices common to organizations doing business globally are to have a

robust ethics and compliance program in place that includes anonymous reporting

and policy management to verify the education of vendors, suppliers and agents,”

says David Childers, president and CEO of EthicsPoint. “Having a

management-supported program visible in the organization helps show the

company’s commitment to conducting business correctly — and may serve to reduce

potential penalties that may be incurred.”

The attached document outlines the 10 common misconceptions companies should keep in mind to stay in

compliance with the FCPA and avoid penalties.

Better Whistleblower Protection Needed

Wed, 23 Mar 2011 00:00:00 GMT

by Elizabeth James, March 23, 2011

". . . expressing truths that are inconvenient to those in power is inherently

dangerous and can cause serious harm to you, your career and your family's

wellbeing, even to your physical and mental health."

Federal Accountability Initiative for Reform (FAIR), Feb. 2011

Most of us cannot know what goes on behind the closed doors of the governments

and corporations that, to a large extent, decide how we live our lives.

So when politicians, staff or corporate executives behind those doors engage in

unscrupulous deeds, our systems of accountability become essential to our

financial, environmental and social wellbeing.

Should the systems fail -- because they were underfunded, badly drafted or

circumvented -- citizens are left with few protections.

Journalists offer some comfort, if and when they can get at the facts by going

undercover or via a flawed access-to-information process.

Independent officers like auditors-general and ombudsmen, underfunded in B.C.,

give us more assurance that someone is watching the store, as does the federal

parliamentary budget officer.

But when all else fails, we must rely on the courage of ethical individuals on

the inside who remain determined to see truth and integrity prevail.

In Dec. 2002, Time Magazine named three whistleblowers -- Sherron Watkins of

Enron, Coleen Rowley of the FBI and Cynthia Cooper of WorldCom -- its persons of

the year. In doing so, the magazine said that although "their lives may not have

been at stake," the three "put pretty much everything else on the line. "Their

jobs, their health, their privacy, their sanity -- they risked all of them to

bring us badly needed word of trouble inside crucial institutions."

For more than two years, that is precisely what employees inside the office of

Christiane Ouimet, Canada's former public sector integrity commissioner, tried

to do for us.

And for their pains, we let them down.

In releasing FAIR's "damning critique of (the) federal whistleblower protection

law," executive director David Hutton was referring to the Public Servants

Disclosure Protection Act (PSDPA).

Ostensibly, the act was intended to protect government employees from

retaliation should they report what they believed to be acts of wrongdoing on

the part of their colleagues or superiors.

But as FAIR's analysis reveals, when it came to protecting employees in Ouimet's

office, the legislation was a disturbing failure.

This was confirmed in a December 2010 report by Auditor General Sheila Fraser,

who reported that 24 employees left the office between Aug. 5, 2007 and July 31,

2009.

Noting that this "amounted to an average turnover rate of over 50 per cent per

year," Fraser went on to observe that the numbers "included the departure of the

majority of staff in senior positions who reported directly to the

commissioner."

Worst of all is the fact that the departing PSIC employees -- most of whom had

years of exemplary public service in their resumes -- endured the overt and

subtle retaliations from which the legislation purports to protect them.

Federal employees may be worse off than would-be whistleblowers in the private

sector, where a growing number of businesses are taking matters into their own

hands and using the services of companies like Shannon Walker's WhistleBlower

Security.

Walker -- otherwise known as West Vancouver's Coun. Walker -- agrees there is a

need for blanket legislation to protect both public and private sector

employees. But she also says the protections offered by WhistleBlower Security

and by U.S.-based EthicsPoint go beyond legislative solutions to enhance

accountability, protect against fraud and to encourage ethical workplaces.

Such services, together with legislation like the U.S. Sarbanes-Oxley Act and

other whistleblower legislation enacted since 2002, might well have arrested the

corporate wrongdoings that caused the downfall of Enron and WorldCom.

Furthermore, had the warnings of FBI staff attorney Rowley been heeded, it is

conceivable that the extent of New York's 9-11 disaster might have been

mitigated.

Unfortunately, improved Canadian legislation will come too late for those who

suffered what may well be career-ending reprisals by Ouimet. Even more galling

is that when Ouimet resigned in the midst of Fraser's probe of her office, it

was she rather than her beleaguered victims who walked away with a

taxpayer-funded $530,000 severance package.

From the misuse of municipal golf course accounts to the BC Rail deal; from

Liberal sponsorships to Lehmann Brothers; and from the Gulf of Mexico oil spill

to the doctoring of climate-change reports -- locally, nationally,

internationally, we've seen the need. Employees "on the inside" are often in the

only position to protect us, not just against Time's "black comedy of corporate

fraud," but also against ticking time-bombs within governments, unelected

agencies like TransLink, and inside so-called public corporations like BC Hydro

and B.C. Ferries.

Surely, their courage earns them the right to be protected in return?

Ten common misconceptions increase the likelihood of FCPA violations

Wed, 23 Mar 2011 00:00:00 GMT

CHICAGO AND PORTLAND, ORE. – March 22, 2011 — The increase in litigation over the last four years around the 30-year-old Foreign Corrupt Practices Act (FCPA) has put a spotlight on bribery among public officials in foreign jurisdictions. As a result of this increased scrutiny, Grant Thornton LLP and EthicsPoint created a paper that looks at 10 common misconceptions that can increase the likelihood of corporate FCPA violations.

The attached document contains the full press release.

Ethical Leadership and Abusive Supervision: Management’s Light and Dark Sides

Thu, 17 Mar 2011 14:10:09 GMT

Attendees will learn about the practical benefits of ethical leadership. We will discuss how attention of ethical conduct can promote voluntary learning and helpful citizenship behaviors, while simultaneously reducing workplace deviance and destructive conflict. We will also consider the “dark side” of leadership, examining how abusive supervision harms employees while creating dysfunctional organizations.

Lake Oswego company helps Oregon schools avoid Ohio State's fate

Wed, 09 Mar 2011 00:00:00 GMT

March 9, 2011

Even before Ohio State football coach Jim Tressel confessed to sitting on a tip about his players' NCAA violations, colleges and universities were bracing for such a scandal. As the profile and finances of college athletics rise, so have schools' efforts to root out wrongdoing before it explodes into a public investigation.

Universities increasingly hire outside firms to handle anonymous tips about everything from students cheating on tests to coaches harassing office workers. One of the nation's most prominent ones -- EthicsPoint -- is in Lake Oswego. And it's booming.

The firm's revenue surged 23 percent between the recession years of 2008 and 2009, to $16 million, and has about 35 percent market share. Most of EthicsPoint's business comes from corporations, but universities are a growing slice: nearly 14 percent of its 2,400 clients. About half of the NCAA schools EthicsPoint serves use to the system to track violations in the athletic departments that often serve as institutions' front doors -- to excellence or embarrassment.

There has been a movement within higher education to use third-party reporting services that's driven in part by the escalating finances at stake in sports, said David Childers, EthicsPoint CEO.

"You always have to follow the money," Childers said. "Athletics is big business today."

About 18,000-25,000 tips with enough merit to prompt "an investigation or triage" came to EthicsPoint from universities last year, Childers said. Roughly 10 percent of those related to athletics. All seven of Oregon's state universities now employ EthicsPoint, first profiled in The Oregonian in this 2006 story, for issues of financial fraud. That doesn't encompass athletics specifically, but could include such transgressions as an athletic director's misuse of funds or a coach's fraudulent expense account.

Though the Oregon Ducks have been in the news recently for NCAA inquiries involving its men's basketball and football programs, Childers said Oregon State could be at similar risk. In college sports as in corporate America, an inquiry into one school's alleged malfeasance can heighten regulators' attention on that area -- recruiting, for instance -- elsewhere.

The athletic departments most at risk are the ones who already have been punished, said Childers, who has opined on NCAA sports on his blog.

"Have you had a sordid history?" he said. "I assure you the University of Southern California is more tense than they were six or eight years ago."

Still, being made aware of potential problems through EthicsPoint tips is not a panacea. After all, Ohio State is a client, too.

-- Rachel Bachman

Retail Industry Leader's Association 2011 Loss Prevention, Auditing & Safety Conference

Tue, 08 Mar 2011 19:43:02 GMT

Visit us at booth #519 in the exhibit hall.

Beware - Doing good at work can sometimes get you fired

Sun, 06 Mar 2011 00:00:00 GMT

There was public outrage recently when four employees at a Wal-Mart store in Utah lost their jobs for safely disarming a gun-toting shoplifter. But no one should be too surprised by the retail giant’s tough stance.

Wal-Mart, the largest U.S. employer, has a long history of steadfastly enforcing its own rules and this recent example is no different. The retailer’s policy states that security personnel should step away from a thief if the individual has a gun, but in this instance the employees involved — including Justin Richins, Shawn Ray, Lori Poulsen, and Gabriel Stewart — felt compelled to subdue the gunman.

Rules can’t anticipate the details of specific events like the one that unfolded at the Layton,

Utah, store on the afternoon of Jan. 13, but often Wal-Mart takes a blanket approach to defending them. Such strict adherence to policy is what many large corporations have to do in order to fight against lawsuits and liability, management experts maintain. And Wal-Mart is often seen as the toughest defender of its own edicts when it comes not only to merchandising, but also its workforce. But does this approach make business or ethical sense, and does it ever cross the legal line?

“Wal-Mart has a very persistent history of enforcing its policies; whether it’s right or wrong they enforce their policies,” said David Childers, CEO of EthicsPoint, an ethics and compliance solutions provider. “Wal-Mart is rules laden, and less principles based.”

While Childers said it makes sense for companies to be consistent when enforcing policies, being too inflexible can backfire.

“What kind of employer does Wal-Mart want to be seen as in the public eye?” he said. “They aren’t doing themselves any favors by being so rigid.”

Indeed, many people were angry at the retailer’s decision. Blogs called for boycotts, while thousands of anti-Wal-Mart comments appeared on the websites of national and local media that covered the firings.

The retailer is no stranger to controversy when it comes to employee actions.

There was a public outcry in 2009 when Joseph Casias, a star Wal-Mart employee at a Battle Creek, Mich., store, was fired for legally using medical marijuana to deal with pain caused by an inoperable brain tumor. Casias hadn’t used the drug while on duty as an associate, but the retailer had enforced its strict policy regarding drug use among it staffers.

And after news of the Layton firings came to light, James Dallin, a long-time assistant manager at a store in Cedar Hills, Utah, told the Deseret News, a local newspaper, that he was fired for being in breach of Wal-Mart policy when he separated an angry husband from a female worker at the store. Just a few months later, Wichita, Kan., Wal-Mart associate Heather Ravenstein was fired for stopping a thief from stealing a computer, according to The Wichita Eagle.

“We do look at the individual situations and we conduct a thorough review to make sure we consider each instance individually,” Wal-Mart spokesman Lorenzo Lopez stressed, adding that “we have policies in place to protect the safety of associates and customers.”

Many corporations’ rules are designed to protect them from lawsuits if someone is injured, and insurance companies investigating such injuries look at whether the actions of employees were reasonable or not and thus determine what they’ll cover, said Sheryl Willert, a member of the labor and employment law committee of DRI, an organization of attorneys defending the interests of businesses and individuals in civil litigation.

To be sure, Wal-Mart isn’t the only company enforcing workplace rules. Last month, Teresa Danford, an employee of Crane Interiors in Woodbury, Tenn., was suspended without pay after taking a phone call on her cell phone during work hours from her son who was deployed in Afghanistan, according to CBS-affiliate WTVF in Tennessee. And earlier this year Tiffany Langeslay, an assistant manager at a McDonald’s in Eden Prairie, Minn., lost her job after breaking store rules by allowing a football running back for the Minnesota Vikings, Adrian Peterson, to use the bathroom after the store had just closed, according to NBC Sports.

In these two examples, the employers swallowed their policy pride. Danford got an apology from management and Langeslay got her job back. Will Wal-Mart’s management change its mind? Right now it doesn’t look like it will.

“At this point in time, we’ve made our decision,” Wal-Mart spokesman Lopez said.

And Wal-Mart can enforce that decision, “no matter how stupid it is,” said Philip Mortensen, a New York management attorney.

“Utah is considered an ‘employment at will’ state,” he continued, so “baring a union or other contract for protection, Wal-Mart would have been free to fire the security guards in Utah, provided no federal, state or local laws were being violated.”

When it comes to the courts, the issue has gone in “different directions,” said Eugene Wolokh, law professor at UCLA School of Law. There are state constitutions, he explained, that secure a person’s right to self-defense, but the laws don’t say anything about employers.

In the case of Casias (the Wal-Mart worker who was fired for medical marijuana and then sued) a federal judge last month dismissed his suit, saying the state’s pot laws did not protect individuals from being fired by private employers.

In another suit from 2000 involving Antonio Feliciano, a 7-Eleven employee in Martinsburg, W.Va., who foiled a robbery and was fired for violating company policy, the state Supreme Court found he could not be fired for exercising his self-defense right. But when Feliciano sought damages in district court the jury found he was not wrongfully terminated.

An older case from Washington State found fault with the employer.

An armored truck guard Kevin Gardner who worked for Loomis Armored in Washington State was fired because he temporarily left his vehicle to help a woman at a bank who was being held hostage by a robber holding a knife to her neck. The district court said that the company’s policy made sense, but the firing of Gardner was unlawful, stating:

“We find that Gardner’s discharge for leaving the truck and saving a woman from an imminent life threatening situation violates the public policy encouraging such heroic conduct.”

As for the Wal-Mart Utah security guards, the group of one woman and three men who subdued the gunman was indeed heroic.

Trent Longton, who had multiple arrest warrants, tried to steal a laptop from the Wal-Mart store. He was caught by security guards, detained in a room, and then brandished a loaded handgun in an attempt to escape. According to the police report:

“Trent did not point the gun at anyone or make any direct threats; however, he used the gun to intimidate the Wal-Mart associates into releasing him. Trent also tried to escape detention from Wal-Mart associates by trying to break free from their grasp. Wal-Mart associates were able to remove the gun from Trent’s hand and keep him detained until” the police arrived.

Wal-Mart’s policy does not take into account all situations, maintained Leonard Emma, an Oakland, Calif., labor lawyer who represents employees.

“What if, after following policy, the perpetrator doesn’t run off with the loot, but instead points a gun at someone back and continues to speak in a threatening tone? At what point may they aggressively defend their own lives? According to Wal-Mart’s policy, never.”

While Layton, Utah, Police Department spokesman Lt. Garrett Atkin would not comment on whether the employees’ actions were appropriate or not, he said:

“People in that split second take whatever action they spontaneously think they have to take. Everyone has to weigh that for themselves.”

The UK Bribery Act – Hurry Up and Wait

Tue, 22 Feb 2011 00:00:00 GMT

For most multinational organizations the UK Bribery Act has caused a great deal of concern. Not totally dissimilar from the Foreign Corrupt Practices Act, it does have some unique differences such as disallowing facilitation payments and much broader jurisdictional reach. Organizations have accelerated their preparations only to be kept waiting for the official guidelines to be issued by the UK Serious Fraud Office. On February 2, 2011, the Serious Fraud Office announced that the twice delayed April 2011 effective date would now be sometime this “autumn.” This begs the question, why are we still waiting? Do our colleagues across the pond really need help putting together the guidelines around defining bribery? Or establishing adequate procedures to mitigate bribery and corruption? Riddle me this…we are talking about a concept that is as old as Judas, and the US has been refining the Foreign Corrupt Practices Act (FCPA) for over thirty years! With an active FCPA “template” that has levied fines in the billions of dollars the past three years, developing the UK’s regulatory guidelines around bribery and corruption should not be this arduous. But do they really need the FCPA? The UK signed the anti-bribery convention – and has its language – in accordance with OECD more than 10 years ago. In my mind, there is no technical reason why the UK is having trouble developing a bribery policy. But observers protest that is only half the problem– what about the defining the guardrails for adequacy in mitigation and potential injunctive relief? No good template you say? Au contraire! The US Sentencing Guidelines – and specifically Chapter 8 of the guidelines – have been around since 1991 and were revised again last year. So what is the hold up? I could be a bit of an ugly American here and suggest that the Brits are simply distracted from the task and more consumed with high tea, Manchester United’s march to the EPL Championship, or preparing diligently for the Chelsea Flower Show than getting the Act fully promulgated. But my jest aside, this problem is completely political. The reality is the change in government after the recent election and aggressive lobbying from UK business have created this delay. I have the utmost respect for Vivian Robinson, the General Counsel for the SFO. Robinson is bright, engaged and dedicated to the task. He knows what to do, but he must gain consensus in the UK government before announcing the guidelines. I will be moderating a panel in London the end of March where Robinson will be sharing his views. I sincerely look forward to learning from him and sharing with you after our meeting. So let me turn the tables. What is keeping corporations who do business in England, Ireland and Scotland from taking appropriate steps to mitigate their impending risk? Multinational companies who contend with FCPA are already 95% compliant. Most do a good job of defining appropriate facilitation payments and controlling them. All indications are that the SFO will be logical with their view to these payments. But what is keeping the rest of these companies doing business in the region, especially the ones who comprise the “extended enterprise” of most multinationals, sitting on the sideline? The writing on the wall is clear, but it seems that unfortunately we continue to confuse good business practice with regulatory requirement. Mitigation of bribery and corruption is good for business and good for the global economy. So, in my opinion, it is time to do what is right – even without a looming legal mandate. Does anyone else share my opinion?

MUW latest to join ethics report system

Sat, 19 Feb 2011 00:00:00 GMT

Those who suspect or witness unethical behavior at Mississippi University for Women now have a system for reporting their concerns anonymously online or via phone.

"Sometimes people are concerned that there may be some kind of retaliation if they speak out," said Nora Miller, MUW vice president for finance and administration. "This gives them the opportunity to report it, while remaining anonymous."

As part of the university's effort to outsource its internal audit services to Mississippi State University, MUW has access to a third-party reporting system at a discounted rate.

Other schools across the country also are using such a system.

Miller said no bad act spurred interest in the program at MUW, but MSU encouraged participation because MUW could be added to the university's contract.

"Every person, regardless of position, shares in the responsibility for promoting an ethical and safe environment," interim MUW President Allegra Brigham said in a campus letter. "We must conduct ourselves so that our actions and behavior foster a campus climate that is respectful of all members of our community, that encourages civility, collegiality and restricts inappropriate uses of power."

In 2009 - a year after a landscaping scandal led to the retirement of a longtime university leader - Mississippi State University implemented several ethical changes.

The university began paying Lake Oswego, Ore.-based EthicsPoint about $7,400 a year for its third-party reporting service. Adding MUW will cost about a $1,000 more, said Lesia Bryant, interim director of MSU's internal audit office.

"It's a great tool," Bryant said. "People can report anything and not have to worry about any kind of backlash."

While most of Mississippi's universities handle complaints through their internal audit offices, hundreds of schools across the country have been flocking to the third-party service in recent years.

There is no uniform procedure among state universities for dealing with reports of wrongful conduct or misuse of resources.

"This is just one more way of opening the lines of communication," Miller said.

Bryant said the reporting system has been used few times since its implementation, but it promotes a culture of ethics.

"I think both (MSU President Mark Keenum and Brigham) want to show that the universities are committed to being responsible and ethical," she said. "All of the reports we receive are investigated objectively."

PCI 2.0 – Move The Button (Some More)

Wed, 09 Feb 2011 17:52:46 GMT

In this course, Dan Toughey and John McElroy help clarify payment card industry mandates that impact college and university payment practices and commerce systems.

French Rules on Whistleblower Hotlines are Changing

Tue, 01 Feb 2011 00:00:00 GMT

As many of you operating globally know, the laws and regulations in differing countries can prove tricky to navigate. There have been changes recently in the way an organization can operate whistleblower hotlines in France that will be of interest to our multinational clients. In October 2010, the Commission nationale de l'informatique et des libertés (or CNIL), the French data privacy regulatory body, amended the “single authorization” method for whistleblower hotlines. The amendments included both a clarification and broadening of the scope of acceptable issues organizations can receive through the hotline and still be in compliance with the single authorization.

The October amendments removed the ability to capture issues of “vital interests [to] the company or moral or physical integrity of the employees.” However, the CNIL did broaden the scope of reportable issue types to include issues related to anti-competition practices, Sarbanes-Oxley and Japanese SOX. Accordingly, the CNIL clarified that the single authorization method will allow reporting on all of the following: finance/accounting, banking, fight against corruption, anti-competitive practices and compliance with Section 301(4) of the Sarbanes-Oxley Act and the Japanese Financial Instruments and Exchange Act.

An organization has six (6) months (beginning December 8, 2010) to modify their system to be in line with these new single authorization rules, or apply for formal consideration of their hotline through the CNIL. Operation of a whistleblower hotline outside the scope of the single authorization or without formal approval from the CNIL on a broader scope, puts organizations at risk for criminal sanctions and hefty fines. These criminal sanctions and fines may be issued by the CNIL and the French courts have the authority, in civil litigation, to multiply these sanctions up to 5 times.

For more information, please see the following from the IAPP (requires membership in IAPP to access). Or this article from the Global Regulatory Enforcement Law Blog.

Compliance & Ethics Programs: The State - and Future - of the Law

Wed, 26 Jan 2011 14:37:52 GMT

In this session, Jeffrey Kaplan & Rebecca Walker, Kaplan and Walker LLP, will review how Compliance & Ethics law has progressed since the advent of the Federal Sentencing Guidelines 20 years ago, and the practical implications of recent developments for those with C&E program responsibilities.

MobileLink Quick Reference

Sun, 23 Jan 2011 00:00:00 GMT

EthicsPoint MobileLink provides a streamlined version of Issue and Event Manager on your

web-enabled handheld device, allowing you to immediately evaluate incoming reports or

cases, so you can respond quickly to time-sensitive issues.

The Four Key Areas of HR Risk: What Every HR Executive Needs to Look for in 2011

Thu, 13 Jan 2011 18:09:11 GMT

In this session hear Chris Lipski, Princpal, and Christine Ferreri Connor, Senior Consultant, of the Human Capital Practice at Ernst & Young, review 4 key areas of HR risk: Compliance, Finance, Operational, Procedural, and provide practical advice for HR leaders on minimizing risk across these categories in 2011.

Member Spotlight: David Childers, CEO, EthicsPoint

Thu, 06 Jan 2011 00:00:00 GMT

Every business carries associated risk; their awareness and ability to proactively deal with that risk will impact their success. Threats cross the boundaries of divisions within a company – human resources, finance, legal, loss prevention, corporate security, etc. – so tracking events through multiple channels back to a resolution can be a cumbersome task. Lake Oswego-based EthicsPoint, featuring SAO Board Member and Vice Chair David Childers as chief executive officer, has spent a decade tackling the challenges of how to gather, manage and glean actionable information patterns from reported violations of ethics, code of conduct, fraud and other business-related misconduct.

Helping organizations, from higher education institutions to multinationals, gather and analyze data to track and understand their exposure to organizational risk – whether via intellectual property disputes, product safety issues or common employee misconduct – is essential to EthicsPoint’s mission. For EthicsPoint, working with organizations like the SAO is critical to helping raise awareness of risk and compliance issues facing Oregon businesses as well as increasing access to state officials who help create environments receptive to companies aiming for high standard of corporate governance and business ethics.

Connecting with Local Officials

Since its infancy, the SAO has tried to provide an open forum in which Oregon technology business leaders have greater access to state officials, where opinions can be shared in an open environment. While the SAO is moving the bar forward on many solid initiatives in support of its mission, Vice Chair Childers believes the work the Association is currently doing with local and state officials is especially vital.

The best current example of such partnership has to be the January 2010 State of Oregon and SAO Technology and Procurement Meeting in Salem, the first of its kind. According to the SAO, the event provided a forum for opening conversation with private industry and various State of Oregon CIOs to facilitate better understanding of each party’s issues and to develop better solutions together.

Childers saw the event, attended by State of Oregon CIOs, managers and agency staffers, as a prime opportunity to articulate the specific needs of the three distinct audiences within the local software community – software companies, software departments inside major corporations and software entrepreneurs – and raise awareness as to the depth of Oregon’s software knowledge and development skill, extending an invitation to state agencies for direct future collaboration with industry leaders.

"Just opening the dialog and letting the members of the state CIO, IT and procurement teams know more about the extensive and knowledgeable software community we have here in Oregon was extremely important,” says Childers, reflecting on the success of the event. "Often we still have images of what Oregon was ten years ago and even that impression is so out of date; we’ve come leaps-and-bounds in terms of both software development and business acumen.”

As a result of the 2010 Technology and Procurement Meeting, the State launched an RFP to find – and has reached agreement on – a hosted email system, Microsoft Exchange, to unify the state’s disparate email systems. The State of Oregon email environment was comprised of at least 53 email systems serving more than 40,000 users that were independently operated and maintained by Oregon state agencies. Lead by Oregon State CIO Dougan Petty, the email systems will be consolidated by June 2011 and Exchange implemented statewide, lowering costs and increasing IT department productivity. Ideally, this will allow the state’s IT teams to reenergize projects and evolve the State’s strong digital presence.

In addition to the now annual meeting with state officials, the SAO works closely with the Governor’s office as advocates for the Oregon’s technology community in helping to identify projects for federal stimulus spending and outline areas where technology investment can play a key role in the State’s budget.

Other community-minded initiatives that the SAO is extremely involved include building the software component of the City of Portland’s Economic Development Strategy. Led by the Portland Development Commission (PDC), the strategy builds out a five-year plan for promoting job creation and economic growth. As part of the initiative, the PDC has indentified the local software industry as one of the four key ‘business clusters’ that will help drive the region’s economic expansion and global competitiveness. To help support its efforts, the City of Portland regularly consults with local technology associations such as SAO, the Oregon Entrepreneurs Network (OEN) and TechAmerica to enhance the competitive environment for emerging firms.

Remaining Competitive

Childers sees the SAO as a key ‘connection point’ for the local software community and, as the organization grows, it will become more dynamic and impactful both in size and scope, driving the success of the organization’s mission.

While the association has made tremendous strides in communicating the value of the local software community, Childers stresses the importance of certain key tasks for supporting SAO’s mission into the future. In particular, he believes in working harder to unite the other tech hubs in the state, garnering more involvement from local universities (which will lead to the sharing of IP with local entrepreneurs), promoting the region to the investment community and leveraging any incentive dollars the Federal and State governments have to offer are keys to growth within the Oregon technology sector.

"It’s all about job creation. We need to get more businesses here, and help expand the businesses that are here in order to attract new IT and engineering talent to the area,” says David.

"The economic climate in 2002 was not ideal either and we raised money from a group of Portland angel investors; their investment led to the formation of a company that has been recognized as one of the Inc. Magazine Fastest-growing Private Companies for the past four years, and we paid a dividend to those investors in 2010,” Childers continued. "There are more companies like EthicsPoint in Oregon; they just need the assistance of an organization like SAO to provide direction, guidance and additional resources, enabling us to harness our rich, collective knowledge.”

100 Days And Counting: The Impact of the UK Bribery Act on U.S. Companies

Tue, 04 Jan 2011 19:17:08 GMT

This webcast is a “must attend” for general counsel, ethics officers and compliance counsel of any U.S. business that trades with or from the UK. Don’t miss this opportunity to hear Vivian Robinson QC, general counsel to the UK’s Serious Fraud Office; Barry Vitou, partner in Winston & Strawn’s London office; Richard Kovalevsky QC, 2 Bedford Row; and David Childers, CEO of EthicsPoint answer your questions arising from the UK’s long-arm jurisdiction bribery laws.

SCCE Utilities & Energy Compliance and Ethics Conference

Mon, 27 Dec 2010 17:30:32 GMT

EthicsPoint will be exhibiting at and presenting two sessions at the Utilities & Energy Compliance and Ethics Conference, in Houston, Texas.

Why Does My Case Disappear When I Update the Tier

Mon, 13 Dec 2010 02:28:02 GMT

This video will explain what happens to a case after you select to move it to another tier.

Adding A Tier Administrator

Mon, 13 Dec 2010 02:18:09 GMT

This video will walk you through the process of adding a Tier Administrator in Issue and Event Manager Enterprise.

System Admin vs Tier Admin Demo

Mon, 13 Dec 2010 02:15:45 GMT

This video will walk you through the differences between a Tier Administrator and a System Administrator in the Issue and Event Manager Enterprise system.

Moving a Case to Another Tier

Mon, 13 Dec 2010 02:10:05 GMT

This video will walk you through the process of moving a case from one tier to another.

Sending Welcome E-Mail

Mon, 13 Dec 2010 02:08:21 GMT

This video will walk you through the process of sending a welcome email to the users of your system. This is a useful tool that allows Administrators to communicate login information and other messages to their system users.

Case Tab: Item Demo

Mon, 13 Dec 2010 01:49:57 GMT

This video will walk you through the Items section of a case.

Case Tab: Case Details Demo

Mon, 13 Dec 2010 01:48:19 GMT

This video will walk you through the Details section of a case.

Case Tab: Tools Demo

Mon, 13 Dec 2010 01:47:00 GMT

This video will walk you through the Tools section of a case.

Case Tab: Follow Up Chat Demo

Mon, 13 Dec 2010 01:35:54 GMT

This video will walk you through the Follow Ups section of a case.

EthicsPoint Appoints Risk Management Industry Veteran to Board of Directors

Fri, 10 Dec 2010 00:00:00 GMT

Portland, Ore. – Dec 8, 2010 – EthicsPoint Inc., a leading provider of enterprise risk awareness solutions, announced today that its board of directors has appointed David Roche, a risk management industry veteran, as an independent director to the company’s board, effective immediately.

Not Your Father’s Hotline

Wed, 08 Dec 2010 00:00:00 GMT

How advances in hotline processes and technology

support cultural development and organizational improvement

The hotline concept has been in use for more than two

decades. What started as a simple system of dedicated

telephone lines has greatly expanded to become a

critical tool for gaining organizational insight and

managing improvement efforts. The new robust hotline

reporting systems are the product of strengthened

legislation and regulation. However, the power of hotline

reporting systems to play a stronger role in cultural

development and organizational improvement has come

from organizations that have taken a new view of the

importance of the data available to them.

Protect Against the Perils of the Dodd-Frank Whistleblower Guidelines

Thu, 02 Dec 2010 00:00:00 GMT

by David Childers

The governance, risk and compliance (GRC) industry has worked diligently since the passage of Sarbanes-Oxley Act (SOX) to help corporate America implement effective global ethics and compliance programs. Mandating the establishment of whistleblower hotlines, SOX made GRC procedures part of the viable business processes that now help drive decision-making at the highest executive levels.

As most of you know, the recently-passed Dodd-Frank Act aims to protect the American public against another future economic bailout. To ensure that reports of misconduct are brought forward and acted upon, section 922 of the Act mandates the establishment of a program to pay awards (up to 30 percent) to eligible whistleblowers who voluntarily provide original information about potential securities law violations that lead to sanctions of $1 million or more. The premise being that, if whistleblowers feel safe or are provided some sort of incentive to come forward as fraud is discovered, perhaps future economic issues will be minimized or abated.

While solidifying the value of corporate whistleblowers is certainly important, the section 922 requirements potentially undermine the value of internal ethics & compliance departments by creating a profitable association with the voicing of ethical violations. So, as the SEC works toward solidifying the whistleblower provisions in April 2011, what can organizations do to protect against whistleblowers going to the SEC before reporting to ethics & compliance?

Encouraging Reporting Within Your Organization

Regardless of the SEC’s final rules, organizations must continue working toward a culture where employees understand policies, procedures and guidelines and have been trained to – and are comfortable with – internally bringing forward reports of corruption and misconduct.

Having worked with some of the world’s largest companies to track effective elements of ethics & compliance programs, our experience has led to nine recommendations to assist organizations in self-identifying issues before the whistleblower stage:

1. Provide a universally available and accessible system that enables whistleblowers to report alleged wrongdoing.

Not a toll-free number connected to an answering machine on the General Counsel’s desk, but a legitimate, secure and constantly monitored resource that collects information and reports it to the relevant ethics & compliance leaders for action.

2. Ensure that the feedback channel maintains confidentiality and anonymity.

Make sure that stakeholders are comfortable and confident regarding the privacy and anonymity of their reports. Protecting the whistleblower’s identity is paramount in an effective compliance program, and in successfully building the trust within an organization.

3. Give feedback to the reporters.

A whistleblower needs to know that their report was heard and is being explored, especially with a potential SEC bounty on the table. Provide feedback (which can be done while keeping the reporter anonymous) informing them that their specific allegation is being explored. When conclusions are reached, have a predetermined policy regarding follow-up.

4. Make an assessment and perform collaborative triage.

Take all reports seriously; record and explore each report as it comes forward. Train to a system that escalates each report based on the severity revealed in initial investigations, explore the most serious allegations based on materiality metrics and gather as much information as possible on each. Trending and analytics are only viable when all reported data is consistently collected and triaged.

5. Employ consistent escalation.

Once the threshold for misconduct has been met, escalation should be consistent in every case – regardless of who it accuses or the subject matter. For a system to be seen as effective, it must treat all claims equally and with the same “yardstick.”

6. Document each investigation thoroughly.

A successful ethics & compliance system relies on fact-based reporting without cultural bias. As each report is investigated, recording facts in the same consistent manner can help in identifying future workplace trends. Understanding past precedents is also critical.

7. Increase risk awareness among the board and executive team.

These two essential audiences must understand where the risk within the organization originated (analysis of the reporting data), and that information must be gathered on an ongoing basis to facilitate discovery. The ethics & compliance officer should present directly to the CEO and Board at least quarterly.

8. Understand the organizational risk appetite.

Ethics and compliance departments – to be truly effective – need to acutely understand the risk appetite and aversions of their company. Without this knowledge, ethics and compliance professional cannot fully align their actions with their mandate to protect the company.

9. Promote cultural imperatives to support improved awareness throughout the organization.

Stress with your stakeholders that you sincerely want to know about misconduct and security issues. Employees who care about their company – because their company cares about them – should want to improve their work environment by first reporting issues internally versus immediately exploring external options. While not the first line of defense, a fully anonymous web and telephony hotline will provide stakeholders with a venue to explore murky ethical issues without fear of recrimination or a direct report to the SEC regarding an issue that could be innocuous.

Many factors will determine how the SEC defines whistleblower guidelines within the Dodd-Frank Act, not the least of which will be the recent reorganization of Congress. As noted, the final decisions on program parameters will come in April 2011. However, the work for internal ethics and compliance-related departments must start now to gain further awareness and trust from employees, gather information from all facets of the organization that touch risk and allow the board and executive team greater visibility into existing and future threats.

About the Author

David Childers is a pioneer in the Governance, Risk and Compliance industry and has used that knowledge to lead EthicsPoint since 2002. Childers sits on the board of the Society of Corporate Compliance & Ethics and is active with both the Ethics & Compliance Officer Association and the Open Compliance and Ethics Group. In 2008, he was named one of the “100 Most Influential People in Finance” by Treasury & Risk Magazine.

EthicsPoint, a leading provider of enterprise risk awareness solutions, helps clients protect their culture and reputation by automating governance, risk and compliance business processes. From the reporting and identification of issues and events, to the subsequent investigation and resolution of behavior that may be inconsistent with their code of conduct, EthicsPoint innovations serve more than 2400 clients and 15 million stakeholders globally. For more information about how we can assist your organization, please visit http://www.ethicspoint.com/Resources/Knowledge-Center/Dodd-Frank-Act.aspx.

Listen Now or Pay Later: The rising risk of not hearing your employees’ concerns

Wed, 01 Dec 2010 00:00:00 GMT

Glaxo SmithKline recently agreed to a very expensive $600 million fine and to forfeit an additional $150 million because of manufacturing quality issues at one of its plants. That was $750 million that might have been saved, if the company had listened to Cheryl Eckard, one of the company’s quality controllers.

She raised the concern repeatedly to management, where her pleas to correct the situation went unheeded. She ultimately was terminated, and decided to take the issue outside of the company and directly to the government. According to Ms. Eckard, “This is not something I ever wanted to do.” She had to, though, she felt. Patient safety was at stake: among other problems, different drugs were being mixed together.

Her concerns were proven valid, she was vindicated, the company was fined, and she is due to receive $96 million from the US government for her efforts under the US whistleblower statutes.

“Many in business fear that more employees will take their concerns to the US Government now that the Dodd-Frank Act is law.”

Many in business fear that more employees will take their concerns to the US Government now that the Dodd-Frank Act is law. This legislation was passed in light of the financial meltdown and contains a large number of reforms to the financial services industry.

But one provision, lost in the act during the debates but prominent in the wake of its passage, requires the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission to pay 10% to 30% of any monetary penalties more than $1 million to those who provide original information about a violation of the securities or commodities laws, including the Foreign Corrupt Practices Act (FCPA).

The SEC is already reporting an increase in calls from whistleblowers, chilling news to many US-listed companies.

To many other companies, it’s an issue that they have long had to manage. The False Claims Act, a US Civil War era piece of legislation, operates in a similar manner and affects government contractors.

”Employees generally prefer to bring their concerns in house then take them to the government. But, if a company isn’t prepared to listen to those employees, the costs can be enormous.” Roy Snell, CEO of the Health Care Compliance Association.”

The health care industry in the US is one that regularly faces whistleblower lawsuits, but, explains Roy Snell, the CEO of the Health Care Compliance Association, “This is not an epidemic issue. Most employees in health care see it as a last resort. Employees generally prefer to bring their concerns in house then take them to the government. But, if a company isn’t prepared to listen to those employees, the costs can be enormous.”

Regardless of whether or not Dodd-Frank will start a chorus of whistleblowing, companies have good cause to be concerned about employees taking their concerns outside of the company. Many organizations have already been embarrassed by what employees post on social network sites like Facebook or sites such as Glassdoor.com which invite employees to review their employers.

To help stem the tide, businesses will need to ensure that their ears and minds are open when employees come forward with concerns about potential wrongdoing, especially when it comes to claims of illegality.

It will also require companies to re-examine how open they are to worker concerns. This includes an examination on what is being done to let workers know that they can step forward safely when they see wrongdoing.

Global electronics retailer Best Buy takes a very concerted, public and unusual approach to encouraging employees to raise concerns.

Employees who are disciplined because of wrongdoing can take their case to a peer review board, which has the power to overrule company decisions.

Perhaps more importantly, the activities of the peer review board are public and posted on the Internet. Kathleen Edmond, Best Buy’s Chief Ethics Officer, maintains a public blog (www.kathleenedmond.com) where she both posts the board’s findings and invites readers to comment on the issue.

The blog was created as a means to reach out to employees and to let them know that the ethics office was there to serve as a resource for them.

Ms. Edmond reports that because of the blog employees “feel as though they know me personally and can reach out to discuss a situation comfortably.” She adds, “Probably once a month I get a note or phone call from an employee saying that they read my blog and feel like I should know something that is going on.”

She also sees the blog encouraging dialogue throughout the company. “ I hope that it also has a bigger effect of being a teaching tool, and giving employees the confidence to identify concerns, figure out how to resolve it themselves, or give them the confidence to bring the issue up to their manager so it can be solved quickly and close to the source.”

Best Buy supplements the blog with quarterly Ethics Open Forums at the corporate office. “During these events we talk openly about what the Ethics Office has been dealing with in the past quarter and then focus on a particular topic of interest. These forums are held at a time that our colleagues in the Americas and Europe can participate in at a reasonable time for them.” The company typically has approximately 300 attendees at the meetings.

In addition, Best Buy is using social media to improve the reach and effectiveness of the event, “We also set up a Tweet hash tag so that anyone could ask questions or join the conversation real time during these forums.”

Events such as these help set a strong tone at the top and encourage conversations at all levels of the organization. That’s important since many companies forget that tone at the middle – what line managers say and do — counts a great deal as well.

Marjorie Doyle, an independent compliance consultant and former Chief Ethics and Compliance Officer for DuPont, says that managers need to be trained to listen and sincerely thank the employee for raising their concerns. Managers should also explain what they are going to do in response to an employee’s allegation of wrongdoing: gather facts, talk to experts, look at the Code and policies, and so on. Adds Doyle, “It is very important that the supervisor gets back to the employee about what is being done, even if he/she can’t talk about the details.”

It’s also critical that the manager tell the employee that they have helped the company by being concerned about the issue and reporting it.

Too often, though, managers make some simple, even well-intentioned, mistakes that could lead an employee to take the issue outside of the company.

“Many are used to being problem solvers so they don’t take the time to listen and instead immediately start fashioning a ‘fix’” reports Ms. Doyle.

“Many times, a good listen is what the employee wanted.”

She also warns that, “Managers also might be unaware that they frown or have an attitude that ‘this is a bother’ and ‘shoot the messenger’. They also may think that the complaint is small or frivolous and appear to brush it off, therefore setting a discouraging tone that may end up discouraging the reporting of a real crisis.”

“Many companies have rolled out whistleblower hotlines and helplines. These phone lines give the employee the option of remaining anonymous and can help them bypass local management.”

Even with well trained managers, some workers are going to want to bring their issue straight to the compliance or ethics office, potentially anonymously. To meet this need many companies have rolled out whistleblower hotlines and helplines. These phone lines give the employee the option of remaining anonymous and can help them bypass local management – a critical asset if the potential problem is with local and immediate managers.

Companies of all size can benefit from a helpline, says David Childers, the President and CEO of EthicsPoint, a large hotline provider, “We have companies…as small as 6 full time employees and as large as 700,000.”

In fact, more important than the number of employees a company is the legal and operational risk it faces.

“Organizations have to consider whether they are legally mandated to have a hotline, such as public companies traded on U.S. stock exchanges as mandated by the Sarbanes-Oxley Act of 2002,” reports David Trachtenberg, the chief marketing officer of Global Compliance, another large helpline provider.

They also need to be prepared to offer the helpline in the languages their employees speak.

Adding a helpline is relatively simple. The real challenge is getting employees to use it, and to use it properly.

“It is critical for organizations to educate their employees on when and how to use their hotline. If employees don’t know when, where and how to report – they won’t. We typically recommend integrated communication campaigns, including workplace posters, wallet cards and brochures in order to get the message out,” says Mr. Trachtenberg.

“The two most dominant reasons why people don’t report are fear of retaliation and a concern that nothing will be done based on their report.” says David Childers.

Mr Childers adds that trust is critical. “The two most dominant reasons why people don’t report are fear of retaliation and a concern that nothing will be done based on their report.”

Earning that trust requires the right tone at the top, but once again the intervention of the immediate manager to promote the use of the hotline is also crucial. So too, is understanding how people like to communicate.

According to Mr. Trachtenberg, “Accessibility is also a key for encouraging hotline use. Today, hotlines must be more than a phone-based solution. Web-based reporting – and now Mobile-based reporting…mean anytime, anywhere reporting for all your employees. The more accessible options employees have – the more likely they will be to report.”

There is also some evidence that web-based reports can be particularly valuable since people who use them often provide more comprehensive information.

One other important element to remember: no matter what reporting mechanism a company offers: it is essential to set the right expectations for follow up. “We recommend that our clients post what a reporter can expect after placing a report,” says Childers. He suggests that they inform employees what follow up they will receive and what information, if any, that will be provided about the outcome of the subsequent investigation.

But even with the best preparation, training and follow through, there may still remain cultural resistance to using hotlines. Many in European countries have been hesitant to use them. There is a tendency to refer to and think of helplines and hotlines as “denunciation” lines, which can have a negative connotation.

Ombudsmen can provide an alternative or supplement to helplines. These individuals serve as neutral third parties – although paid by the company – for reporting incidents.

United Technologies, the global manufacturer of everything from defense systems to elevators, has had an ombudsmen program for years.

“It’s viewed as ‘safer’ than traditional reporting mechanisms, less formal, more conversational,” says Paul Robert, the company’s Associate General Counsel & Director Contracts & Compliance. “In the end, this is a more comfortable setting for employees and results in greater visibility by the organization into areas of potential noncompliance or misbehavior.”

An ombudsman has another advantage, Mr. Robert reports: “An ombudsman carries on a dialogue with the source. Unlike a hotline/helpline, a two-way conversation can help reach the nub of the issue more quickly and completely.”

With confidentiality critical to the ombudsman role, United Technologies has fought hard to ensure that the confidentiality is never breached, even by the courts. “One key reason [we have succeeded] is that our ombudsmen are not management officials who represent the company, nor do they investigate or resolve matters. They are neutrals whose function is to provide a safe place in which to raise issues, and seek fair answers and resolutions from management. As such, they are not the decision makers, nor are they advocating for either employees or the company.”

“Whether a company adds an ombudsman or not, any system for encouraging employee feedback must also include a comprehensive program for preventing retaliation.”

Whether a company adds an ombudsman or not, any system for encouraging employee feedback must also include a comprehensive program for preventing retaliation.

At United Technologies, Mr. Robert explains, “We have a zero-tolerance policy for retaliation, and that is widely known throughout the company. Retaliation of any kind is investigated quickly and dealt with appropriately.

“In cases involving our ombudsmen, the identity of a source is zealously guarded, which mitigates the opportunity for managers or co-workers to discern the source.”

Whistleblowers must also work to protect their own identity. EthicsPoint counsels that protecting oneself from retaliation begins with efforts by the employee to avoid inadvertently compromising their own anonymity. “Our workflow for web reporting outlines errors or ‘tells’ that a person can make when placing an anonymous report that can compromise their anonymity.”

United Technologies’ Robert cautions that protecting anonymity is not always possible, and that people who report incidents have to understand that. “In cases that cannot fairly be investigated or resolved without jeopardizing confidentiality, the source is given the opportunity to discuss with the ombudsman how an investigation may play out, and to determine whether to proceed if they are uncomfortable with the prospect of being identified.” He adds, “Fortunately, we encounter few of these circumstances.”

Regardless of whether or not there is retaliation, being a whistleblower can be brutal and is not typically motivated by an ambition to cash in on the employer’s wrongdoing. Cynthia Cooper was an internal auditor at Worldcom when she discovered financial wrongdoing. Knowing that the investigation could be devastating to the company, she and her team had to work secretly until they could ascertain the scope of the issue.

She was fortunate in that she had access to the board, the evidence she found was clear, and the board acted swiftly. Nonetheless, the process was incredibly difficult.

“Doing the right thing doesn’t mean that there will be no cost to other innocent people, your family or yourself. There is often a price to pay and sometimes it can be severe,” said Ms. Cooper.

“…It is important for organizations to support employees who want to do the right thing and create an environment in which employees feel confident that issues raised will be properly investigated and that retaliation will not be tolerated.’ Fred Alford.”

“In Whistleblowers: Broken Lives and Organizational Power, Fred Alford writes that many whistleblowers lose their jobs, suffer from depression, have marriages that end in divorce and go bankrupt. In the end, life is about choices. The challenge for each of us is to choose well. It is important for organizations to support employees who want to do the right thing and create an environment in which employees feel confident that issues raised will be properly investigated and that retaliation will not be tolerated.”

The fact that Ms. Cooper was an internal auditor who was paid by the company to find problems didn’t make it easier. “Many Mississippians had invested heavily in WorldCom because it was the only Fortune 500 company headquartered in my state.

“WorldCom was truly a Cinderella story for what has long been one of the poorest states in a nation. The company was headquartered in Clinton, a small college town of 25,000 where I was raised and my parents still live today. After the fraud was reported, WorldCom filed what was then the largest bankruptcy in corporate history, headquarters was moved to Ashburn Virginia, and tens of thousands of our co-workers were laid off.”

Ms. Cooper is now the CEO of CooperGroup LLC, a firm that offers consulting services in the areas of governance, ethics and compliance program implementation and evaluation and investigation support.

In sum, blowing the whistle is not easy for anyone either in the workforce or management. And, in many cases it can be avoided. In a recent interview, Eric Havian, a leading San Francisco-based qui tam lawyer noted, “By the time a potential client arrives in our office, they typically feel humiliated and insulted. From their point of view, they have taken difficult steps to bring a possible violation to light, tried their best to resolve it—all at great personal risk to their careers. They followed the Employee Manual. The problem arises when nobody else does.”

And with so many opportunities for blowing the whistle, it may be time to rewrite the manual.

About the author

Adam Turteltaub, CCEP, CHC

Vice President of Membership Development

The Society of Corporate Compliance and Ethics and The Health Care Compliance Association.

About SCCE

The Society of Corporate Compliance & Ethics (SCCE) is a non-profit membership association dedicated to improving the quality of corporate governance, compliance and ethics. SCCE’s roles include facilitating the development and maintenance of compliance programs; providing a forum for understanding the complicated compliance environment; and offering tools, resources and educational opportunities for those involved with compliance. The SCCE will be conducting a conference on Managing Third Party Compliance and Ethics Risk in London in May 2010.

The SCCE can be found online at www.corporatecompliance.org

Opportunity abounds as the downturn persists

Wed, 01 Dec 2010 00:00:00 GMT

The recession officially ended 18 months ago, in June 2009. But it sure doesn’t feel that way in Oregon. The job market is weak, the real estate market is in deep trouble, the foreclosure mess is far from cleaned up, banks are still wobbly and consumer confidence is understandably low.

But there are opportunities in this economy for those fortunate enough to be in a position to invest. Big opportunities. The housing market doesn’t look so bad if you are a buyer. Neither do the markets for businesses, land and technology upgrades. Even as the slump drags on in painful ways for some Oregon companies, others are exploring new markets with great long-term promise. “I’m more optimistic than I have been in years,” says Portland-based financial consultant Larry Willeman of Willeman Strategic Partners, who coaches CEOs on managing cash flow and investing strategically. “I’m seeing opportunities everywhere.”

There is no disputing that most Oregon businesses continue to wait for the sort of recovery that can bring the confidence to invest. But for those with the ability and mindset to find and exploit opportunities, it is a time ripe with possibility. Paradoxically, the more people who seize these opportunities, the faster they will start to vanish, replaced by new demand and competition, and the sooner true recovery will arrive.

But until that happens, here are five areas where opportunity is knocking and Oregon companies are answering the call.

The real estate landscape is littered with deals

Barry Menashe likes to say he started out in the real estate business 35 years ago with 25 cents in his pocket. Now he owns more properties than he can name. In September he bought the historic Police Headquarters building in downtown Portland for $2.5 million, half of what it sold for 10 years ago and less than a third of the boom-time asking price. As always, he moved quickly and paid cash.

“Is that a beauty or what?” Menashe asks as he strides purposefully across a parking lot to the lobby of the stately 1912 brick historic structure, the original home of the city’s police force, remodeled into office space in the 1980s. “When I bought the building a lot of the lights were out. Within two hours I had them fixed.”

The entrance to the building is gorgeous, and the floor occupied by the Stoll Bern PC law firm shows the building’s potential. But three floors are entirely vacant. Asked what he plans to do about the vacancies, Menashe smiles. “I’m going to fill them.” He nods his head. “And I can do it at very affordable rent levels.”

Not long after buying the police building, Menashe bought a 27-lot subdivision near Washington Square that had reverted to the bank after foreclosure. He plans either to resell the subdivision for a profit or build starter homes there and sell them. Asked about the risk of buying foreclosed property when the market is already flooded with more of the same, he says, “I have faith in this particular location and this particular market… Everything I buy, there’s a situation, and there’s a story. I want to know the story and understand the story.”

Menashe built his real estate empire piece by piece, starting out with $17,000 rental homes and making his first foray into downtown Portland with a lender-owned property that he still owns. He attributes his success to buying cheap for long-term value, paying off debts quickly and managing all his properties with a small staff of seven people. Most importantly, Menashe says he avoided over-buying during the boom years of 2004-2006. “People were spending way too much,” he says. “But they were spending other people’s money. I’ve never done that.”

When prices began to plummet in 2009 and 2010 he was able to bid low and pay cash. “My favorite thing has always been acquisition,” he says as he walks back to his office passing several other buildings that he owns along the way. “I’m looking to do some more right now.”

Menashe is a distinctly urban buyer, but the real estate deals in the current economy are by no means limited to downtown. It is also a busy time for John Rosenthal, president of Realty Marketing NW. His business auctions off a wide variety of properties throughout Oregon and the West, much of it bank-owned. The longer the real estate slump lasts, the better the deals become: a 26-acre mixed use property on 82nd Avenue in Portland for $4.65 million, 85 acres in Clatsop County for under $100,000, a residential lot on the Coast for $20,000 and dozens of parcels of timberland in Lane and Douglas counties for under $100,000.

Rosenthal is particularly optimistic about the opportunity in Oregon timberlands. For years large timber companies dominated the market, buying up land hungrily and selling rarely. That has changed dramatically as the timber industry has weakened. Several of Rosenthal’s clients have seized the opportunity to purchase large properties they would not have been able to afford in the past. “Even in this market, Oregon timberland is an attractive investment,” says Rosenthal. “And you can get in the game for under $100,000.”

Companies are looking for deals

It’s no surprise that after years of recession followed by sluggish recovery, companies are hesitant not only to hire but also to spend. That’s where the opportunity lies for vendors who can offer goods or services at a lower price or help businesses spend less by automating or outsourcing mundane tasks.

That’s why Test Systems Strategies Inc. (TSSI) is prospering in Beaverton. Every new computer chip that is designed must be tested, and TSSI has 30 years of experience testing chips using a standard methodology. Companies eager to get new products to market can save money by outsourcing that step in the process to TSSI.

“We save our customers money and help them get to market faster,” says CEO Hau Lam. He attributes his unusual success during the recession to hard work and innovation, saying that revenues grew by 20% in 2008 and 30% in 2009. TSSI also continued investing as the economy fell, buying a building on Millikan Way in 2007 and establishing headquarters there in 2008.

Lam is very tight-lipped about company specifics. TSSI went independent and private in 2005 after spinning off from publicly held Summit Design and does not share revenue figures or employee numbers. “We prefer to be a quiet success,” he says. “We are a small company with a huge reach. We don’t have our names on the product, but rest assured our fingerprints are on it.”

TSSI serves an extensive menu of global clients including Sony, Toshiba, Boeing, Toyota, IBM, Cisco and Siemens. That doesn’t include the steady supply of small startups inventing new technologies, as computer chips play ever-larger roles in the designs of cars, video games, smart phones, and practically everything else. “There will always be new companies building new technology with new chips for new uses,” Lam predicts. “Some will succeed and some will fail. But succeed or fail they will have to test.”

It probably doesn’t hurt that one of TSSI’s biggest clients, Intel, has had a stellar year and recently announced plans to invest billions of dollars into new plants. Nor does it hurt that Hau Lam is fluent in Mandarin, with connections in Beijing and in fast-growing Vietnam, where he was born and raised. The shift of business power to Asia is another area of opportunity. “It doesn’t matter where the company is, we can serve it,” he says. “We just want to make sure all the profits go through Beaverton.”

Consumers are looking for deals

The same trend that has businesses hunting for bargains also applies to consumers. They want to spend less but they don’t necessarily want to give up on quality. As a result clothing consignment shops such as Here We Go Again in Portland are doing more business than ever. Owner Chris Gauger saw an immediate rise in both buyers and sellers when the bottom fell out of the economy in September 2008, and her nine-employee, two-store business has grown steadily since, enabling a series of upgrades and investments.

“When the economy went down we started seeing people who never would have thought of consigning before,” she says. “People started asking themselves, ‘Do I really need three or four handbags?’”

With all the new merchandise flowing in from new sellers, Gauger was able to be extremely selective in her purchases. She estimates she turns away 80% of the clothes she gets offered, buying only the top brands in great condition. She is able to offer up-scale clothing for about half what it costs new, splitting the proceeds 50-50 with consigners. She estimates she writes about 500 checks to consigners per month. On a busy day her staff will bring in 50 to 100 new items selected from hundreds of offerings.

With sales picking up in both stores, Gauger moved to invest. She rebranded the business with a new logo, upgraded her in-store technology, improved her online presence by marketing through Twitter and Facebook and buying a space on the deal-of-the-day website Groupon, and organized a successful bus tour of the consignment stores of Portland on Super Bowl Sunday. She also managed to sprint through a low-budget, high-impact remodel at her store just off SW Macadam Boulevard without losing any store days.

First she did the painting herself with help from staff. Then she convinced her landlord to let her set up a short-term pop-up store in a nearby vacant space so she wouldn’t have to close for remodeling. She and her staff wheeled all the merchandise over into the temporary space in a single night and got the new space up and running for the next business day. While employees worked out of the temporary space, workers for the Portland-based contractor Interworks remodeled the store to improve the lighting and ambience. The project took a mere 12 days and cost less than $20,000. Gauger plans to remodel her store on Northeast Broadway next.

Gauger, a slim, energetic woman with a master’s degree in dance, was in a stressful position as the economy dropped off. She had just expanded into a second store, and recently had been diagnosed with breast cancer. Now both stores are doing great and her cancer is in remission. She finished the 5K Susan B. Komen Race for the Cure in Portland in less than 30 minutes.

The recession brought a whole new supply of customers that she has worked hard to win over, and the powerful national trend toward living simpler and greener plays into her industry nicely. “People want better stuff, and less of it,” she says. “We see that every day.”

It’s a good time to buy technology

Even as the economy slowed to a near-standstill, innovation in the technology sector continued to move at a dizzying speed. Software and hardware just get better, faster and more efficient — and in many ways, cheaper. It costs far less to start up a company than in the past, or to bring systems up to date, gain faster Internet connections, expand your marketing presence online, improve conversion rates and take advantage of cloud computing. Even more significantly for established but growing Oregon companies such as EthicsPoint, it is an extremely good time to purchase sophisticated technologies developed by individuals who don’t have the resources to commercialize them.

EthicsPoint, a rapidly expanding Lake Oswego-based expert in the governance, risk and compliance industry with more than 2,300 clients, has built its business on the bottom-line importance of running an organization with integrity. The market for their services has grown as regulations have become more complex (think HIPAA and Sarbanes-Oxley) and laws on the books for years regarding bribery and corruption (think the Foreign Corrupt Practices Act) are enforced with more vigor in the wake of the financial crisis.

“There’s no shortage of opportunity for us,” says CEO David Childers.

EthicsPoint purchased two key technologies earlier this year at a fraction of the amount invested to develop them. The first is a policy manager technology that enables companies to set and track workplace policies and monitor their effectiveness. The second is a visualization tool developed for the Department of Homeland Security that enables users to layer data covering everything from crime and terrorist acts to weather and foreclosure rates onto interactive maps that help monitor risks proactively. That tool is built on layers, filters and feeds, and it aggregates data from a wide variety of sources. It is used by the U.S. Army to monitor troops in Afghanistan and by the Swedish Government to oversee its 9-1-1 program. EthicsPoint plans to offer it to clients in the first quarter of 2011.

“We used the down economy to take advantage of technology people had invested a lot of money in,” says Childers. “We were able to buy that technology at a very good price. Now EthicsPoint is in the awareness business. We can help clients identify events in real time that could pose a risk to their businesses.”

Both technologies play nicely into the EthicsPoint strategy to expand the menu of services available to its 2,300-plus clients. “We have 100 clients already clamoring for our visualization product,” which will be released in the first quarter of 2011, Childers says.

Other tech companies have also seized the opportunity to purchase key technology in this economy, the largest example being Intel buying the security giant McAfee for $7.7 billion. But the opportunity doesn’t apply only to tech giants. Prices for all types of businesses have fallen. The most recent data from the Internet’s largest marketplace of businesses for sale, BizBuySell.com, indicates that prices for local businesses are even lower now than they were a year ago. The current median asking price for Portland businesses is $249,750, down 14.8% from $293,000 a year ago. The data considers both listed businesses and the growing number of companies for sale by owner.

Nationally, the median sales price for small businesses is the lowest it has been since BizBuySell.com began tracking it in 2007.

Opportunity on the digital frontier

As much opportunity as there is in the buying of technology, there may be more in pushing technology forward. Businesses that devise new ways to do basic things more efficiently and with fewer headaches can grow very quickly in this environment.

For example, consider the work of systems administrators who oversee hundreds or thousands of machines at once. Portland startup Puppet Labs, one of the fastest-growing companies in Oregon, has developed a system to automate data center management, freeing up systems administrators to focus on work with more strategic importance to the organization. Founder and CEO Luke Kanies wrote the code for Puppet with a “fanatical focus on ease of use,” creating an open-source platform upon which software developers can share improvements and build applications.

The market potential for Puppet is huge. Tech giants such as Google and Amazon profit from data center management, but for most other companies it is a hassle and an expense. Kanies pitches Puppet as a means to free up a company’s technologists to do important rather than menial work, comparing it to the historic shifts from telephone operators to automated systems that improved service and offered more advanced opportunities in the industry.

Kanies positioned the Puppet brand as a frequent speaker at international open-source conferences and moved to build the company in Portland with $7 million in venture capital. Over the past year he has built the company from nine employees to 25, and he intends to grow to 50 next year. Already Puppet Labs has outgrown its funky Old Town office and is in the process of moving into 9,000 square feet on the top floor of a building on NW Park Avenue that will soon bear the company’s name.

As CEO of a rapidly growing technology company with big investments propelling it forward, Kanies has a different view of the real estate market from other business leaders. The low-rent, long-term lease is less appealing to him because a seven- to 10-year lease requires information about the future that is fairly unknowable at this stage. “Either I’ll be out of business in seven years,” says Kanies, “or we’ll be 700 employees.”

It goes without saying which of those options he would prefer. Like Jive Software before him, Kanies is trying to prove that the rapid-growth, investor-backed tech model can work in Portland and resist the gravitational pull of California (Jive recently moved its headquarters to the Bay Area but maintains a major presence in Portland). “I want to stay CEO and I want to stay in Portland,” says Kanies. “But we have to perform. That’s what it comes down to.”

In his view, the opportunity for innovation in the digital space is “unlimited.”

The Impact of the Dodd-Frank Whistleblower Provisions

Tue, 30 Nov 2010 16:03:18 GMT

In this webcast, hosted by Securities Docket, David Childers, President & CEO of EthicsPoint, and Christopher Davies, Partner, WilmerHale, address the issues and your questions about the “whistleblower” provisions in the Dodd-Frank Wall Street Reform and Consumer Protection Act.

IAPP Global Privacy Summit

Mon, 29 Nov 2010 18:45:45 GMT

Listen to Amanda Mayhew, General Counsel, Corporate Secretary and Privacy Officer for EthicsPoint, as she discusses Privacy Considerations when Vetting Third Party Vendors, Suppliers & Agents.

HCCA's 15th Annual Compliance Institute

Mon, 29 Nov 2010 18:44:16 GMT

Visit us at booth #612 in the exhibit hall and listen to David Childers speak on a holistic approach to better risk management in the general session.

Real Estate: Hollywood Video returns to Tigard roots

Fri, 26 Nov 2010 00:00:00 GMT

Hollywood Entertainment Co., part of the bankrupt Movie Gallery Inc., returned to its Tigard roots. The video rental chain signed a short-term lease for 3,180 square feet at 7409 S.W. Tech Center Drive, — the office where the formerly high-flying company first started.

A broker involved with the deal said Hollywood executives needed a place to wrap up the liquidation process for Movie Gallery as part of its most recent bankruptcy. Movie Gallery is being liquidated after filing for bankruptcy in February, its second in less than three years. Movie Gallery collapsed after spending more than $1.3 billion to acquire Hollywood.

DJ Driscoll of Capacity Commercial Group represented the tenant; Scott Finney of Norris & Stevens Inc. represented the owner, Watamul Properties.

Office

• SWCA Environmental Consultants Inc. leased 10,878 square feet at the Terminal Sales building, 1220 S.W. Morrison St., Portland, from Weston Investment Co. LLC. Gordon King, Brad Christiansen and Mike Holzgang of Colliers International represented the tenant; Steve Root of American Property Management Co. represented the property.

• Samuels Yoelin Kantor Seymour & Spinrad LLP, a law firm, leased 10,845 square feet at U.S. Bancorp Tower, 111 S.W. Fifth Ave., Portland, from Unico Properties LLC. Jeff Sholian and Joe Vaughan of Pacific Real Estate Partners Inc. represented the tenant and property, respectively.

• Worksystems Inc., a workforce development agency, leased 9,698 square feet at Riviera Plaza, 1618 S.W. First Ave., Portland. Gordon King of Colliers International represented the tenant; Sean Turley, MaryKay West, Chris Johnson and Charlie Floberg of NAI Norris, Beggs & Simpson represented the property.

• The Oregon Association of Hospital and Health Systems extended and expanded its lease for 6,788 square feet at 4000 Kruse Way Place II, Lake Oswego, with Shorenstein Realty Services L.P. Jim Carver of APEX Real Estate represented the tenant; Jeff Sholian and Buzz Ellis of Pacific Real Estate Partners Inc. represented the property.

• EthicsPoint Inc., a governance, risk and compliance firm, leased 6,684 square feet at 6000 S.W. Meadows Road, Lake Oswego, from Shorenstein Realty Services L.P. Chris Johnson and MaryKay West of NAI Norris, Beggs & Simpson represented the tenant; Buzz Ellis of Pacific Real Estate Partners Inc. represented the property.

• Engineworks Inc., a search engine marketing firm, leased 4,126 square feet at Water Tower, 5331 S.W. Macadam Ave., Portland, from Melvin Mark Cos. Andrew Rosengarten of NAI Norris, Beggs & Simpson represented the tenant; Nick Ehlen of Melvin Mark Brokerage Co. represented the property.

• Ivey Jacobson & Co. LLC, a tax, financing and estate planning firm, renewed its lease for 2,992 square feet at Kruse Woods II, Lake Oswego, with Shorenstein Realty Services L.P. Jake Lancaster of Grubb & Ellis Co. represented the tenant; Jeff Sholian and Buzz Ellis of Pacific Real Estate Partners represented the property.

• Scott Richmann Insurance Agency leased 2,605 square feet at Lloyd Corporate Plaza, 925 N.E. 19th St., Portland, from Weston Investment Co. LLC. Jamie Nelson of Elliott & Associates represented the tenant; Steve Root of American Property Management represented the property.

• Cascade Residential Mortgage LLC leased 2,426 square feet at Lincoln Center, 10250 S.W. Greenburg Road, Portland. Andrew Rosengarten of NAI Norris, Beggs & Simpson represented the tenant; Matthew Vissotzky of Capacity Commercial Group represented the property.

Industrial

• Orbital Logistics Services Inc. leased 8,925 square feet at 13816 N.E. Airport Way, Portland, from ProLogis TLF LLC. Todd Collins of Macadam Forbes Inc. brokered the deal.

• Olympic Meats LLC leased 5,000 square feet at 1632 N.W. Thurman St., Portland, from Kathleen Keppinger. Ed Meaney of Macadam Forbes Inc. brokered the deal.

• Mission Homes N.W. LLC leased 4,050 square feet at Parkside Business Center, 7935 S.W. Cirrus Drive, Beaverton, with Gateway Columbia Properties Inc. Chris Johnson and MaryKay West of NAI Norris, Beggs & Simpson represented the tenant; Preston Greene and Charlie DiGregorio of CB Richard Ellis represented the property.

Retail

• Wells Fargo Bank leased 3,600 square feet at 1530 N. Pacific Highway, Woodburn, from Pacific Realty Associates L.P. Jack Gallagher of NAI Norris, Beggs & Simpson represented the tenant.

Of note

• Bluestone & Hockley Real Estate Services has added Village at Columbia Shores, a 135-unit Vancouver apartment complex, to its management portfolio. It is the fifth property in Washington in Bluestone’s portfolio.

• Eugene-based Campbell Commercial Real Estate formed from the Nov. 1 merger of Western Properties, owned by Dan Montgomery, and Campbell Commercial Real Estate, owned by Tim and Patric Campbell. The commercial firm has eight brokers. Its office is at 701 High St., Eugene. The number is 541-484-2214.

• Owners of sustainably managed buildings expect a four percent higher return on thier investment than owners of traditionally managed buildings, according to a multiyear study conducted by CB Richard Ellis with the University of San Diego and McGraw-Hill Construction. The study found owners expecte a five percent greater increase in building value as well. Four out of five owners believe sustainable properties are better position to attract and retain tenants, yielding a five percent increase in occupancy and an one percent increase in rental income.

Congratulations are in order!

Fri, 12 Nov 2010 00:00:00 GMT

Image by Camera Slayer via FlickrLast night Corporate Secretary magazine presented the third annual Corporate Governance Awards, and the winner's list was chock full of EthicsPoint customers, many of whom I've had the distinct pleasure of meeting. I've said it before, but it bears repeating - the single most rewarding part of my job is interacting with our customers who work tirelessly fostering an environment of compliance and integrity throughout their organizations. Whenever I tire of the negativity endemic in our politics and media, I find solace in knowing the reality is much more positive than what is reported, often based on the character and hard work of clients and individuals like those listed below.Please join me in congratulating the following winners of the Corporate Governance Awards:Most Innovative CSR disclosure - Timberland Best Legal team in an M&A transaction - Kraft FoodsBest proxy statement - UnitedHealthCorporate governance team of the year (large-cap) - Best BuyGovernance professional of the year (large-cap) - Carol Ward, Kraft

The ACUA Risk Dictionary: Using it to Improve Your Audit Approach

Thu, 11 Nov 2010 20:20:18 GMT

The Risk Dictionary is a valuable benefit of ACUA membership that can be used at multiple levels of your audit function.

Regulatory Preparedness – Understanding and Minimizing the Impact of International Corruption Regulation

Thu, 11 Nov 2010 11:17:52 GMT

Despite record fines and high-profile prosecutions, many companies are unprepared for the impact of anticorruption regulations on their international business operations. In this webinar you will learn the key themes of the FCPA and UK Bribery Act and examine means of minimizing exposure.

Dodd-Frank Section 922

Tue, 09 Nov 2010 00:00:00 GMT

The governance, risk and compliance (GRC) industry has worked hard over the past six years to help corporate America implement effective ethics and compliance programs. GRC procedures have become part of the viable business processes that drive decision making at the highest level of most public corporations. In response to the most recent financial meltdown, the US Government introduced the Dodd-Frank Act. The critical task for the Dodd-Frank Act is to address the increasing propensity of the financial sector to put the entire system at risk to eventually be bailed out at taxpayer expense. In doing so, it attempts to: identify and regulate systemic risk, propose an end to too-big-to-fail, expand the responsibility and authority of the Federal Reserve, restrict discretionary regulatory interventions, reinstate a limited form of Glass-Steagall (the Volcker Rule) and regulate the transparency of derivatives. As part of the identification and regulation of systematic risk, the Act's Section 922 attempts to protect, encourage and incent whistleblowers to come forward, a tactic that could have decreased the risk of the impending meltdown had whistleblower claims been adequately explored in the years previous. Dodd-Frank section 922 mandates the establishment of a government-sponsored program to pay awards of up to 30 percent to eligible whistleblowers who voluntarily provide original information about potential securities law violations that lead to sanctions of $1 million or more. While solidifying the value of corporate whistleblowers is certainly important, the requirement potentially undermines the value of internal ethics & compliance departments. This process will create profitable association with the voicing of ethical violations and therefore competition for this vital information. The question then becomes, “How is an internal department expected to keep pace with the promise of millions of dollars in reward money from the SEC?”As a tax payer, investor, business leader and responsible corporate citizen, I fully appreciate the need for the regulatory environment to evolve in order to protect the stakeholders. Financial fraud has run amok and no one wants a continuation of the current economic turmoil due to deceit performed by the few, but impacting the many. Whistleblower provisions should help protect those bringing misconduct or neglect to light, but provisions under Section 922 tacitly bypass companies who are working diligently to preserve open channels to report wrongdoing internally and create competition to externally report without the careful exploration and care that would be provided by the company itself.If this appears to be a plea to decrease the avenues open to whistleblowers, consider this: all public entities are under consent decree to report any allegations of wrongdoing, so the corporation is legally bound to be the first reporter of accusations of ethics & compliance violations to the Federal Government already. However, accusations made by whistleblowers under Section 922 are public record, meaning that every complaint lodged with the SEC is publicly available when it’s filed, whether valid or not. Not only does Dodd-Frank create a competition between the internal compliance department and the whistleblowers to be the "original" reporter of the violation to the SEC (another existing regulatory requirement), but this information also allows Wall Street to react to reported violations without the benefit of due process. Historically the number of whistle blowing complaints that are maliciously filed have been very low. Internal ethics and compliance departments investigate all allegations, and report wrongdoing when they move beyond the allegation phase to a valid complaint. Hard working compliance and legal officers diligently protect their companies and officers from these reports from achieving their intentional harm.Remember, under Dodd-Frank whistleblowers are under no obligation to report to the ethics and compliance departments before taking their complaints to the SEC. Wall Street has never reacted well to good governance. Good governance requires transparency and Wall Street tends to react to the false perception of risk created by allegations - regardless of proven conduct. It remains to be seen how the SEC will answer these questions and concerns; they are currently taking comment on the whistleblower provisions and a final decision is expected in April 2011. In the meantime, we continue advising clients on the most robust programs to increase trust and dialogues internally.

The SEC's whistleblower bounty

Thu, 28 Oct 2010 00:00:00 GMT

28 Oct 2010

Elizabeth Judd

Corporate Secretary

Commission's rewards for enforcement actions makes resolving problems in-house more urgent than ever

On September 24, moviegoers attending the opening of Oliver Stone’s Wall Street: money never sleeps in Manhattan may also have seen plaintiffs’ lawyer Stuart Meissner’s trailer announcing his new website, www.secsnitch.com. The site encourages whistleblowers to serve up evidence of corporate wrongdoing in the hope of receiving the new 10 percent to 30 percent bounty on SEC enforcement fines against companies committing serious financial misdeeds.

The SEC bounties, which are mandated by Section 922 of the Dodd-Frank Wall Street Reform and Consumer Protection Act, are stirring up profound controversy. ‘Companies are worried,’ says John Coffee, law professor at Columbia University. ‘They’re worried that a certain amount of misinformation will be reported to the SEC and that some employees may not report internally but may go straight to the commission.’

Stephen Kohn, executive director of the National Whistleblowers Center in Washington, DC, also sees the move as a game-changer, but for completely different reasons. ‘If the SEC properly administers this law, this makes the primary motivating factor on Wall Street – maximization of profits – consistent with honesty and compliance,’ he says.

Although experts disagree on the merits of the whistleblower provisions of Dodd-Frank, everyone points out that bounties could be quite hefty, given enforcement settlements of the recent past. On July 15, 2010, for instance, the SEC announced that Goldman Sachs would pay a record $550 million for having misled investors about a subprime mortgage collateralized debt obligation that the firm marketed.

Experts believe the SEC will take this program seriously, given the public black eye it’s suffered over its mishandling of several recent scams and frauds. Harry Markopoulos, an independent fraud investigator, approached the SEC many times over several years to express concern about Bernie Madoff, but nothing was done. ‘The SEC cannot afford another Madoff,’ says David Childers, chief executive officer of Portland, Oregon-based EthicsPoint.

What the rules will say

As Corporate Secretary went to press, the SEC had yet to issue guidance on its new whistleblowing regulations, but corporate secretaries won’t have long to wait. The commission has to adopt these regulations no later than April 21, 2011 (nine months from enactment).

The Dodd-Frank Act applies to all original information the SEC receives after July 22, 2010. Already, the regulator has received tips: as of October 1, 2010, Meissner says he has received 20 or 25 calls from whistleblowers and has initiated five actions, with a few more in the works.

The breadth of the regulations remains unknown. Steven Berk, founder of Washington, DC-based Berk Law and author of the Corporate Observer blog, points out that corporate interests will inevitably try to narrow the scope of the regulations. He predicts others will argue that any type of misconduct, whether it relates to breaches of the Foreign Corrupt Practices Act or to environmental negligence, could fall under the SEC’s whistleblowing purview.

Nell Minow, founder of the Corporate Library, says the introduction of the SEC’s whistleblower regulations is predictable given the financial collapse of 2008. ‘Every crisis leads to a new whistleblower provision,’ she explains. Most notably, after the Enron crisis, Section 301c of SOX required companies to create internal whistleblower hotlines, with information from these hotlines going straight to a board’s audit committee.

The new SEC regulations reach well beyond SOX inasmuch as whistleblowers are financially rewarded for fines exceeding $1 million and no longer need to be employees, observes Childers. ‘Is the whistleblower going to be a customer? Is it going to be a supplier? Or will it be a family member or spouse who might want to profit from what he or she knows?’ he asks.

Coffee maintains that the question of what constitutes ‘original’ information could also be subject to debate. ‘Information has to be original, but it doesn’t have to be critical,’ he points out. ‘So I think in many instances there are going to be multiple whistleblowers, and there’s going to be some fighting over who gets what share of the bounty.’

How one views the SEC’s whistleblower compensation program depends on how one perceives the mythic figure of the whistleblower. Because whistleblowers often act anonymously, these polarizing figures have become something of a Rorschach test.

One widespread conception is that whistleblowers are acting from dishonorable motives. ‘Many whistleblowers are emotionally unstable or have grievances,’ avers Coffee. Minow warns that whistleblower programs create a double-edged sword: ‘You want to create a safe place for people to tell you the truth about what’s going on. What you don’t want is to create perverse incentives for people to protect their employment by starting this process. Once you blow the whistle, any kind of effort to make you do your job can be seen as retribution. You can pretty much write your own ticket.’

Kohn, on the other hand, points out that whistleblowers have historically brought key information to government. He also notes that before an individual blows the whistle on corporate practices, that individual has almost always exhausted traditional avenues for lodging complaints. Kohn says every whistleblower who has approached the National Whistleblowers Center has first approached his or her supervisor.

Another Rorschach test is how one views plaintiffs’ lawyers. Under Dodd-Frank, whistleblowers may act anonymously. This means the information they provide would be relayed to the SEC through a lawyer, raising questions about the integrity of the process.

David and Goliath

Meissner, who prosecuted fraud cases as a former New York State assistant attorney general under Eliot Spitzer, perceives www.secsnitch.com as a means of ‘helping clean up Wall Street – it’s a David and Goliath thing.’ What’s more, he envisions himself as a ‘partner’ with the SEC, an agency that might soon be overwhelmed by an avalanche of tips.

Coffee, however, is convinced that ‘the idea of advertising for whistleblowers shows the entrepreneurial mindset of the plaintiffs’ bar at work. The plaintiffs’ bar can polish up testimony, take off the rough edges and make something look less like a personal grievance. Plaintiffs’ lawyers may try to market complaints to the SEC, presenting it with evidence on a platter.’

When a public company receives a report of internal misconduct, management often weighs the pros and cons of approaching the SEC voluntarily. Lucinda Low, a partner at Steptoe & Johnson in Washington, DC, says ‘companies that get a whiff of something being done wrong can’t let the grass grow under their feet. That was true before, but it’s even truer now.’ Although companies may understandably wish to conduct their own internal investigations before contacting the SEC, the new whistleblower bounties make the whole process far more urgent.

Peter Henning, a law professor at Wayne State University and a blogger for the New York Times’ DealBook, worries that the new SEC regulations will ‘give employees an incentive to bypass internal reporting.’ The problem, he suggests, is that ‘when you put a financial reward out there, you may get people with something questionable that they don’t report because they didn’t think it was that important.’

‘There will be many general counsel who won’t want to tell the SEC about something embarrassing, something potentially actionable – they’d prefer to lie low,’ says Coffee. In the coming months, he anticipates that the question of when to approach the SEC will be hotly debated. ‘Most inside counsel are not eager to blow the whistle on themselves, even though it will stop the whistleblower,’ he explains. ‘But it may be the way to put the most favorable face on a situation and to enter into a non-pecuniary settlement.’

Companies need to anticipate what toll whistleblowing will take on the cultural fabric of their organizations. ‘We’re almost 10 years post-SOX,’ says Childers. ‘Many companies have worked hard to create a culture of trust within their organizations, but now the SEC has created a competition with pay to almost usurp that culture.’

Be that as it may, Childers believes the most critical step for companies today is making themselves trustworthy – and fast. ‘If an organization is built on trust, people will report information internally,’ he says. ‘If not, they’re going to go to outside sources.’

Look Before you Leap -- Managing Risk in Global Investments

Wed, 27 Oct 2010 00:00:00 GMT

Deloitte presents its annual Look Before You Leap survey, showcasing how companies are using background/integrity checks to better manage the risks inherent in investments and new business relationships outside the US. In addition, this year's survey addresses how companies are complying with the FCPA and the challenges they face.

The Cost of Fraud

Thu, 21 Oct 2010 00:00:00 GMT

I downloaded the 2010 Kroll Global Fraud Report the other day - it's 47 pages of insightful data, analysis and recommendations with section overviews for both geographic and industry segments - I highly recommend downloading a copy. (Also would encourage readers to sign up for our upcoming webinar in which Melvin Glapion, Managing Director, UK Head of Business Intelligence, Kroll and Jeff Cramer, Managing Director and head of Kroll's Chicago office will discuss findings in this report)To whet your appetite, here are some statistics that caught my eye just in my initial reading:88% of respondents report they had been hit by at least one type of fraud in the past year - this is across small, medium and large enterprises. How are you collecting reports of suspected misconduct? I ask because I've heard many companies say "they don't have problems in their company - we don't have a need for an easy way to collect, investigate and resolve misconduct reports." Really???? You're one of the 12% of people that haven't been hit by fraud in the past year? Really? If so, Congratulations!Cost of fraud has risen 20% in the past year - across all size companies. This is NOT just a large enterprise problemFraud/Corruption is not a victimless crime - it is hampering the economic development of all countries:48% of respondents indicate that fraud has deterred them from engaging in business in at least one foreign country. (this is not just a developing country problem - 7% have not operated in North America due to the perception of fraud!)Corruption was named by 63% of respondents as the main reason for not doing business in Africa and 59% for avoiding Central Asia.Most companies are not prepared to comply with anti-corruption laws such as the US' Foreign Corrupt Practices Act (FCPA) or UK Bribery ActOnly 36% of companies that fall under one or more of these laws believe these mandates applied to their business!These statistics (and others in the report) are staggering and sobering in many ways. But at the same time, I'm re-energized and optimistic when I think of all the progress our customers are making to improve their overall ethics and compliance programs. Yet I only have the opportunity to speak with a small percentage of clients and prospective customers, so I ask you: How would you have answered the questions in the survey, and what are you doing to improve?

Kroll Global Fraud Report

Thu, 21 Oct 2010 00:00:00 GMT

In this edition, we take a closer look at the issues that Kroll is most frequently asked to investigate, and the variations in the nature of the threat across different regions. Four important themes emerge:Theft of information and electronic data overtakes physical theft for the first time as the most frequently reported fraud.Fear of fraud is dissuading 48% of companies from operating in other countries. China and Africa are the geographies most affected, with corruption identified as the greatest concern.Companies appear unprepared for heightened Foreign Corrupt Practices Act (FCPA) enforcement and the impact of the UK Bribery Act. For example, only one third of respondents with a presence in the United States or United Kingdom felt the laws applied to them.Fraud is largely an inside job across all geographies and industries. Some 44% of respondents attributed fraud to employees and a further 11% identified agents or intermediaries as the key perpetrators.

Lessons from a Banking Crisis: A Whistleblower’s Account of the Story Behind Halifax Bank of Scotland’s Bailout (HBOS)

Wed, 13 Oct 2010 18:12:14 GMT

Join us on October 13 to hear former bank regulator Paul Moore discuss the challenges in governance that lead to the forced acquisition of HBOS as part of a government bailout.

Paul Moore, former Head of Group Regulatory Risk at HBOS, saw the banking crisis hit from the inside one of Europe’s largest banks. The result of the poor management he witnessed lead to HBOS’ rescue by forced acquisition; it is now part of Lloyds Banking group.

Deterring and Detecting Financial Reporting Fraud

Mon, 11 Oct 2010 00:00:00 GMT

The Center for Audit Quality just released a new report - Deterring and Detecting Financial Reporting Fraud - A Platform for Action, which I downloaded. The report focuses on financial reporting fraud at publicly-traded companies of all sizes, and its recommendations are intended to be scalable to different situations. I found it to be a pretty comprehensive report, with guidance that would be applicable for any organization (large, small, public, private, etc.) looking to improve internal operations and mitigate the risk of financial reporting fraud.As it is a 55 page document, I won't try to summarize all the salient parts here, but I did think their top three characteristics in organizations where this risk in minimized are worth repeating:A strong, highly ethical tone at the top that permeates the corporate cultureSkepticism - a questioning mindset that strengthens professional objectivity, on the part of all participants in the financial reporting supply chainStrong communication among supply chain participantsGiven the corporate scandals that have emerged over the past few years, have you assessed your compliance and audit strategies with an eye toward mitigating this risk?

4th Annual European Anti-Corruption Summit 2010

Wed, 06 Oct 2010 13:56:26 GMT

EthicsPoint will be exhibiting at the 4th Annual EthicalCorp Anti-Corruption Summit.

Calling In Corruption

Fri, 01 Oct 2010 00:00:00 GMT

Increased enforcement and some sizable penalties have boosted corporate interest in ethics hotlines

Gail Mills, director of human resources at Home Depot, is a big fan of hotlines. The $66 billion home improvement chain has had a hotline in place for employees and vendors for at least 15 years, she says. “In all that time, the hotline has always paid for itself, because as long as an associate is calling us instead of filing a lawsuit, going to the media, or going to OSHA, it allows us to fix the problem, and that’s a huge benefit,” Mills says. “It’s worth whatever it costs us.”

Hotlines may be old hat, but the growing ubiquity of all sorts of media to spread the word, enhanced enforcement against corruption by the Securities and Exchange Commission and the recent Dodd-Frank Act’s promise of bigger bounties to whistleblowers are focusing new attention on what used to be just a red phone in the corporate counsel’s outer office.

Many companies that haven’t had an anonymous way for employees to register complaints or report problems are adding hotlines, with vendors reporting growth rates of 30% to 40% a year. Companies that have long had hotlines are looking at ways to improve them, extend their use to more employees, and expand them to include suppliers and customers. Companies are also gathering and analyzing data about complaints to learn more about systemic problems.

“These things tend to go in waves,” says David Childers, CEO of EthicsPoint, a leading provider of hotline services for companies and other entities. “There was a lot of corporate interest in setting up hotlines after [Sarbanes-Oxley] was introduced, and now the big driver is the Foreign Corrupt Practices Act and the government’s stepped-up enforcement of that law. The Dodd-Frank Act will produce the next wave.”

Some large penalties assessed recently against major companies are also driving C-suite interest in establishing hotlines, most notably the $1 billion settlement the Justice Department reached with Siemens, its $400 million settlement with BAE, a $93 million criminal penalty levied against Daimler Corp. and a $402 million settlement with KBR.

“These are significant penalties, and they are leading people to look at sophisticated ways to gain awareness of what’s going on inside their companies,” says Childers. “Hotlines are one of these.”

Managements want to stay a step ahead if possible and handle corporate misbehavior inside the company, he explains. Even if they are required to report misbehavior, regulatory agencies almost always go much easier on companies that come forward themselves to report crimes and regulatory violations.

History shows that when hotlines are well-run, whether in-house or by a vendor, they can work. Bob Hayes, managing director of the Security Executive Council, traces hotlines back to the 1980s, when the Reagan administration revised federal sentencing guidelines to criminalize some corporate behavior and began a crackdown on corruption in Pentagon contracting that often required contractors to establish hotlines.

“Certainly hotlines have uncovered plenty of corruption,” says Hayes, “but at the same time, even with hotlines, we’ve still had a steady stream of corruption cases, so they are not a cure-all.” His organization’s surveys show that 65% of hotline calls lead to investigations and 45% result in some kind of corrective action being taken. Luis Ramos, CEO at The Network, another hotline vendor, says his clients report that two-thirds to three-quarters of hotline calls have been “actionable.”

Childers says EthicsPoint’s client surveys suggest that hotlines are responsible for bringing to light only 3% to 7% of the ethical or legal issues a company has to deal with, but notes that the issues reported via a hotline are often those that “would not have come out any other way.” Furthermore, he says, catching those issues more than pays for the typical cost for a hotline of $1 to $1.50 per employee. EthicsPoint’s surveys also suggest that just 15% to 18% of hotline calls are frivolous.

One problem is that it takes time for employees to trust hotlines enough to use them, and use them for serious issues. For example, Raytheon, the $24.8 billion military contractor with 75,000 employees, has run a hotline since 1986 and initially found that more than half the calls were HR-related, with many coming from disgruntled employees who had gotten bad performance reviews. Twenty-four years later, though, only 10% to 15% of calls are HR-related. These days many calls, rather than reporting crimes or misbehavior, are from people seeking legal or ethical advice. Furthermore, at Raytheon, which operates its system in-house, the percentage of calls that are anonymous has fallen from more than 50% to fewer than 10%.

“Over time, we’ve gotten an increasing number of calls,” says Tim Schultz, who heads Raytheon’s hotline operation. “But that’s a good thing. If you aren’t getting many calls, that doesn’t mean you don’t have problems.”

The Network’s Ramos stresses that simply offering employees an anonymous phone number to call is not really going to accomplish much. “You need to develop a whole ethical culture at a company,” he says, “so that employees see an example of ethical behavior being set at the top, that ethical behavior by employees is encouraged, and that whistleblowing is appreciated, and even rewarded.” He adds that people on the receiving end of a hotline, whether it’s a phone or a Web site, need to be specially trained for the job.

“When employees make a hotline call,” says Ramos, “they tend to be nervous, afraid and sometimes angry. The responder needs to be able to calm them down, and to walk them through the process, asking the right questions so that the call can be actionable.”

One advantage of using a major vendor is that many have systems that allow client companies to analyze calls over time and look for trends or problem areas.

Home Depot’s Mills, whose company contracts with Global Compliance for its hotline operation, says, “With their data management service, we can analyze a quarter’s or a year’s allegations from the hotline. If we see that 15% of the calls are about scheduling issues, then maybe we need to rethink our scheduling processes.”

Similarly, if an unusual number of calls are coming in reporting problems at one store location, it might prompt an investigation into that store’s management. As a bonus, Mills says, the hotline is useful for providing early warning calls about any union organizing activity at stores.

EthicsPoint Customer Panel – Real World Examples of Innovative Uses of Custom Report Forms

Thu, 30 Sep 2010 11:31:00 GMT

Join representatives from Devon Energy, Schlumberger and Telus as they share stories and advice for implementing Custom Web Report Forms to more efficiently capture data brought forward in venues outside the hotline.

Commitment to Ethics

Mon, 27 Sep 2010 00:00:00 GMT

This morning, EthicsPoint announced the winners of our 2010 Best Ethics Portal Contest, and I'm pleased to congratulate the winners again here:Best BuyBon Secours Health SystemBoys & Girls Club of Garden GroveCalifornia Independent System OperatorChesapeake Energy CorporationKraft Foods, IncPrecision Drilling CorporationTELUS CorporationWhat's especially gratifying in recognizing these organizations is that their ethics portals really are just a small part of their overall commitment to fostering a culture of integrity and compliance. Amid all the negativity we read/hear about relating to companies that fall short in this area, I believe it's extremely valuable to celebrate those who strive on a daily basis to do the right thing. Please join me in congratulating this year's winners!

EthicsPoint Honors 2010 Best Ethics and Compliance Portals

Thu, 23 Sep 2010 00:00:00 GMT

Custom Portals Showcase Best Practices in Business Ethics, Compliance Communications

Anaheim, Calif. — Sept. 23, 2010 — In conjunction with the Ethics and Compliance Officer Association (ECOA) Annual Conference, EthicsPoint, a recognized innovator in helping organizations raise visibility and mitigate operational risk, today announced the winners of the third annual Best Ethics and Compliance Portals contest. Entries were judged based on the overall clarity of message, quality of the user experience and effective integration with an overall governance, risk and compliance (GRC) program strategy.

In alphabetical order, the eight portals selected as the EthicsPoint 2010 Best Ethics and Compliance Portals are:

Best Buy Co., Inc.

Bon Secours Health System

Boys & Girls Club of Garden Grove

California Independent System Operator

Chesapeake Energy Corporation

Kraft Foods Inc.

Precision Drilling Corporation

TELUS Corporation

Customized portals often serve as the first point-of-contact in a company’s overall GRC efforts. They provide a single resource for employees, partners, customers, shareholders, suppliers and other stakeholders seeking information about the organization’s code of conduct as well as updates to policies and procedures, to file or follow-up on past reports or simply a venue to ask questions.

“Employees want to know that their leadership is mindful of ethics and compliance and cares about what they have to say on the subject,” said David Childers, president and CEO, EthicsPoint. “By creating an immediately available dedicated web-page that is easy-to-use and understand – often in multiple languages and including relevant information about company codes of conduct and FAQs – these organizations showcase how serious they are about providing multiple avenues for employees to seek and share information that the organization values but may not get another way.”

Winning Perspectives on a Sustainable Compliance Environment

"We are honored to receive this recognition. Engaging employees as partners with the Ethics Office is a key strategy for Best Buy, and our web presence is a key part of that process." – Kathleen Edmond, chief ethics officer, Best Buy Co., Inc.

"Each Bon Secours employee and all of our partners and collaborators play an important role in advancing the mission and values of Bon Secours, and we want to hear from them. We take all inquiries and reports of potential misconduct seriously and follow up in a way that preserves confidentiality. We greatly appreciate this acknowledgement of our work.” – Jeff Oak, vice president & corporate responsibility officer, Bon Secours Health System

“Because our success is so closely related to our reputation, it’s up to all of us to protect that reputation. Acting with integrity is about more than our organization’s image and reputation, or avoiding legal issues. It’s about sustaining a place where we all are proud to be part of the team.” – Pat Halberstadt, chief professional officer, Boys & Girls Club of Garden Grove

“The California ISO operates the power grid for most of the state as well as an energy market that handles billions of dollars in transactions every year. We take ethical behavior and compliance very seriously and it’s gratifying to be recognized for our efforts.” – Nancy Saracino, vice president, general counsel and chief administrative officer, California ISO

“We are very pleased to be honored for our leadership in corporate ethics compliance. Chesapeake is committed to providing a great place to work, and we believe that being honest and trustworthy in our dealings with each other and with people in the community helps us achieve that goal.” – Tony Blasier, Director, corporate security & ethics, Chesapeake Energy Corporation

“As we embark on Kraft Foods’ new global growth strategy to deliver top-tier shareholder returns, our core values like ‘Inspire Trust’ need to be embedded in everything we do. Part of creating a performance-driven, values-led company is making sure we have the right ethics and compliance tools and technology in place. EthicsPoint, with its well-integrated HelpLine, WebLine and case management tools, plays a pivotal role in helping us deliver our company-wide ethics and compliance programming.” – Bob Herst, vice president and chief compliance officer, Kraft Foods

To view the 2010 winning portals and learn more about best practices for integrating a portal into a broader corporate reporting program, visit www.ethicspoint.com/hotline/service/customer-portals.aspx. Winning portal screen shots will also be shown in EthicsPoint’s booth (#210) at the ECOA Annual Ethics and Compliance Conference beginning on September 23rd.

About EthicsPoint

EthicsPoint is a recognized innovator in helping organizations raise visibility and mitigate operational risk. We help our clients protect their culture and reputation by facilitating the gathering of data that identifies current risks, managing the intake and evaluation process and enabling them to proactively mitigate future adverse events. More than 2,300 organizations use our products and services to align their business processes with their code of conduct, increasing awareness of potential organizational risks – a critical component of their overall governance, risk and compliance efforts. For more information, please visit www.ethicspoint.com.

The Challenge of Building Ethical Corporate Cultures: Lessons from Berkshire Hathaway CEO Warren Buffett

Mon, 20 Sep 2010 20:31:19 GMT

Join L.J. Rittenhouse, President of Rittenhouse Rankings, a CEO and investor relations advisory company, to discuss the foundations of ethical, principles-based corporate communications. Rittenhouse will show how Warren Buffett’s success is built on the trust he has earned from his shareholder communications and the economic and governance principles that lead to shareholder wealth.

The Silicon Forest 25: 2010 edition

Fri, 17 Sep 2010 00:00:00 GMT

Mike Rogoway, The Oregonian | September 17, 2010

Oregon's tech industry is weathering what's likely its worst

decline ever, a protracted downturn that began with the dot-com bust of 2000-01 and never really stopped.

Tech jobs have slid to 1996 levels, and many companies are suffering steep revenue drop-offs.

And yet, for the first time in many years, there are signs of life among the Silicon Forest's homegrown tech companies.

Oregon startups are attracting more venture capital than they have in years, long-suffering businesses have righted themselves, and promising new ventures are defying the recession.

This is our second annual look at The Silicon Forest 25, an informal survey of the largest high-tech companies based in the region, ranked by revenue from their most recent fiscal year.

It's not comprehensive -- some companies don't report financial numbers, and there are some businesses we may have overlooked. And it excludes the Silicon Forest's biggest employers -- Intel, Tektronix, Xerox and others -- whose headquarters or ownership are elsewhere.

But as a snapshot, the list does offer a window into who's big, who's growing, and who's slipping.

CalPERS creates risk management office, seeks officer

Thu, 16 Sep 2010 00:00:00 GMT

CalPERS has created the office of enterprise risk management, led by the new position of chief risk officer, and plans to conduct a search for an executive recruiting firm to find candidates to fill the post, said spokesman Clark McKinley.

The $205.5 billion California Public Employees’ Retirement System, Sacramento, hasn’t set a time frame for developing the process for the search, Mr. McKinley said.

Larry Jensen, assistant executive officer, was named Wednesday by the CalPERS board as interim chief risk officer until the recruitment search is completed. Mr. McKinley said.

The chief risk officer will report to Anne Stausboll, CalPERS CEO, and the system’s board, Mr. McKinley said.

The new office “will bring together all aspects of risk management, including internal compliance operations, privacy and security, disaster recovery and business continuity programs,” Ms. Stausboll said in a statement.

CalPERS’ existing investment risk management team will remain separate from the new office, although they will work together, Mr. McKinley said. That team is led by Farouki Majeed, senior investment officer for the asset allocation/risk management unit, and Richard Roth, senior portfolio manager in charge of risk management, and reports to Joseph A. Dear, chief investment officer, Mr. McKinley said.

The creation of the new office and position was recommended by the CalPERS ad hoc risk management committee, formed last year to take a comprehensive examination of risk management governance, structures and processes.

In addition, CalPERS introduced a whistleblower hotline to identify fraud and waste. The Ethics Helpline, operated by a private company, EthicsPoint, will enable CalPERS to receive tips, concerns and other information regarding possible wrongdoing, including conflicts of interest, fraud and other misdeeds. Whistleblowers can access it by calling (866) 513-4216 or through http://calpers.ethicspoint.com as well as through a link CalPERS plans to place on its home page at http://www.calpers.ca.gov.

Dob in a fraud: CalPERS

Thu, 16 Sep 2010 00:00:00 GMT

Notice a fraud activity at your super fund? Members of the US' largest public pension fund CalPERS can now complain about fraudsters following the launch of an ethics helpline.

The helpline will enable the pension fund to receive tips, concerns and information regarding "possible instances of wrongdoing".

These include allegations of fraud, waste, abuse, conflicts of interests, safety violations, harassment or other misdeeds.

"Recent events on Wall Street, pension fraud in this state, and even allegations of wrongdoing at CalPERS have taught us that managing risk and ensuring accountability across the enterprise are critical to our effectiveness today and tomorrow," said George Diehr, who served as acting president of the board at the pension fund's September Board meeting, in a statement.

Diehr said the tools are part of the fund's strategy to restore confidence, integrity and accountability to CalPERS.

The ethics helpline will be open 24 hours a day - online and on the phone, according to the statement.

A specialised company, Ethics Point, is in charge of managing the hotline.

In addition to the new initiative, CalPERS also recently established a senior level enterprise risk management office and enterprise chief risk officer.

"The office of enterprise risk management will bring together all aspects of risk management, including internal compliance operations, privacy and security, disaster recovery and business continuity programs," said Anne Stausboll, chief executive of CalPERS.

Other improvements at the fund include co-sponsorship of legislation that requires placement agents to be subject to strict gift limits, stricter rules for communication between board members and staff about investment proposals, and authority to discipline board members who violate policy, among others.

CalPERS debuts ethics helpline

Wed, 15 Sep 2010 00:00:00 GMT

The California Public Employees’ Retirement System late Wednesday announced it is launching a new ethics helpline to identify fraud and waste.

The helpline allows the pension fund to get tips, concerns and information about possible problems such as fraud, waste, abuse, conflicts of interests, safety violations, harassment or other issues.

“Recent events on Wall Street, pension fraud in this state, and even allegations of wrongdoing at CalPERS have taught us that managing risk and ensuring accountability across the enterprise are critical to our effectiveness today and tomorrow,” said George Diehr, who served as acting president of the CalPERS Board of Directors at the fund’s September meeting.

The ethics helpline operates around the clock, online and on the phone. It is operated by Ethics Point. The number is toll-free 866-513-4216 or TTY 866-294-9572. Service is also available on the Web at http://calpers.ethicspoint.com.

The fund also is going to establish a senior level enterprise risk management office and an enterprise chief risk officer.

“It’s a new day at CalPERS, and these additional tools for managing CalPERS are being added to a very important list of efforts we have undertaken in the last 12 months to restore confidence, integrity and accountability to all that we do,” Diehr said.

With more than $208 billion in assets, CalPERS is the largest public employee pension fund in the country.

Improving Program Awareness

Mon, 13 Sep 2010 20:42:00 GMT

In this session, Stephen Chapman, Director of Professional Services will share innovative, successful approaches clients have taken to driving awareness in their pursuit of a sustainable ethical culture.

UK Bribery Act Seminar

Mon, 13 Sep 2010 11:01:32 GMT

Now that the 2010 Bribery Act is officially the new law of the land in the UK, the business community faces the necessity of anticipating the changes it will bring to business behavior.

Visualize your success

Mon, 13 Sep 2010 00:00:00 GMT

"Never in history has the human brain been asked to track so many data points." -Dr Edward Hallowell, Psychiatrist, Author of CrazyBusyOn September 10th EthicsPoint announced the release of the first new software application added to the Framework we announced last May - epVisualization Manager. After having previewed it during our Regional User Forums over the past few months, I can sincerely state that you will be blown away by what it can do once you see it and start working with it - the possibilities are bounded only by your imagination!Simply put, epVM allows you to map multiple layers of data to create a location-based dashboard. That data can come from EthicsPoint products (such as the location of your remote offices and all the associated reports of misconduct), RSS and other public feeds (such as weather data), premium data feeds (eg subscription data highlighting corruption trends in third world countries) and proprietary feeds (eg point of sale data from your internal financial applications). By layering data on a map, you can then begin to visualize patterns and trends that simply wouldn't be possible if you were trying to accomplish the same thing through spreadsheets or other methods.We're demonstrating Visualization Manager this week at the annual SCCE Compliance Institute in Chicago, and next week at the ACUA and ECOA annual conferences. If you aren't planning to attend one of these shows and would like to learn more, contact us and we'd be thrilled to give you a tour!

EthicsPoint Heralds New Era in Risk Visualization

Fri, 10 Sep 2010 00:00:00 GMT

epVisualization Manager aggregates disparate data to help organizations quickly identify organizational risks

Portland, Ore. — September 10, 2010, 6:00 a.m. PT— EthicsPoint, a recognized innovator in helping organizations raise visibility and mitigate operational risk, today announced the release of epVisualization Manager (epVM), a dynamic, innovative way to view Governance, Risk, and Compliance (GRC) data in an easily digestible location-based dashboard. In tandem, the company today launched a Third-Party Risk Assessment QuickStart Service designed to allow organizations to better identify and understand the risk and complexity that exists within their extended enterprise and proactively move to mitigate those vulnerabilities.

Visualizing Risk in a Global Economy

The first new application added to the EthicsPoint software Framework announced in May, epVM allows customers to create and customize dashboards to monitor risk events at all levels of an organization. epVM displays existing location-based data – from internal sources (i.e. HR, internal audit, employee hotline or other internal database) – and overlays it with a wide array of available RSS feeds and email-based alerts. The solution also supports a variety of existing and custom data feeds to create a revolutionary visual data 'mash-up,' all enabling users to view correlations between certain operational or environmental factors and the associated increase in risk.

Examples of how epVM can be utilized:

A risk manager reporting to their Board on a quarterly basis about growing risks facing the organization can use epVM to upload company data and easily create heat maps displaying all company locations experiencing a reduction in staff hours and overlay it with data on whether these locations have experienced an increase in internal theft

An HR manager who deploys harassment trainers to locations across the country could use the system to track which locations have completed training and, beyond that, to display nuisance incident trending since the last training

“The acquisitions we made earlier this year were designed to more richly support solution-driven customer needs and we deliver the first part of that with epVM. We trust that helping organizations gain new understanding visually from the same old data will lessen their exposure to risk,” said David Childers, president and chief executive officer of EthicsPoint. “People are visual learners, so taking complex data and turning it into a visual display allows viewers to process the information in a different way, seeing trends and patterns that may not have been visible before and can now be not only seen, but are quantifiable and actionable.”

The SaaS-based epVM provides ethics and compliance officers, internal auditors, risk managers, the general counsel and other GRC-related roles to:

Create dashboards of aggregated information that displays where risks lie to provide company executives or Boards with high-level snapshots for reporting

Provide holistic enterprise views of misconduct reports and reveal patterns and trends by geographical region

Overlay key business partner locations to easily identify, monitor and manage high risk supplier, vendor and agent relationships

Connect an organization’s high incident hot-spots with targeted training and awareness programs

Assessing Risk Posed by Vendors, Suppliers and Agents

In line with the complexities seen in sifting through data to mine risk, today’s business marketplace also requires companies to deal with an ever-expanding global landscape. And with worldwide expansion comes an increase in risk posed by third-party relationships. For instance, prosecutions of violations of the Foreign Corrupt Practices Act have skyrocketed in recent history – the eight largest enforcement actions of all time have only occurred in the last two years – and the recently passed UK Bribery Act extends the scope of anti-fraud measures with which companies must comply. All told, organizations are becoming more accountable for the actions of their vendors, suppliers and agents, regardless of their geography and EthicsPoint’s new Third-Party Risk Assessment QuickStart is designed to allow organizations to better identify and understand the risk and complexity that exists within their extended enterprise and proactively move to mitigate those vulnerabilities.

The QuickStart service uses a combination an organization’s internal information, data from trusted third-party sources and proprietary risk-ranking methodology to reach conclusions based on each organization’s individual risk appetite and sensitivities. The resulting rankings rate each vendor, supplier and agent an organization employs and enables implementation of an appropriate risk strategy that aligns with their overarching GRC objectives.

SCCE Show Demonstration

Demonstrations of epVM will be shown at the Society of Corporate Compliance and Ethics (SCCE) 2010 Compliance & Ethics Institute in Chicago from September 12-15, 2010. EthicsPoint will be located in Booth #200 and will be running demonstrations for the duration of the show.

About EthicsPoint

EthicsPoint is a recognized innovator in helping organizations raise visibility and mitigate operational risk. We help our clients protect their culture and reputation by facilitating the gathering of data that identifies current risks, managing the intake and evaluation process and enabling them to proactively mitigate future adverse events. More than 2,300 organizations use our products and services to align their business processes with their code of conduct, increasing awareness of potential organizational risks – a critical component of their overall governance, risk and compliance efforts. For more information, please visit www.ethicspoint.com.

# # #

Data Visualization: An Emerging, Powerful Risk AwarenessTool

Fri, 10 Sep 2010 00:00:00 GMT

Executive Summary

Effective data visualization enables managers - often at a glance - to see and grasp risk patterns or trends that might

otherwise lie buried. Over the past three decades computer systems have acquired enormous capacity to collect,

store, and analyze business intelligence data in real time. The availability of such data for sound, timely decision

making is especially vital to national and global companies with extensive markets, locations, and supply chains.

Ironically, inherent human limitations often leave organizations unable to take full advantage of this rich body of

information. The brain of even the ablest manager has only so much capacity to sort out and make sense of all the data coming in. Competing responsibilities, time constraints, and other factors add to the problem.

Fortunately, data visualization has evolved in recent years in a wide range of applications to bridge the gap between data overload and human cognition. It is proving invaluable where businesses, government agencies, emergency responders, and military campaigns must make sense of constant and growing information streams – and its potential is still growing.

Data visualization seeks to render the key attributes of scattered, complex, computerprocessed data in visual forms that people can grasp intuitively – ideally at a glance. These images, generated as an extension of data collection and analysis, range from familiar x-y axis plot graphs to more sophisticated “heat

maps” that overlay data patterns and trends on geographic regions.

This paper underscores the opportunity that data visualization offers to increase management effectiveness in the governance, risk management, and compliance (GRC) space. It outlines this emerging capability and the benefits it offers managers when they add this capability to their systems for collecting, understanding, and acting on potential or emerging risks. At a time when events move so quickly and managers are expected to deal with ever more sources of information, data visualization is increasingly a “must-have” tool to minimize vulnerabilities and keep a competitive edge.

For more, read the paper!

OCEG GRC360° Executive Forum: Principled Performance – A Business Transformation

Thu, 09 Sep 2010 12:28:09 GMT

Oct 4, 2010, 9:30am – 9:00pm CET 

Oct 5, 2010 8:00am – 1:00pm CET 

 

Please join EthicsPoint at OCEG's GRC360° Executive Forum in Breukelen, Netherlands. Gain insight from conversation with industry pundits and practitioners, including a discussion lead by EthicsPoint's David Childers, "Reducing Risk and Driving Compliance in the Extended Enterprise," which will highlight necessary steps to maintaining compliant programs under the US Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act.

Unintended Consequences

Wed, 08 Sep 2010 00:00:00 GMT

Our CEO, David Childers, put together a powerpoint slide earlier this year I really liked. The title was "Three Things I Think I Know" relating to the compliance field - the three main bullets and brief commentary follow:Ever Increasing Legislation (hard to argue this one)Conflicting Global Mandates (I'll explain more fully below)Agencies Transitioning to Enforcement (witness the increased prosecutions for FCPA violations for example)David's point on conflicting global mandates was simple - as governments worldwide enact legislation to decrease the incidents and impacts of unethical behavior, there is a greater chance the various laws will be inconsistent across boundaries. For instance, Sarbanes-Oxley requires publicly held US companies or those listed on US exchanges to offer a way for employees to anonymously report financial misconduct, yet Portugal and Spain have outlawed anonymity. The FCPA allows for facilitation payments in certain circumstances, but the UK Bribery Act forbids them entirely. And so on.This issue plays out domestically as well, with the latest example the conflict between the updated Federal Sentencing Guidelines and the whistleblower bounties offered through the Frank-Dodd Act. Under the Sentencing Guidelines, companies get credit for having an effective ethics and compliance program. Furthermore, if a serious transgression is discovered, companies get credit for identifying it prior to when it might have been discovered by other means and by self-reporting. Thus, it is in a company's best interest to provide multiple ways for employees, partners and other stakeholders to come forward with reports of suspected misconduct.Yet the Frank-Dodd Act authorizes whistleblower bounties of between 10%-30% in cases where more than $1 million is recovered, thus creating a financial incentive for employees to both wait until a fraud scheme reaches epic proprotions and not report internally, thus depriving the company of mitigating potential losses due to fraud and the opportunity to self report once discovered.I've had a number of conversations with clients on this topic, and it is showing up more and more in webinars and online through legal advisories (like this one from K&L Gates), discussions and whitepapers and we at EthicsPoint are endeavoring to further the debate. We will be hosting a webinar entitled Whistleblowing and the New Race To Report: The Impact of the Dodd-Frank Act and Proposed Changes to the Federal Sentencing Guidelines on September 29 with Toby Bishop and Mohammed Ahmed from Deloitte Financial Advisory Services and David Childers will be speaking on the topic on an upcoming webinar hosted by Securities Docket.Regardless of where all these things eventually shake out, I do believe that companies will be held to a higher standard with regards to their ethics and compliance programs. And from the conversations I've had over the past six months with many of our customers, I know that many forward-thinking organizations have internalized this, as ethics and compliance programs have evolved from a "check the box" mentality to one where the pursuit of a sustainable ethical culture is a top and ongoing priority.

Voluntary Boundaries of Compliance: How to Draw the Line - part 2

Wed, 01 Sep 2010 00:00:00 GMT

In the almost seven years since the passage of Sarbanes-Oxley, compliance and risk professionals have worked diligently to be in compliance with the law and sustain an ethical culture. You would think more than two-thirds of a decade would be sufficient time to get it right, but that assumes Sarbanes was all they had to contend with. Unfortunately, during this period of time more than 18,000 additional laws and regulations have been passed in the United States alone. Each requires either a cursory review or the direct attention of CEO’s, Boards, or compliance professionals.

Recognizing that compliance is a moving target, organizations must determine their long-range compliance strategy. Will they study and define a minimum set of standards to achieve compliance or seek to fund and refine a very broad set of initiatives to ensure minimal out-of-compliance risk –- or something in between?

Having worked closely with compliance professionals for many years, I know they will admit three things are true.

First, compliance and regulatory pressures continue to grow. (If in doubt, all one needs to do is look at the most recent wave of new requirements attached to the Stimulus Act, because many of these have a rippling effect that is staggering).

Second, they are currently faced with a difficult economic landscape; organizations are looking to mitigate risk while optimizing their compliance expenditures – in other words they are challenged to do more or the same with less.

Finally, an organization that only develops and adheres to a minimum set of initiatives – what the Open Compliance and Ethics Group calls a “mandatory boundary” for their compliance spectrum – will find that once they realize they are approaching that mandatory boundary they are generally already out of compliance.

In order to determine the optimal compliance boundary for your organization, it’s useful to consider the complexities by following the framework outlined below. There is a direct correlation between the amount of knowledge you have access to and the unknown risk potential you face.

Organizations should start their risk boundary analysis by studying their compliance risks from both the perspective of their organization and the general industry in which they operate. These two factors frame a mandatory compliance boundary, and begin to outline the people, process, and technology initiatives necessary to gather risk feedback.

Organizational Complexity deals with operational size, scope and your existing compliance strategy. For example, what geographies do you serve? How many organizational entities do you have? Total headcount? Union or non-union? Weak culture or strong culture? And, what history does your organization have when it comes to regulatory compliance?

Observation and study of your industry forces you to consider the important fraud and risk components associated with the industry vertical(s) in which you operate. There are a number of great studies that can provide insight into the governance, risk and compliance (GRC) challenges each industry vertical faces. But we all recognize that a retail operation faces a dramatically different set of fraud risks than does a petro-chemical company.

Organizational and Vertical risk is fairly well understood, but it’s the “voluntary boundary” I want to focus on now. What you decide here – how much risk you are willing to take, what additional controls you’ll implement, how many people you’ll devote to management, etc., all add complexity and are dependent on a number of different variables. Since I don’t know a single compliance officer with an unlimited budget, understanding the return on investment potential a voluntary boundary or “risk” buffer contributes is an important concept to integrate into your GRC strategy. Once you have a good sense for the relative importance these issues play within your risk profile, you can turn your attention to creating your Voluntary Buffer.

You will want to take a hard look at the data points within your organizational complexity model and then either approximate or work from your history to estimate your potential for successful risk mitigation. You also need to consider the pace of regulatory change your organization faces. For example, the banking and finance industry, healthcare providers and assisted living centers, energy and utilities, organizations operating multinationally and others have seen a constant flow of new regulations for the past 24 months. Most recently, for example, is the myriad of new regulatory mandates around Whistleblower protection associated with TARP or ARRA payouts.

In today’s fast paced, over-exposed multimedia world in which we operate, you must also consider your social responsibility goals and how important these goals are to your brand value. Don’t overlook this step. Not only does the new Standard & Poor’s rating consider your social responsibility risk, but a recent Harvard Business Review article also showed that an organizational misstep involving a social responsibility was 7-10 times more negatively impactful to share value compared to a traditional fraud based incident.

There are other prevalent risks. For example, the DOJ’s renewed interest in the Foreign Corrupt Practice Act. If you work or have agents working multinationally the penalty associated with an FCPA infraction that historically drew a fine of $1 million to $4 million has grown 10-fold in the past 12-14 months. If your business is energy related, you know that the Federal Energy Regulatory Commission (FERC) has made it very clear they are now an “enforcement agency” and their fines start at $1 million a day per infraction. Every organization has its own set of risks such as these that need to be considered within this framework.

Finally you must evaluate your organization’s risk tolerance. This is a combination of a number of factors, not the least of which is the monetary significance and potential loss of marketplace momentum associated with the fines and penalties assessed for failure to be in compliance. Other factors include your M&A activities, regulatory history and board/investor make-up.

Once you have tackled these questions, successfully navigating a GRC boundary structure requires your organization to address two primary challenges.

The first challenge is the lack of information transparency. In most organizations, the information gathering process is inefficient or the data is stored locally with limited access by those who might benefit from the information. This information deficit is a result of organizations addressing compliance post-Sarbanes without a formal strategy. In fact, based on my observations, most organizations subscribe to a ‘whack a mole’ approach to attack each compliance or regulatory requirement with available resources.

Scott Mitchell, the CEO of the Open Compliance and Ethics Group, reported in 2008 that this approach has created anywhere from 4 to 15 compliance silos within an organization. These silos are fraught with inconsistencies, functional overlap, and protectionism. Finding a way to inspire synergy and transparency between these silos is an important step toward success.

The other challenge to success is transforming your organization from strictly tactical compliance policies to a strategy of principle-based compliance guidelines and thinking. Why? Consider these three words:

• Sub-Prime

• Madoff

• Siemens

Related to these debacles were lots of rules, no rules, or no way to build and communicate enough rules to keep the fraud or misconduct in check. My prediction for the immediate future is for even more rules. In fact, I recently attended the Ethics and Compliance Officers (ECOA) Sponsor’s Forum and found that the majority of the compliance professionals I spoke with are preparing for a tidal wave of new regulations. At the pace new regulations are likely to be promulgated post our recent economic meltdown, there is a genuine risk and high probability you will never have all the necessary processes and policies in place within your organization to be fully compliant at all times.

That is why a strategy and code of conduct based on simple principles and guidelines is essential. A principle-based approach goes beyond simply imposing a core set of rules and seeks to embed appropriate core principles within the organization’s thinking or reasoning. Developing and training to a core set of values or principles allows a decision to be made that is integrity-based rather than simply rule-based.

In this case I am talking about moving your compliance program to more than just a “Ten Commandments” guideline, because you will never have all the rules written, disseminated and trained to.

Frankly that’s I why I joined the Episcopal Church – the home of “four commandments and six suggestions.” Principled-based ethics and compliance programs, just like the Episcopal Church, expect your team and stakeholders to think about the situation and govern their actions based on the integrity of their decisions or actions. Simple value-based questions are often the norm in a principled approach. “How would you explain this to your mother?” “If this were on the cover of the morning paper (even below the fold) how would you feel?” It is also based on an expectation that decisions made on behalf of the organization are based in integrity, honesty and respect.

Working from principle-based guidelines also makes it easier to adjust to or address new regulations. In most cases you will want a specific rule, but 95% of the time your established principles will suffice until you put a new policy or control in place. Training your team to act based on a set of core principles strengthens and extends an organization’s voluntary boundary and allows a compliance program to become a sustainable process. Perhaps as important, it will significantly reduce the likelihood of criminal charges being levied against your organization and the amount of penalties incurred should you be found in violation of some regulation.

The pace in which our world runs is not slowing, nor is the number of requirements we must follow to operate and capitalize on opportunities. Organizations that seek to manage their operational fraud and compliance risks by solely imposing rule after rule will never keep pace with change and their workforce will never think for themselves. Only after we inspire our organizations, employees, and supply chain to reason through a lens of integrity, self-govern their personal actions, and influence the actions of their peers will we ever be able to achieve compliance with the law and maintain an ethical culture. By establishing an ideal risk profile and learning to live comfortably within the voluntary boundary that you construct, your organization can create a culture for sustainability and long-term business success.

**********

About the Author

David Childers is the President and CEO of EthicsPoint, a company that provides hotline and case management solutions for over 2000 clients in over 300 industries.

David is a pioneer in the field of Governance, Risk and Compliance. He is a member of the Society of Corporate Compliance and Ethics (SCCE), the Ethics & Compliance Officer Association (ECOA), and the National Association of Corporate Directors (NACD), where he has completed the Director of Professionalism course and is certified in Director Education.

David Childers can be contacted via email at the following address: dchilders[at]ethicspoint[dot]com.

Odds and Ends

Tue, 31 Aug 2010 00:00:00 GMT

Been a while since I’ve posted, but not for lack of desire or content. Rather, we’ve been extremely busy here at EthicsPoint over the past few months, and I’ve just been remiss in my blogging duties. But no more- today starts a renewed commitment to keeping this space current.To get started, thought I’d share a bunch of links/news and other material you may find interesting…For the third straight year, EthicsPoint is hosting our annual Best Ethics Portal Contest – I encourage any of our current customers who have launched a new or revamped Ethics Portal in the past twelve months to nominate their site.I spent a good part of my late Spring and Summer traveling around the US to EthicsPoint Regional User Forums – one of the best parts of my job. I love meeting with companies that are putting real effort into building a culture of integrity and compliance and seeing the progress of their activities year over year is incredibly rewarding. One of the interesting topics this year was the anticipated impact of the whistleblower “bounties” referenced in the Frank Dodd Act and what this meant to corporate compliance and ethics officers.EthicsPoint will be hosting a webinar Whistleblowing and the New Race to Report: The Impact of the Dodd-Frank Act and Proposed Changes to the U.S. Federal Sentencing Guidelines with Toby Bishop and Mohammed Ahmed from Deloitte on September 29 for those of you interested in learning more about this topic.And on the subject of webinars, I’d be remiss if I didn’t direct you to our archives, as we’ve hosted some really valuable sessions over the past few months on topics such as:The FCPA Year In Review: How Recent Investigations and Prosecutions Will Impact Compliance ProgramsThe UK Bribery Act – Analyzing the Impact for UK and US-based CompaniesReporting to the Board on your Ethics and Compliance Program New Guidance and Good Practices,Global Discrimination, Harassment and Diversity Policies and Strategies for Multinational Workforces ...among many others. And we're close to scheduling a number of great sessions for September and October, so watch for your invite or visit our webinar page in the coming weeks:In the coming weeks, I hope we’ll get a chance to see you at one of the upcoming conferences where EthicsPoint will be speaking and/or exhibiting, includingThe Society of Corporate Compliance and Ethics Compliance Institute,The Association of College and University Auditors annual conference,The 18th Annual Ethics and Compliance Officers Association conference,The Open Compliance and Ethics Group GRC360° Executive Forum to be held in the Netherlands in October andEthical Corp’s 4th annual Anti-Corruption Summit Europe later in NovemberFinally, to keep abreast on a daily basis of new research, interesting articles, and EthicsPoint announcements, follow us on Twitter at http://twitter.com/ethicspoint.

Beyond the FCPA: Anti-Corruption Enforcement Goes Global

Mon, 30 Aug 2010 13:35:01 GMT

In this webcast, hosted by Securities Docket, David Childers, President & CEO of EthicsPoint, and Neill Blundell, Partner & Head of Fraud Group, Eversheds International, will discuss the landscape surrounding extended enterprise compliance and its continued rapid evolution as regulation increases and international mandates conflict across borders.

Reporting to the Board on your Compliance and Ethics Program: New Guidance and Good Practices

Mon, 30 Aug 2010 13:20:33 GMT

Attendees will learn sound approaches to addressing one of the most important challenges for compliance and ethics programs – assuring the appropriate degree and type of program oversight by the board of directors.

Should the CECO Report to the General Counsel?

Fri, 20 Aug 2010 00:00:00 GMT

For a variety of reasons, the issue of whether the Chief Compliance & Ethics Officer should report to the General Counsel has received considerable attention recently. There is a growing body of statistical information on this topic. In shorter supply, however, are analytical frameworks to help individual companies resolve this issue for their respective C&E programs based on their own particular circumstances.

This posting offers such a framework. And, although not a traditional part of risk assessment, it is presented within CCI’s risk assessment series because the analysis does, among other things, include assessing risks – specifically, those related to a company’s law department.

The first part of the test asks whether the law department is itself a foreseeable source of C&E risk. If so, as has been the case in the pharmaceuticals and in certain healthcare industries, the CECO probably should not report to the GC, as a member of the law department cannot reasonably be expected to police her superior.

The second part focuses on risks of a different nature, and asks whether the law department is generally seen by employees as operating principally in a traditional defense counsel mode or a preventive law one. If the former is the case this may adversely affect their willingness to report C&E concerns to someone within the law department and suggests separation of the law and C&E functions.

Finally, the analysis asks if the C&E function were to be separate would it have sufficient authority to meet the letter and spirit of the definition of “high-level personnel” in the Sentencing Guidelines. If the answer is no, this suggests CECO reporting – at least administratively – through a department that does have such clout, which law typically would have.

However, even where the analysis leads one to conclude that administrative reporting to the GC is best for the company the CECO should still report “informationally” to the audit committee of the board (and possibly the CEO), as well as to the GC. This should generally include regular reports on the operation and efficacy of the C&E program, as well as real-time reports of any allegations of wrongdoing made against senior managers. Finally, companies should consider enhancing the independence of CECO’s who report to GC’s by providing in program governance documentation that the audit committee must pre-approve any termination of employment or significant diminishment of duties or compensation of the CECO.

Jeffrey Kaplan, a partner in the Princeton, New Jersey office of Kaplan & Walker LLP, has practiced law in the compliance and ethics field since the early 1990’s.

Mr. Kaplan is also Adjunct Professor of Business Ethics at NYU’s Stern School of Business, co-editor (with Joseph Murphy) of Compliance Programs and the Corporate Sentencing Guidelines (West Thomson), chair of the legal advisory board of SAI Global’s Compliance Division, former Counsel to the Ethics and Compliance Officer Association, and co-author of a study by the Conference Board on the use of compliance and ethics program criteria in government enforcement decisions.

ECOA Annual Ethics and Compliance Conference (ECOA)

Tue, 17 Aug 2010 16:42:34 GMT

EthicsPoint will be exhibiting at ECOA's 18th Annual Ethics and Compliance Conference (ECOA)

H-P Ouster a 'Teachable Moment'

Mon, 16 Aug 2010 00:00:00 GMT

Firms that help companies thwart expense-report violations say they're seeing more interest in their services since irregularities prompted the ouster of former Hewlett-Packard Co. chief Mark Hurd earlier this month.

Ethics advisers and hotline sellers say they're getting more inquiries about expense reporting. The Ethics and Compliance Officer Association, a professional group, said traffic to the expense-report advice section of its website is up 30% to 40% in the past week. The renewed interest comes after many companies tightened expense-report requirements in the past two years to cut costs.

"Companies will often use very public cases as a teachable moment to remind employees why certain policies are so important," said Patricia Harned, president of the Ethics Resource Center, a nonprofit ethics-research organization.

Global Discrimination, Harassment, and Diversity Policies and Strategies for Multinational Workforces

Tue, 03 Aug 2010 20:32:11 GMT

Discrimination, harassment and diversity initiatives tend to be U.S.-driven, and not necessarily globally sensitive. Exporting U.S.-crafted discrimination, harassment or diversity tools can cause problems in overseas workplaces. Learn how to adapt U.S. strategies and create practical global policies and procedures for combating workplace discrimination and harassment, and for promoting workplace diversity.

Jobs Watch: Innovation, from A to Z

Tue, 27 Jul 2010 00:00:00 GMT

I got the opportunity to sit down with Matt Nees and Bryce Yonker the other day, and within an hour my story idea list had doubled in size. There’s a lot going on with tech innovation in Oregon, and Nees, who’s been president of the Software Association of Oregon for about a year now, and his colleague Yonker have a sharp inside view of not only what’s happening, but also what’s coming.

SAO saw its membership fall in synch with the economy as the recession tightened down its stranglehold, but it’s been gaining back members during the fickle rebound while pursuing some big-scale initiatives that could lead to new hiring.

One major initiative involves the hundreds of millions of dollars that the state spends on technology. For a long time the status quo has been to hire the SAPs and Microsofts of the world while overlooking smaller local companies that may be able to do things cheaper and faster, while hiring locally and in turn bringing more income back into state government through taxes.

That effort got a boost with the election to the Legislature of Christian Harker, president and founder of the Beaverton-based software company Cayuse and a member of SAO’s advocacy committee. Earlier this year Harker and SAO put together a CIO Summit in Salem that introduced the 13 CIOs who control the state’s tech purse strings to 120 people from the private sector.

Nees says his main goal in putting together the summit was to “get involved and provide influence to encourage people to think differently.”

Another goal: to remind public sector leaders that Oregon is stacked with innovative tech companies hungry for business.

Asked for examples, Nees quickly reels off a dozen, starting with the obvious newsmakers and expanding from there. The $30 million that Jive Software just scored is “great,” and the impending Tripwire IPO is “even better.”

And then there’s Spotlight Mobile, founded in 2002, leading the Portland mobile application development bonanza with apps for the Portland Art Museum, Barnes & Noble and Nike, among others.

Another fast riser is Puppet Labs, founded by a pair of Reed College grads in 2008. Puppet received $2 million in venture capital in June 2009 and another $5 million this summer. The company develops open source software that is available for free online, joining a thriving local community of open source developers supported by major institutions ranging from Intel to Oregon State University.

Other bright spots within Oregon’s economic fog that Nees identified:

* Analytics pioneer Webtrends, which has seen its ups and downs over the past 15 years but is definitely on the upswing under CEO Alex Yoder.

* Lake Oswego-based EthicsPoint, which has vastly expanded the scope of its international security solutions with two acquisitions in May and June.

* Portland-based Springbrook Software, which helps small cities streamline their operations, with over 400 clients in 32 states.

* And finally, Mercy Corps. Oregon's largest nonprofit recently made use of SAO’s database to recruit 10 new tech staffers to hone a complex network of operations that stretches from Portland to Kyrgyzstan to Niger.

It’s the sort of list that can convince you that Oregon does have a future after all, and there’s more where that came from. As soon as I had finished typing up my notes from that meeting, I noticed that Yonker had sent me a quick list of innovative Oregon companies to keep my eyes on, alphabetized from A to Z for my convenience. That should keep me busy for a while.

Ben Jacklet is managing editor of Oregon Business.

Specter of Third Party Risk

Fri, 16 Jul 2010 00:00:00 GMT

It is not uncommon in today’s global business world for companies to maintain myriad third-party relationships in an

effort to reduce costs, increase efficiency and focus more intently on core competencies. However, while businesses

seek to gain a competitive and operational advantage through these relationships, they are also exposing themselves

to an increasing level of risk. At the same time, however, it is becoming increasingly difficult for businesses to

maintain the necessary controls for mitigating the risks associated with these relationships.

Based on recent events involving certain multinational companies, it’s quite apparent that shortsighted efforts

with respect to addressing and controlling the risks associated with third-party relationships can have negative

implications on operations, finances, and reputation. Yet attempting to address every single risk facing a company,

however, can be a daunting effort.

Furthermore, while many companies feel they maintain the adequate means for mitigating their internal and external

risks, a gap still oftentimes remains between perceived risks and actual risks. It is therefore necessary to establish

a comprehensive third-party risk management strategy to augment existing risk management best practices and

ensure the risks posed by a company’s vast network of vendors, suppliers and agents will not inhibit the ability to

remain focused and competitive.

EthicsPoint and Civil Demand Associates Partner to Provide Loss Prevention Services to Retail Customers

Thu, 15 Jul 2010 00:00:00 GMT

Options grow for clients seeking recourse for theft from employee misconduct

PORTLAND, Ore. — July 15, 2010 — EthicsPoint, a recognized innovator in helping organizations raise visibility and mitigate operational risk, today announced a partnership with Civil Demand Associates, (CDA), a leading provider of civil recovery and employee restitution services, which will allow clients improved integration between the two companies around loss prevention, specific to the retail sector.

From EthicsPoint, the civil recovery module is a fee-based service offering that enables customers of both firms to track civil damages or penalties under the appropriate state statute relating to retail theft. Bidirectional integration with CDA will help reduce the time required to contact all relevant parties in each case – where most time is usually spent – and allow CDA faster access to information and integration with client records. Increasing the speed at which all salient parties can be contacted and communicated with greatly improves the expediency with which claims are settled.

“Since civil recovery is the cornerstone of our business, we welcome companies like EthicsPoint providing retail customers with the ability to track, manage and report developments with civil demand cases within their existing GRC solutions, integrating many lines of business processes into a single flow for customers to manage,” said Frank Luciano, president and CEO of CDA. “Keeping processes streamlined and allowing customers the ability to integrate and report results back in a more timely fashion only assists us, EthicsPoint and the customer in question.”

“With the integration with CDA, EthicsPoint continues to demonstrate our commitment to expanding the flow of data to support our solutions. Through CDA our customers seamlessly extend their loss prevention solutions, enabling them to recover from losses and fraud with greater ease,” said David Childers, president and CEO of EthicsPoint. “With each new partnership, we reinforce EthicsPoint’s philosophy that governance, risk and compliance management is an essential business process and a cornerstone of every responsible company’s operations.”

About Civil Demand Associates, Inc.

For more than 20 years, CDA has been the leader in the field of civil recovery for retailers throughout the USA, serving the loss prevention community since 1986. CDA is based in California and currently provides services to more than 150 clients – from individual stores to Fortune 500 chains, department stores to food services and grocery chains.

Additional information about Civil Demand Associates and their work in the loss prevention arena can be found online at www.civildemand.net.

About EthicsPoint

EthicsPoint is a recognized innovator in helping organizations raise visibility and mitigate operational risk. We help our clients protect their culture and reputation by facilitating the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. More than 2,300 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts. For more information, please visit: www.ethicspoint.com.

Summer 2010 - What's New Video

Fri, 09 Jul 2010 22:38:04 GMT

Overview of what is new in the Summer 2010 release.

Five local firms among the top fastest growing

Thu, 24 Jun 2010 00:00:00 GMT

Five Lake Oswego businesses have been included in the Portland Business Journal’s 2010 Fastest Growing Private 100 Companies Awards. The five are:

* AKT Services, LLP

* The Bank of Oswego

* EthicsPoint, Inc.

* Kywa International Group, LLC

* Timbercon, Inc.

The ranking of the 100 businesses will be announced at a gala reception to be held June 24 from 5:30 t0 8:30 p.m. at the Portland Art Museum Mark Building, 1119 S.W. Park Ave., in Portland. Tickets are $70 per person and can be ordered by calling 503-219-3432.

AKT Services, LLP is a firm of CPAs and business consultants offering accounting and assurance, tax preparation and planning, consulting and outsourced accounting services. Headquartered in Lake Oswego, the company has offices in Salem, Carlsbad and Escondido, Calif. and Anchorage, Alaska. The company has 27 partners.

The Bank of Oswego recently announced the sale of common stock as of June 1, 2010. The bank under CEO Dan Heine offers business and personal banking and lending services. There are two branches in Lake Owego and recently a branch was opened in Sherwood.

EthicsPoint, Inc. delivers Hotline and Case Management solutions in a Software-as-a-Service (SaaS) environment. The business has developed a partner eco-system to provide critical products, resources, research and education to their clients. David Childers is the company’s CEO and president.

Kywa International Group, LLC is a wholesale importer of foods and goods. Jordan Wick is the owner of the company.

Timbercon Inc. designs fiber optic cables that allow for a high degree of flexibility and customization. It provides virtually unlimited options ensuring their customers receive a product designed for their specific need and application. Eric Meslow is the company’s president and CEO.

At the event, the “Lighthouse Award” winners will also be recognized. Those are companies that have made the list for five consecutive years

A Proud Time

Thu, 10 Jun 2010 00:00:00 GMT

As we all go through our careers, we have opportunities to observe and experience many different leadership styles. Sometimes, the style may be orthogonal to your values or preference. In other cases, you may appreciate the success achieved, but not the methods. But sometimes you find yourself in a situation in which all things seem to come together - you’re just proud to work for someone because of the vision they display, the integrity they embody, the gusto with which they lead and so on. Today, I describe myself as fortunate and proud to work for David Childers, EthicsPoint president and CEO, and thrilled to announce that he’s been named a finalist for the Ernst & Young Entrepreneur of the Year 2010 Award in the Pacific Northwest region. This designation publicly recognizes David for the talent and work ethic we here already know. Recognizing him for the extraordinary success in the areas of innovation, financial performance and personal commitment to his business and community, the acknowledgment couldn’t be given to anyone more deserving in those aspects.Early on, David recognized the potential of EthicsPoint long before the current boom in ERM and GRC – before governance, risk and compliance (GRC) even had an “industry.” Coming off a successful stint as Oregon Scientific’s CEO, he was looking for a new opportunity to sink his teeth into and found the product EthicsPoint was built around – an anonymous telephony and web-based reporting system for ethics and compliance violations – to be one with potential to change the business world. A couple years after investing his time, energy and resources in the company, Sarbanes-Oxley was passed and what had previously been a "nice-to-have" hotline for employees to report misconduct became a mandate for publicly traded companies, making EthicsPoint a success – quickly. Having someone at the helm with David’s experience in business management and high-growth industries was one of the keys to EthicsPoint success through that period and on into our current state of maturity. The gradual transformation of our company under his leadership into an overall organizational risk management provider was a natural progression from EthicsPoint’s roots and his foresight has benefited this company from the ground up – from product strategy to acquisitions to the legal and cultural implications of that growth – and we look forward to where we’ll be going next with him at the helm!Congrats again to David and we look forward to the announcement of the PNW regional winner on June 18, 2010 at the Pacific Northwest Region Award Gala at the Sheraton Hotel in Seattle! More information about the Ernst & Young Entrepreneur of the Year Awards can be found here.

Program Audit and Optimization: Fully Leverage your EthicsPoint Investment!

Thu, 27 May 2010 12:50:15 GMT

Join Stephen Chapman, Director of Professional Services and Erin Watkinson, Senior Business Solutions Consultant, to hear ways to audit and optimize your compliance program and truly leverage the ROI of your EthicsPoint investment.

Global Fraud Report: Latin America, Corruption and the Foreign Corrupt Practices Act

Thu, 27 May 2010 12:15:29 GMT

In the last few years there has been increased attention paid to corporations’ overseas business practices. This has resulted in more prosecutions under the Foreign Corrupt Practices Act. So how do you conduct business in emerging markets without violating the law? This web seminar explores that question as it relates to Latin American countries. 

 

Please note: The audio quality is poor for the first few minutes, but is clear thereafter.

THE SHAREHOLDER APPROACH: A Proactive/Reactive Investigations Process Model

Thu, 27 May 2010 00:00:00 GMT

A comprehensive model for workplace investigations is a strategic approach to increase the ROI of the investigation process. In this paper, a model for investigations is defined that integrates general investigation practices with a higher-level strategic goal of protecting and improving shareholder value.

Ernst & Young - 11th Global Fraud Survey

Wed, 26 May 2010 00:00:00 GMT

The 11th Global Fraud Survey has challenged those responsible

for leading the response to corporate fraud and corruption to look

back over two of the most difficult years in the economic cycle in

living memory. The feedback has been both candid and revealing in

an area of business risk that is always more sensitive to economic

decline. Once again, the global reach of this survey provides a

unique insight into how different economic regions compare.

Moreover, the decision to target CFOs and heads of legal, internal

audit and compliance functions has provided fresh insight into

the challenges faced by executives in these pivotal roles.

EthicsPoint Announces Software Framework, Facilitating Specialized Compliance-Driven Solutions

Tue, 25 May 2010 00:00:00 GMT

Initial solution will address the corruption risks associated with third-party engagements globally

PORTLAND, Ore. — May 25, 2010, 6:00 a.m. PT— EthicsPoint, a recognized innovator in helping organizations raise visibility and mitigate operational risk, today announced an enhanced software Framework which allows EthicsPoint to more easily provide customers with solutions to manage multifaceted compliance challenges. Available in late 2010, the first new Framework-driven solution will address the growing issue of third-party risk management by bringing together elements of EthicsPoint’s recently acquired and existing products to more richly support solution-driven customer needs.

The advanced Framework harnesses EthicsPoint’s hotline and Issue & Event Manager with the recently announced Visualization and Policy Managers, a more focused professional services engagement and enhanced integration capabilities with partners, all coming together to provide customers with a scalable architecture to meet evolving governance, risk and compliance needs. Current solutions specifically targeted to meet singular business needs – for example, EthicsPoint’s existing Retail Loss Prevention Management solution – are based on the Framework, as will future targeted solutions that customers require.

Managing Third Parties

Recent trends indicate that the United States government is increasing enforcement of statutes barring corrupt behaviors. Since 2005, the United States Department of Justice has brought more than 60 Foreign Corrupt Practices Act (FCPA) cases – more than the total between 1977 (when it was enacted) and 2005. Internationally, governments are adopting their own hard-line stance against bribery and enacting changes like the recent UK Bribery Bill, even tougher legislation than FCPA. Because this new level of enforcement is likely to continue for some time as the worldwide focus on anti-corruption efforts grows, companies conducting business on a global scale must take steps to ensure compliance by proactively protecting against corruption within their extended enterprises.

The first new Framework-driven solution, “Third-party Compliance Management,” aggregates vendor and supplier information (risk analysis & ranking), along with targeted data gathered via partner content providers, into a centralized Web-based repository which provides a flexible and sustainable management program that administers risk within acceptable tolerance levels summarized through a visualization display. Utilizing the EthicsPoint Issue & Event Manager, Policy Manager and Visualization Manager products, the Third-party Compliance Management solution allows organizations the assurance that proper steps are in place to prevent liability on their part.

“Factors like increased prosecution of the FCPA in the United States and recent ratification of the Bribery Bill in the United Kingdom make it an imperative for multinational companies to know who their vendors, suppliers and agents are, vet them and be aware of when outside factors may compromise them and expose the organization to risk,” said David Childers, president and chief executive officer of EthicsPoint. “Providing a way to compile data from many aspects of a customer’s business into a single solution that provides a clear picture of a specific business risk is the future of compliance and risk management offerings and we’re proud to be among the first to provide that type of service.”

Partner Ecosystem

Simultaneously, EthicsPoint’s partner ecosystem continues to expand, continuing to deliver value to multinational customers with richer intelligence to inform decision-making; current associates consist of global partners with disciplines in third-party consulting, investigations and due diligence. The most recent partnership adding strategic value to Third-party Compliance Management will be with STEELE, a global business advisory and risk management firm that provides professional investigative services for large multinational companies to protect and enhance their enterprise value in an increasingly complex legal, regulatory and economic environment.

About EthicsPoint

EthicsPoint is a recognized innovator in helping organizations raise visibility and mitigate operational risk. We help our clients protect their culture and reputation by facilitating the gathering of data that identifies current risks, managing the intake and evaluation process and enabling them to proactively mitigate future adverse events. More than 2,300 organizations use our software Framework and services to align their business processes with their code of conduct, increasing awareness of potential organizational risks – a critical component of their overall governance, risk and compliance efforts. For more information, please visit www.ethicspoint.com.

FOREIGN CORRUPT PRACTICES ACT (FCPA) : Managing Risk in a New Era of Enforcement

Mon, 24 May 2010 00:00:00 GMT

Recent events and trends indicate the United States Government is increasing its enforcement of the Foreign Corrupt Practices Act (FCPA).

THE UK BRIBERY ACT: A Renewed Focus on Corruption

Mon, 24 May 2010 00:00:00 GMT

The United Kingdom recently joined the intensified global campaign against corruption by revamping its laws for combating bribery by UK business entities. The newly enacted UK Bribery Act constitutes a substantial upgrade to the country’s prior laws and is expected to become the most comprehensive and stringent anti-bribery legislation in the world today.

EthicsPoint 2010 User Forum Series

Fri, 21 May 2010 19:55:20 GMT

Finalists for Ernst & Young Entrepreneur Of The Year 2010 Awards in the Pacific Northwest

Thu, 20 May 2010 00:00:00 GMT

[EthicsPoint's David Childers named a finalist!]

Ernst & Young LLP is pleased to announce the finalists for the Ernst & Young Entrepreneur Of The Year(R) award in the Pacific Northwest. This group of outstanding entrepreneurs was selected by an independent judging panel made up of regional business, academic and community leaders. The award recipients will be revealed at a gala event on June 18, 2010, at the Sheraton Seattle Hotel. "Entrepreneurship is especially vital as our nation recovers from recession," said Tim Tasker, Ernst & Young LLP Entrepreneur Of The Year Program Director for the Pacific Northwest. "These finalists create jobs in our area, encouraging healthy growth, development and innovation in the local economy." The Pacific Northwest finalists for the Ernst & Young Entrepreneur Of The Year award in 2010 are:

-- Pamala Temple, A Place for Mom

-- Ryo Kubota, M.D., Ph.D., Acucela Inc.

-- Douglas W. Brown, All Star Directories

-- Ronald C. Seubert, Applied Precision, Inc.

-- Jeremy Lewis, Big Fish Games, Inc.

-- David Giuliani, Clarisonic

-- Chris Martin, CleanScapes

-- David R. Childers, CIPP, EthicsPoint

-- Tim Welsh, Garco Construction

-- Dan Price, Gravity Payments

-- John Rubino, GreenRubino

-- Nelson Ludlow, Ph.D., Intellicheck Mobilisa

-- Rajeev Agarwal, MAQ Software

-- Neal Keny-Guyer, Mercy Corps

-- Ryan Keith Wuerch, Motricity

-- Dan B. Madsen, One Eighty/Leisure Care

-- Mike Pickett, Onvia

-- Thomas J. Clement, Pathway Medical Technologies, Inc.

-- Mary-Lou A. Misrahy, Physicians Insurance A Mutual Company

-- Tim Jenkins and Darran Littlefield, Point B, Inc.

-- Tim O'Leary, R2C Group

-- Richard J. Steves, Jr., Rick Steves' Europe Through the Back Door Inc.

-- Randall H. Talbot, Symetra Financial Corp.

-- Hector Raphael Rivas, Jr., Thriftbooks, LLC

-- Greg Rankich, Xtreme Consulting Group

The Entrepreneur Of The Year(R) program honors entrepreneurs regionally in June, leading up to the national awards in November. Additionally, venture-backed companies that receive an Entrepreneur Of The Year(R) award regionally are also eligible for the Venture Capital Award of Excellence on a national level. The overall national U.S. award recipient then moves on to compete for the World Entrepreneur Of The Year title in June.

This year, the Entrepreneur Of The Year awards program celebrates its 24th anniversary. The program has expanded to recognize business leaders in over 135 cities in 50 countries throughout the world. Awards are given to entrepreneurs who demonstrate extraordinary success in the areas of innovation, financial performance and personal commitment to their businesses and communities. Entrepreneurs are nominated and evaluated by those in each region, including local business, academic and community leaders.

All regional honorees are invited to the national Entrepreneur Of The Year(R) gala, hosted by Jay Leno, on November 13, 2010, in Palm Springs, Calif. The gala is the culminating event of the Ernst & Young Strategic Growth Forum(R), the nation's most prestigious gathering of high-growth, market-leading companies. For more information on the Ernst & Young Strategic Growth Forum, please visit www.ey.com/us/strategicgrowthforum.

Sponsors

Founded and produced by Ernst & Young LLP, the Entrepreneur Of The Year awards are pleased to have SAP and the Kauffman Foundation as national sponsors.

In the Pacific Northwest, sponsors include The Big Picture Film & Video Arts Inc, DLA Piper, Seattle Business, Union Bank, Scherzer International and The Summit Group.

Contact information

To make reservations for the Entrepreneur Of The Year awards gala on June 18, 2010, contact Karin Wingfors of Ernst & Young at +1 206-654-7650 or karin.wingfors@ey.com by June 8, 2010. Tickets are $175 per person. For more information about the program, please visit www.ey.com/us/eoy.

About Ernst & Young's Entrepreneur Of The Year

Ernst & Young's Entrepreneur Of The Year(R) is the world's most prestigious business award for entrepreneurs. The award makes a difference through the unique way it encourages entrepreneurial activity among those with potential and recognizes the contribution of people who inspire others with their vision, leadership and achievement. As the first and only truly global award of its kind, Ernst & Young Entrepreneur Of The Year(R) celebrates those who are building and leading successful, growing and dynamic businesses, recognizing them through regional, national and global awards programs in more than 135 cities in 50 countries.

About Ernst & Young

Ernst & Young is a global leader in assurance, tax, transaction and advisory services. Worldwide, our 144,000 people are united by our shared values and an unwavering commitment to quality. We make a difference by helping our people, our clients and our wider communities achieve their potential.

For more information, please visit www.ey.com.

Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young LLP is a client-serving member firm of Ernst & Young Global Limited located in the U.S.

New Changes to the Federal Sentencing Guidelines for Organizations

Wed, 19 May 2010 16:18:56 GMT

On April 7, the US Sentencing Commission voted out important modifications to the Sentencing Guidelines for Organizations (FSGO). Join Win Swenson, who is widely viewed as the country’s leading expert on the FSGO, for an in depth discussion on the changes to the FSGO, and practical advice for organizations to ensure they comply with these modifications

EthicsPoint Acquires Technology from Visualization Leader Swan Island Networks

Wed, 19 May 2010 00:00:00 GMT

FOR IMMEDIATE RELEASE

6:00 a.m. PT/May 19, 2010

Software will enable clients to view risks in rich visual format

PORTLAND, Ore. — May 19, 2010, 6:00 a.m. — EthicsPoint, a recognized innovator in helping organizations raise visibility and mitigate operational risk, today announced the purchase of technology from visualization leader Swan Island Networks. EthicsPoint is currently integrating SWAN’s TIES (Trusted Information Exchange Service) technology with its SaaS-based Issue and Event Manager [IEM] case management framework, enabling a rich geographical display of targeted data; the integrated solution will be available in late 2010.

TIES, which was originally formulated to help first responders communicate in the event of a disaster, is a Web 2.0 information sharing service that provides up-to-the-minute critical information in configurable visual displays. Currently employed by the US and other governments, as well as Fortune 500 companies, to assist with the tracking of risk events – from weather to the spread of an epidemic – the TIES system renders real-time information gathered via various data feeds and displays it on maps and in gadgets, in a highly secure environment. TIES uniquely allows each user to filter the data according to their own needs—allowing them to make faster, smarter decisions.

"EthicsPoint continues to evolve as a software organization, delivering customer-driven solutions and services," said David Childers, president and chief executive officer of EthicsPoint. "The integration of this technology will provide dynamic visualization of critical data our customers already have hosted within IEM and let them see in real-time where they may be at risk – whether that be via increased reports of security breaches, vendors or other third-parties located in countries with increased risk of corruption or HR-related risk specific to a department or region."

EthicsPoint will be integrating TIES into IEM under the name, "Visualization Manager." Visualization Manager’s customizable rich visual displays enable increased enterprise awareness and drive data-based decision-making via enhanced location-based (among other available) data in a compelling and intuitive format.

"TIES’ use as a data aggregation and visualization service is growing in both the public and private sectors," said Charles Jennings, president of Swan Island Networks. "We now see applications of the system beyond our original ambition, enabling companies like EthicsPoint to apply it to their own

industry – governance, risk and compliance – with their expertise, bringing the value of real-time data visualization to new markets."

As part of the agreement, EthicsPoint will have exclusive right to TIES for the governance, risk and compliance market, extending a history of innovation from EthicsPoint for the benefit of current and future customers. EthicsPoint plans to complete TIES integration with the existing IEM professional and enterprise frameworks and introduce it to customers in Q4 2010; financial terms of the deal were not announced.

About Swan Island Networks

Founded in 2002, Swan Island Networks is a private company led by experienced, successful entrepreneurs, founded to address the information sharing weaknesses clearly highlighted by such events as 9/11 and Hurricane Katrina. Headquartered in Portland, Oregon, Swan Island’s mission is to use Internet-based technology to create flexible, intelligent, high-trust computing environments and to give people more choice and control over when, where, how and with whom they share information. More information can be found at www. swanisland.net.

About EthicsPoint

EthicsPoint is a recognized innovator in helping organizations raise visibility and mitigate operational risk. We help our clients protect their culture and reputation by facilitating the gathering of data that identifies current risks, managing the intake and evaluation process and enabling them to proactively mitigate future adverse events. More than 2,300 organizations use our products and services to align their business processes with their code of conduct, increasing awareness of potential organizational risks – a critical component of their overall governance, risk and compliance efforts. For more information, please visit www.ethicspoint.com.

EthicsPoint acquires software tools from Swan Island Networks

Wed, 19 May 2010 00:00:00 GMT

The pace of deals in the tech space is picking up as companies seek to position themselves for a more robust economy. The latest acquisition is by Lake Oswego's EthicsPoint, which is buying technology from Portland-based Swan Island Networks.

Terms of the deal weren't disclosed. Last month, EthicsPoint bought the technology assets of a Canadian company called ember ec³.

The new tools -- Swan's "Trusted Information Exchange Service" -- will enable EthicsPoint to visually map issues that could put a client's business at risk.

"This is a fairly substantial shift in our market," said Tom O'Keefe, EthicsPoint's chief operating officer. "It's just a more compelling argument for our customer to invest further in our products."

EthicsPoint's software tracks an organization's operations so managers can be alert for regulatory, legal or business risks. For example, it could help spot a pattern of misconduct reports against certain executives or persistent news of trouble from a distant sales office.

The new visual tools acquired from Swan Island can collect information from multiple sources, inside or outside a company, and feed those onto a map to help managers understand the data.

Swan Island Networks, which helps companies manage information on their computer networks, will continue to own the TIES system it developed. EthicsPoint has licensed the software for corporate governance, regulatory compliance and risk management.

Privately held EthicsPoint has about 130 employees and reported 2009 revenue of $17 million.

Oregon is a hub for companies specializing in technology to manage risk and regulatory compliance. Others in the market include Tripwire, Prolifiq Software and SignaCert, which announced this week that it has sold its business to Florida-based Harris Corp.

-- Mike Rogoway

EthicsPoint Adds Loss Prevention Integration, Updates to Software Framework

Thu, 06 May 2010 00:00:00 GMT

Retail Customers to Benefit from Advanced Integration with Civil Recovery Firms

PORTLAND, Ore. — May 6, 2010 — EthicsPoint, a recognized innovator in helping organizations raise visibility and mitigate operational risk, today announced the Spring ’10 update to Issue and Event Manager (IEM) including enhanced workflow, user interface enhancements and third-party integration for use in loss prevention, specific to the retail sector.

Spring 2010 v1 Release: What’s New

Mon, 03 May 2010 12:41:07 GMT

Overview of the new functionality included in the Spring 2010 v1 Release of IEM Professional and Enterprise.

EthicsPoint Acquires Technology Assets from Software Developer ember ec³

Wed, 28 Apr 2010 00:00:00 GMT

Portland-based software vendor adds policy, procedure and guideline management to product suite

EthicsPoint, a recognized innovator in helping organizations raise visibility and mitigate operational risk, today announced the purchase of technology assets from Toronto-based software-developer ember ec³. Currently, EthicsPoint is incorporating ember ec³’s .Heatshield technology with the SaaS-based Issue and Event Manager [IEM] case management framework, enabling a “Policy Manager” module which will be available in late 2010.

Survival of the most informed

Wed, 28 Apr 2010 00:00:00 GMT

Read a fascinating study from KPMG today - The Convergence Challenge, which is a global survey into the integration of governance, risk and compliance, originally published in February 2010. I literally wore out my highlighter as I tried to capture all the data, quotes and other material that jumped off the page to me.For example, in the opening foreward they write, "...Fearful of both business failure and the penalties of non-compliance, many organizations have reacted by swelling their GRC departments. This has lead to a costly and complex web of often uncoordinated structures, policies, committees and reports, creating duplication of effort. Worse still, GRC has lost sight of its prime objective: to improve performance and efficiency. In short: the solution has become part of the problem! (my emphasis)In recent years, internal auditors, risk officers, compliance offivers and information technology chiefs have begun to work together more closely, finding commonality between disparate GRC projects. Some organizations even formed GRC committees..."I have seen first-hand at numerous client sites this scenario playing out. Departmental/Organizational silos are being struck down by foreward thinking leaders, because they know the value that is derived when GRC is done right. When we are able to share EthicsPoint's vision for GRC with organizations that have reached this stage of maturity, magical moments happen. The energy in the meeting ratchets up, and we get into really fruitful conversations on how value is created through these programs. As Oliver Engels, the European Head of GRC for KPMG in England states, "GRC convergence is an idea whose time has come. It is not simply a technology tool; it is a way to rationalize risk management and controls, giving management the information they need to improve business performance and achieve compliance."Some other interesting statistics from the survey:64% of respondents say GRC convergence is a priority for their organization78% agreed strongly or slightly with the statement,"We see compliance encompassing internal policies, not just external rules and legislation."59% believe the ability to identify and manage risks more quickly is among the main benefits of convergence33% list improved corporate performance among the main benefitsWhat strikes me is that while accurately determining ROI on GRC activities is extremely difficult (how do you put a price on what doesn't occur?), so many leading companies inherently understand that GRC requires doing more than the minimum required, and by taking a proactive, enterprise approach, benefits accrue to their organization. Yet these companies are in the minority - silos still exist in most companies, and many see GRC as an expenditure as opposed to a benefit (just 34% see resources expended for GRC as an investment rather than a cost). When considered in conjunction with Ethisphere's data that Ethical companies outperform their peers and the general market, I do wonder why the momentum and pace of convergence isn't even faster?

EthicsPoint buys Toronto company’s assets

Wed, 28 Apr 2010 00:00:00 GMT

EthicsPoint Inc. on Wednesday said it has acquired the technology assets of Toronto software developer called ember ec3.

Terms of the deal were not disclosed.

Lake Oswego-based EthicsPoint develops software products that help clients identify, track and resolve actions that are inconsistent with their code of conduct.

The deal will allow EthicsPoint to integrate ember ec3’s core product, which is designed to help customers in highly-regulated industries track and comply with new regulatory policies.

EthicsPoint said its integrated product will be introduced to customers by the fourth quarter of this year.

Industry Veteran Harnish Joins EthicsPoint as CTO

Wed, 21 Apr 2010 00:00:00 GMT

EthicsPoint, a recognized innovator in helping organizations raise visibility and mitigate operational risk, announced the hiring of technology pioneer Michael Harnish as chief technology officer. In this role, Harnish will be responsible for the strategic development of products within the governance, risk and compliance portfolio of EthicsPoint clients worldwide.

Deal Radar 2010: EthicsPoint

Wed, 21 Apr 2010 00:00:00 GMT

EthicsPoint helps clients to mitigate and manage compliance and organizational risk. The company offers integrated telephone and Web-based reporting hotlines and case management services that clients can use to identify, report, investigate, and resolve issues and events that may not be in line with their codes of conduct or governance policies.

The impetus for EthicsPoint, based in Lake Oswego, Oregon, came from two certified fraud examiners – one a former police officer, the other a former Secret Service agent. They envisioned combining the then-exploding use of the Internet with their real-world expertise in fraud awareness and investigations. In 2002, David Childers, an expert in compliance, risk, and governance, was brought on as CEO to further grow the company.

Prior to EthicsPoint’s market entry, “whistleblower” hotline providers offered their services via the telephone only. If someone wanted to file a report, they would call a designated number and operators would transcribe the information and fax or mail the report to their client company.

The founders of EthicsPoint, which operates solely through an online, subscription-based model, recognized a number of opportunities to make such reporting more efficient: the Internet provided another way in which people could make anonymous, confidential reports, and an SaaS solution streamlined the transfer of the initial report to the client organization; rather than waiting for a fax or mailed report to arrive, it could notify the appropriate person immediately. Third, this software solution could be used to ensure consistency in methodology and documentation through the investigation of the reported issue. And finally, by storing all the information in a centralized database, customers would have the ability to run analytical reports to identify patterns or trends of risk within their organization.

The hotline market had been created in the 1970s in response to government spending abuse, but when EthicsPoint entered the market in 1999, there had not been a new entrant in eight years. Initially, EthicsPoint designed and deployed its solution to support best practices with respect to laws, regulations, and standards such as Sarbanes-Oxley because it thought it would be working primarily with internal audit and corporate compliance stakeholders to collect and manage information they received regarding financial irregularities such as fraud, waste, and abuse.

As reports began flowing into the system, however, EthicsPoint observed that it would not be possible for an organization to control the nature of reporting and simply limit intake to a single component of its code of conduct. Financial misconduct was reported, but employees, coworkers and in some cases, the general public, reported all issues that they felt breached the company’s code of conduct and/or presented a possible risk to the integrity of the organization. These included harassment, discrimination, theft, wage/hour violations, unsafe working conditions, and so forth. Individual departments were taking the data collected from their hotline and storing it, along with data received in face-to-face conversations and other venues, in disconnected local databases that lacked cohesiveness and transparency. The owner of the hotline – typically the compliance office – became dependent on the ability of multiple individuals from multiple departments to accurately record, manage, and present the information held in their local databases in and to report back to the hotline owner the resolution of the cases that had come in through the hotline because senior management and/or the board of directors wanted to know more about the risks to the organization.

EthicsPoint thus realized the benefits of offering a centralized solution that could be configured to meet the individual needs of departments while enforcing consistency in terminology and investigative methodology. As the company shared these observations with prospective clients, its growth rate accelerated.

In 2009, the market for integrated hotline and case management solutions was approximately $75 million. However, one analyst has posited that the addressable market is $5 billion, with the difference being the prevalence of spreadsheets, homegrown databases, and ad hoc processes. EthicsPoint says that this $5 billion claim is defensible: Sarbanes-Oxley mandates that every public company provide a mechanism for employees and others to anonymously report potential financial misconduct. This mechanism, however, does not have to be outsourced to a provider such as EthicsPoint, and it is estimated that more than 30% continue to operate internally. What’s more, both public and private companies as well as not-for-profits and educational institutions have numerous areas to monitor: discrimination, harassment, pollution, labor policies, badge access, student safety, NCAA compliance for athletes, research regulations, corporate social responsibility (CSR), and donor regulations, to name a few.

EthicsPoint is currently profitable. On a GAAP basis, 2009 revenue was $15.88 million (~23% YoY growth). Revenues have grown approximately 350% over the past five years and EthicsPoint has consistently been one of the fastest-growing companies in Oregon. The past two years have been especially good: EthicsPoint added more than 50 employees and has begun 2010 well above budgeted revenue projections. The company’s historical average for customer renewal exceeds 96% (98% in 2009) on a client basis. All investments ($4.1 million) were seed and angel investors, each of whom owns no more than 10% of the company. No institutional funding was used. EthicsPoint is growing at a double-digit rate and has no current plans to raise any money.

EthicsPoint currently has more than 2,300 customers across a range of industries from aerospace and defense to media and communications. Banking and financial services clients are the most heavily represented, and there are a significant number of clients in education; healthcare, pharmaceuticals, and life sciences; and construction and manufacturing. Customers range from Fortune 100 to small publicly- and privately-held companies.

EthicsPoint operates in a crowded, rapidly growing market. As the Portland Business Journal points out, there are more than 500 competitors. But EthicsPoint believes it has a first-mover advantage in various aspects of its service: integration of the hotline with other incidents, customized Web reports, reporting via cell phones and handheld devices, software and services to address European Union data privacy laws, and a data center outside of the United States for foreign companies storing confidential data within its borders.

The company plans to grow organically and through acquisitions and is investing in expansion to international markets for the core business. While there are no immediate plans for an exit, “Consolidation is a fact of life,” says Childers, who realizes the company could be an acquisition target itself.

FIU introduces fraud hotline | Florida International University Newspaper

Wed, 21 Apr 2010 00:00:00 GMT

The university’s Ethics and Compliance Hotline allows any member of the university community to anonymously report activities that may involve fraud, abuse or other violations of law or university policy.

(President of FIU's video re: fraud hotline available at site as well.)

Kansas Society of CPAs: 2010 Governmental, Nonprofit & BIG/E Conference

Tue, 20 Apr 2010 19:32:36 GMT

EthicsPoint's CTO Mike Harnish will be speaking to the Kansas Society of CPA's on "Tax Professional Standards - Making Them Work for You" at the 2010 Governmental, Nonprofit & BIG/E Conference in Witchita on May 12, 2010.

Meeting Government Expectations for Health Care Compliance.

Mon, 19 Apr 2010 15:27:54 GMT

This webinar will help health care companies identify and avoid common pitfalls after receiving a report of a potential health care compliance problem.

March Madness Dilemmas

Fri, 16 Apr 2010 00:00:00 GMT

Image by ruralocity via FlickrOnce again, my beloved Stanford Cardinal men's basketball team declined to participate in the NCAA Basketball Championship tournament (I am, however, predicting the Mighty Cardinal women will avenge their only loss of the season by beating the University of Connecticut for the title!). But my son still wants me to fill out a bracket, and thus have to make some tough decisions...Can Vermont be the first 16 seed to upset a number one seed when they play Syracuse? Will 10th seeded Georgia Tech upset #7 Oklahoma State? Can West Virginia prove the selection committee was wrong by not seeding them #1 and run through their side of the bracket to the Final Four? What makes these questions so difficult for me is each of them is an EthicsPoint customer, so I'd like to see each of them do well.If you're like me and your bracket falls apart after the first weekend leaving you to find some team to cheer on through the next few weeks, perhaps you'll find a favorite in the schools above, or one of the other EthicsPoint customers in the tournament:BaylorButlerBYUUniversity of CaliforniaUniversity of California Santa BarbaraCornellGeorgetownMarquetteMinnesotaNorthern IowaOhioOhio StateRobert MorrisSam HoustonTexas A&MUtah StateCongratulations and Good Luck (even to the Cal Bears) to all our customers in this year's Championship Tournament!

World's Most Ethical Companies

Thu, 15 Apr 2010 00:00:00 GMT

Ethisphere announced the winners of their 2010 Most Ethical Companies Award earlier this week, and despite criticism in some quarters, I look forward to announcements such as this. The criticism in Slate highlights that Ethisphere's sister organization, Corpedia, consults on ethics and compliance, so there is the potential for conflicts of interest. I won't argue this point, and will leave it to others to determine for themselves whether to regard such rankings as gospel or with a grain of salt.But I do believe there is value in rankings if for no other reason than to highlight the great work companies are doing in this space. For the past 1.5 years I've had the good fortune to speak with a broad spectrum of ethics and compliance leaders - across large, medium and small size organizations, across all industries, non-profits and educational institutions, and I do believe that most companies are ethical and working to constantly evolve and improve their compliance programs. Celebrating the efforts of the few recognized still brings positive reinforcement to the profession and helps to underscore the importance of a strong program.Further, Ethisphere has tracked the stock performance of the companies named to their list, and as you can see below, the companies they recognize as ethical outperform their peers and the market in good times and bad. More justification for the resources companies are devoting to fostering a culture of integrity and compliance!Please join me in congratulating all the EthicsPoint customers who have been recognized for their high commitment to ethical decision making:AstraZenecaAvayaBest BuyCumminsFlint Hill ResourcesGeneral MillsHenkelIKEAJohnson ControlsNoblisParsonsPremierRezidor Hotel GroupRicohSalesforce.comThe HartfordWisconsin Energy CorporationWisconsin Physicians Service

The Unintended Consequences of Sunshine Laws

Mon, 05 Apr 2010 00:00:00 GMT

Laws created to ensure the open review of government information on the local, state and federal level, such as the Freedom of Information Act, are a good thing. Typically referred to as sunshine laws, these requirements were designed to make previously inaccessible government information available to the public. These laws not only apply to government documentation, they also grant the public and media access to government meetings.I’m a huge proponent of the public’s right to know and of transparency. However, some consideration must be given to what falls within the public’s right to know when it comes to an organization’s internal issues, especially when an issue is communicated to a supervisor, manager, HR professional or through an employee hotline or other method for anonymous reporting.EthicsPoint operates reporting hotlines and delivers case management solutions to more than 2,300 clients around the world. Last year, we collected over 150,000 cases from both the hotline and our clients’ web-based report forms. An analysis of these cases shows that 15-18% were found to be frivolous or unfounded, e.g., a rant or a malicious attempt to cast doubt on a co-worker or manager, while 10-15% were immediately actionable and/or contained enough specifics to allow the case manager to quickly resolve the issue or concern. The remaining 70+%, however, required a certain degree of finesse, exploration and as much ‘art as science’ to reach a point of resolution.Recently, a high school principal in Texas abruptly retired after learning he was under investigation for allegedly sexually harassing one of his staff. His actions are not the subject of my concern, by all appearances the school district was doing a great job of seeking information and investigating the validity of the allegations. However, what does concern me is the media’s open records request for any documents pertaining to the investigation under the auspices of open records laws.The school district’s counsel has wisely requested an opinion from Texas’ Attorney General seeking exemption from producing the documents. In her request, the counsel stated the document(s) “contains highly intimate or embarrassing facts, which if publicized would be highly objectionable to a reasonable person, and the information contained in the report is not of legitimate concern to the public.”In 2007, another Texas school district took an entirely different path. They suspended the use of their hotline and case management system to avoid the unnecessary scrutiny the state’s sunshine law had created. In this instance, the sunshine law created the opposite effect for which it was designed. The school district retreated and many of the proven tools used to mitigate fraud and abuse were abandoned. As a result, the school district’s interests weren’t served and the people charged with protecting the school district’s interests were technologically handicapped in their ongoing efforts.This isn’t just a Texas phenomenon. In 2009, an Arizona reporter acknowledged – “Official action by government should be public and transparent. But I think the body politic suffers – in terms of competence, efficiency and effectiveness – by making our government employees work in a fish bowl. But these broad, sweeping public-records requests are clearly fishing expeditions, intended to harass and intimidate. And as such, they constitute a threat to the rule of law.”So while I passionately believe in bringing visibility and transparency to the issues and events that pose risk to any organization, I also feel the unintended consequences of sunshine laws have the potential to dramatically limit accountability unless they are limited in scope. How do you feel about this and do you think that open information laws should have some governing guidelines in protecting privacy, relevance and appropriateness?

The convergence challenge : Global survey into the integration of governance, risk and compliance

Thu, 25 Mar 2010 00:00:00 GMT

In September 2009, the Economist Intelligence Unit carried out a global survey on behalf of KPMG International, assessing the convergence of governance, risk management and compliance (GRC).The research looks at the driving forces behind convergence, the costs and perceived benefits and the barriers to achieving this goal.

The Economist Intelligence Unit surveyed 542 executives from a wide range of industries and regions, with roughly a third each from the Asia Pacific, Americas, and Europe, Middle East and Africa regions Approximately 50 percent of respondents represent businesses with annual revenue of more than US$500 million. All respondents have influence over or responsibility for strategic decisions on risk management and more than one half of respondents are C level or board level executives.

In this survey, governance, risk and compliance refers to the overall governance structures, policies, technology, infrastructure and assurance mechanisms that an organization has in place to manage its risk and compliance obligations.

To supplement the survey, the Economist Intelligence Unit interviewed senior executives and industry specialists from a number of major companies. We would like to thank all the participants for their valuable time and insight.

People in power make better liars, study shows

Mon, 15 Mar 2010 00:00:00 GMT

New York Gov. David Paterson is embroiled in a scandal over whether he used his power and influence to intimidate a woman pursuing a domestic violence case against one of his top aides.

As a result, the governor said last month that he would not seek a second term, and his communications director quit earlier this month citing “integrity” issues.

Former Enron CEO Jeffrey Skilling, who went to prison after the spectacular collapse of the company, is appealing to the Supreme Court his 2006 conviction on 19 counts of fraud, conspiracy, insider trading and lying.

His lawyers argue that he didn’t get a fair trial and that Skilling’s conduct, “even if wrongful in some way,” was not illegal because he was not looking out for his personal interests “apart from his normal compensation incentives.”

The issue of integrity is at the heart of the predicaments these powerful men find themselves in. An organization’s health often hinges on the trustworthiness of its leaders, ethics experts say.

Business speaker talks of changing face of ethics

Fri, 12 Mar 2010 00:00:00 GMT

Business ethics speaker David Childers advised Elon students to move beyond a sense of ethics as a set of hard and fast rules and toward a life of integrity governed by a sense of personal accountability. Childers, president and CEO of Portland, Oregon-based EthicsPoint, Inc., spoke on campus March 11 as the 2010 Business Ethics Speaker for the Love School of Business. Click here for more!

Childers shares significance of business ethics

Fri, 12 Mar 2010 00:00:00 GMT

David Childers spoke on the importance and practice of business ethics on Thursday night as the 2010 Love School of Business' Ethics Speaker.

"I don't think the world we live in understands ethics and we often get polarized because things are considered either right or wrong," he said. "Rather, I believe in integrity, values, and personal accountability."

Despite the fact that most knowledge is already available within corporate America, Childers said there often fails to be effective communication between different parts of an organization.

"The more you know, the lower your risk," he said. "Part of what you need to do to build ethics is to get people to talk to one another and build transparency."

Play by the Rules?

Wed, 03 Mar 2010 00:00:00 GMT

For the past few years I’ve used every forum at my disposal to discuss the inequity of a rule-based environment. You can never have all the rules, and even if you try to have all the rules you ultimately end up with an exhaustive list of requirements that no one can understand or hope to follow. Instead, I’m a huge believer in principle-based performance: Educate to values and integrity, establish clear guardrails and the “rules” for the most part will take care of themselves. The reality, however, is there are people who will choose to break a rule, push a line or tread on thin ice regardless of how much you instruct them otherwise. One example of an organization that maintains too many rules is the NCAA. For the record, to the disdain of most of my children (Go Ducks!), I bleed crimson and gold. My youngest daughter graduated from the University of Spoiled Children (or USC) and during her four years in Los Angeles I found myself completely rooted within the Trojan family. So, like every other loyal Trojan, I’ve been avidly following the NCAA’s attempt to discredit the University of Southern California. Bear in mind there is no allegation whatsoever that USC did not play by the NCAA’s rules. However, the NCAA claims that the family of former USC running back Reggie Bush sought and obtained virtually free housing in the Los Angeles area from an individual that had no direct affiliation with the university. In fact, there isn't even an allegation that any university officials or boosters were involved or even aware of the Bush family arrangement. Just like many other universities, USC took all the necessary steps to educate players and their families on NCAA rules regarding improper behavior. This is essentially what is referred to as compliance training in the corporate world. The issue is that a player and his family, along with an agent, chose to break the rules – not the university. However, the university is somehow held accountable. For those who’ve been reading my blog, you know I have been focused on the extension of compliance concepts to vendors, suppliers and agents because when they screw up it is the corporation who is found guilty – either in the courts or in the court of public opinion. USC has been serving time in both of these “courts” lately. USC will likely be found guilty of a violation of something – because the NCAA unfortunately has enough major and minor rules to make this happen. However, USC didn’t help its cause when it hired Lane Kiffin from the University of Tennessee as its new coach following the departure of Pete Carroll to the Seattle Sea-Chickens. Kiffin is no stranger to questionable behavior and he would not have been among my candidates for the job. According to the New York Times, in less than 14 months at Tennessee, Lane Kiffin committed six secondary violations and is under investigation for the use of student “hostesses” in recruiting. Three of Kiffin’s recruits were also dismissed from the team after they were arrested for armed robbery. Despite promising that his number one priority at USC was to run a clean program, Kiffin has already committed a minor violation by picking up a USC recruit at the airport in a limo. I fly into LAX quite often and while limos may be an odd sight in Ann Arbor, they are pretty common in Los Angeles. I’m not saying what he did was right, I’m just trying to focus on the situational norms – not a bunch of rules. If Kiffin was trying to impress some kid by showing him the ‘So-Cal’ lifestyle, then Kiffin was in the wrong. If he just didn’t want to fight the traffic on I405 and wanted to talk to the kid along the route, what was the harm? Plenty. Kiffin knew what he was doing was wrong. The principle is “inappropriate influence” and he chose to ignore it. I am not suggesting that if the NCAA gets rid of all of its rules that universities will automatically clean up their athletic programs. I am simply suggesting that all the silly little rules get in the way. Minor rules must be made for breaking otherwise they wouldn’t be classified as minor?! If the NCAA created and verbalized a clear set of guidelines to every stakeholder (coaches, players, athletic directors, boosters, agents and family members) and enforced them swiftly and fairly, then I think everyone would get the message. I've been preparing this week for a talk I will give in a couple of months on gaming fraud – specifically focused on Native American casinos. What I have learned is that Native American gaming establishments are not unique and the fraud and abuses that are prevalent in Las Vegas are just as prevalent in Tulsa, Oklahoma. What I have also learned is that the sophistication and pride within Native American tribes makes a huge amount of difference in the volume of fraud-based activity. The tone from the Principal Chief and the value set by which the tribe members hold themselves accountable is the real measure by which you should begin to rank or rate the fraud potential. It should be the same for college athletics. Coaches should set the tone and lead by example, and the alumni must remember that the true sense of winning in college athletics isn’t always measured by trophies or scoreboards.College sports are dominated by the “what have you done for me lately" or "we need to win now" attitude. This can be likened to the sentiment in the corporate world which saw the downfall of Enron and the like, too much focus on short-term profits and not enough focus on long-term growth. Universities need to realize the eventual damage this attitude may inflict down the road if they don’t build a program based on integrity and principle-based performance.

Principle-Based Leadership: Setting the Tone

Mon, 22 Feb 2010 00:00:00 GMT

As a member of numerous web 2.0 forums, I oftentimes listen to esoteric rants and the splitting of hairs in the Governance, Risk and Compliance world. Every so often, however, I get the opportunity to read something that is refreshingly lucid.All of us in the compliance world struggle with moving the needle and improving the “ethical quotient” of our organizations. For the last few years, I have come to believe it isn’t the “transformation” of people that is important, it is the tone from the top and the people you hire. Setting the tone and expectation of principled integrity for your organization and interjecting the right DNA into an organization can have a greater impact than any training program. When people are faced with an ethical dilemma they often turn to the example set by leadership or their co-workers. Having well-grounded individuals in your organization that embrace the organization’s goals and know the difference between right and wrong will prove invaluable.Recent comments by Daniel Roberts of RAAS consulting made me take notice. Dan discussed the obituary of one of the translators at the Nuremberg War Crimes Tribunal and recounted this person's recollection of the interrogation of Rudolf Höss, the former head of Auschwitz. The translator asked Höss if he had ever sought to enrich himself off the Jews he was killing. Apparently Höss replied, "What kind of man do you think I am?"This is the verbatim quote from Dan that sparked this post: “Ethics are defined by what we believe to be right and wrong. Höss was not living in an ethical vacuum, just in a place/time in which the ethics were so distorted from our understanding of the word as to earn him a place in history as one of the most loathsome humans ever. Yet he considered himself ethical.Start by looking at the ethical norms or leadership and you will discover the ethical norms of the organization. An ethics program by itself is noise. It is the actual behaviors of leadership that matter. If they cover up inappropriate or even criminal behavior (seen it done), or simply refuse to truly investigate it (seen it done), punish those reporting the potential abuse (seen that done too), then all the ethics handbooks and programs are meaningless.”Thanks Dan for reminding us that inspiring principled based performance and a sense of “presence,” not the issuance of rules and requirements, is how we will change our organizations.

Executive Profile: David Childers

Sun, 21 Feb 2010 00:00:00 GMT

David Childers

Resume

Name: David Childers, CIPP.

Title: President and CEO.

Organization: EthicsPoint.

Description of organization: A global authority in integrated hotline and case management solutions that enables organizations to foster a culture of integrity and compliance. It helps clients protect their culture and reputation by facilitating the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,300 organizations use EthicsPoint’s software and services.

Professional background: CEO of EthicsPoint since 2002. For 11 years before EthicsPoint, I was the CEO of Oregon Scientific and then CompanionLink. Named one of the world’s “100 Most Influential People in Finance” by Treasury & Risk Magazine in 2008.

Education: Oral Roberts University, MIT Sloan School of Management.

Residence: Lake Oswego.

Business Philosophy

Essential business philosophy: Lead by example and be fair. Surround yourself with smart people and listen to them.

Best way to keep competitive: Constantly study trends, explore new ideas and always continue to further your education and training.

Guiding principle: Integrity.

Yardstick of success: Confidence that my team is smart, motivated, engaged and actively driving the company toward our organizational goals.

Goal yet to be achieved: Sitting on a publicly traded company’s board.

Judgment calls

Best business decision: Shifting the emphasis of EthicsPoint toward the vision of providing a governance, risk and compliance platform in 2005.

Worst business decision: Failing to trust my instincts.

Toughest business decision: While CEO of Oregon Scientific I learned that one of our NOAA weather radio products was potentially defective. In addition, we couldn’t accurately estimate the ratio of products in the market that may have been affected. I made the decision — despite complaints from my Chinese parent company — to recall and replace all of the radios we had sold to that point. Because the radios were used to make decisions upon which lives were dependent, I was not willing to take the risk that one would malfunction.

Biggest missed opportunity: In 1979 I was recruited by Sam Walton to come to Bentonville and consider working for Wal-Mart. Sam was a terrific promoter and loved to inspire “camp meeting style.” After attending a few days of meetings I felt Wal-Mart wasn’t right for me.

Mentors: My relationships with Barry Buttifant, Bill Goldman, Richard Kropp and Don Renberg engendered positive influences and each helped shaped my business thinking. I am also blessed to have friends like Mark Reed, John Hall, Tom O’Keefe, Gen. Tony McPeak, plus a couple of wise priests over the years, namely Jeff Bullock and Shannon Leach.

Word that describes you: Entrepreneur.

True Confessions

Like best about the job: Working with smart, inspired and dedicated people.

Like least about the job: Building EthicsPoint has been a 24/7/365 experience for the past five years. I look forward to more time away to think and recharge this year.

Pet peeves: An empty water glass at a restaurant. Also the lack of pride and professionalism.

Most important lesson learned: Trust your instincts.

Person most interested in meeting: Bill Clinton. While I don’t agree with him on several issues or condone some of the decisions he made in his personal life, I am amazed at his sense of presence, his ability to connect with people and in recent years, the statesmanship and leadership he has shown as a private citizen.

Most respected competitor: Archer Technologies.

Greatest passions: Making and sharing great food with friends and family.

First choice for a new career: It will likely be another startup, but my inclination is to share my experience, training and relationships as a board director for emerging and evolving organizations.

Predilections

Favorite quote: “The most pathetic person in the world is someone who has sight, but has no vision,” Helen Keller.

Most influential book: “The Goal” by Eliyahu Goldratt.

Favorite Web site: Amazon.com.

Favorite cause: Anything to support public education. As the father of four daughters, any programs that promote math, science and self-esteem for young women. That is why I support TechStart and Stand for Children.

Favorite movie: Anything by Frank Capra.

Favorite musician: Dave Mathews.

Most treasured possession: Cufflinks my wife gave me as a wedding present.

Favorite restaurant: I am a foodie. I love our authentic ethnic choices in Portland like Andina, La Calaca Comelona and East India Trading.

Favorite vacation spot: Palma de Mallorca, Spain.

Favorite way to spend free time: Woodworking.

Ethics: Now More Than Ever

Tue, 16 Feb 2010 10:31:13 GMT

Join Dr. Mac McCrory, Adjunct Instructor at Spears School of Business, Oklahoma State University, for an intriguing conversation focused on how ethics deals with questions of virtue at all levels and how daily decisions impact your personal and professional life.

Government Transparency: An Oxymoron

Tue, 16 Feb 2010 00:00:00 GMT

For almost a decade, EthicsPoint has provided software and services that help organizations gather, review and resolve issues and events that impact their operations. Most of these issues and events are risk factors that can dramatically affect confidence and share value or result in a serious monetary loss. At EthicsPoint, we provide services to a multitude of organizations from a variety of industries. But if you peel back the onion, you will notice that we service only a handful of municipalities and no government agencies, I’ve often wondered why that is.

I used to believe it was because EthicsPoint delivers its services in the “cloud” as a software-as-a-service provider and doesn’t provide a premise offering that can be put behind an organization’s firewall. But lately I have come to the conclusion that transparency and government -any government - simply doesn’t exist. For all practical intents, the US government became a venture capital company in 2009 and EthicsPoint does service several financial institutions. Therefore, I don’t believe it’s the function of the organization that dictates a lack of transparency, but rather something inherent in the way our government is run. As a tax payer this is frustrating to me.

I was a history major in college and looking back I don’t know if real transparency has ever existed in our government. The reasons for this lack of transparency may be varied, but the result has been the same. For instance, in the earliest days it was a literacy void and the general public’s inability to read helped support our representative form of government. Next, it was a genuine communication failure in reaching the populous due to distance and an unreliable “yellow” journalistic press. Then it was a protectionist view – because we couldn’t let the commies know what we were doing. Today it is just the “way things are done.”

It is somewhat akin to the situation of a plumber not showing up to your house and when you express your discontent to a co-worker she immediately understands and says, “Yeah, that’s just the way those guys are.” We’ve become so accustomed to bad government that we roll our eyes and say, “Yeah, that’s just the way those guys are.”

Several months ago I blogged about “hating the word Ethics” and repeatedly expressed that I personally had difficulty drawing a definitive ethical line when dealing with certain issues or events in the compliance world. Earlier this week, Mark Meaney, the number two man at the city of Chicago’s Office of Compliance, resigned amid allegations he mishandled an intern’s 2008 sexual harassment complaint against a top official at Chicago’s 911 emergency center. I had the opportunity to work with Mark and I personally find this hard to believe. He and his boss Tony Boswell had the very unenviable and daunting task of developing and running the compliance department for the city of Chicago.

The city of Chicago has been monitoring city hiring since the 2005 scandal that found a member of Mayor Daley’s staff guilty of rigging city hiring and promotions to benefit pro-Daley political workers. However, the city’s hiring monitor and other consultants have proven inefficient and, according to the Chicago Sun-Times, have cost Chicago taxpayers $6.2 million. It has also been reported the city’s hiring monitor has been accused of falsifying allegations of misconduct by Boswell and Meaney in order to discredit them and gain total control of the city’s hiring process. This is where that ethical line starts to blur.

The situation gets better or worse depending on your perspective. If you know anything about whistleblowing, it is the responsibility of the compliance officer to protect the organization from any “retribution” resulting from an individual coming forward. The ethical line blurs even further once you know the 911 center official in question is a high-ranking deputy who was stripped of his responsibilities in 2008 after blowing the whistle on alleged contract irregularities involving Motorola that cost taxpayers $2.25 million.

Mark’s quote in the Sun Times says it all. “It was a privilege to have been part of something that had never been tried before; corporate-style compliance in municipal government…Mayor Daley should be applauded in his efforts at true reform. Unfortunately, fear and blame seem to be winning over culture change. I return to the private sector with no regrets for having spent the last two years working with some of the best public servants anywhere.”

What a twisted web. You have heard me say many times the role of a compliance officer is not black and white. The role requires discernment and often a balancing act of issues that would make Solomon shudder. This is no different in government or the private sector. Let’s consider for a moment that the evidence in this case is inconclusive (let me be clear that I have no inside information on this matter). Yes, there is an accusation but it is difficult to fully substantiate. There are multiple variables in play and the subject of the investigation is a person who “blew the whistle.” Appropriately, you might have some trepidation that the accusations could be retaliatory. So I ask you – what would you do?

I like Mike and Tony, which makes this difficult for me. It upsets me that in the public sector what some members of government say in front of a microphone, even for their own benefit or gain, often shapes the court of public opinion, and good guys pay the price.

Conducting Internal Employee Investigations Outside the US - Part 2

Thu, 11 Feb 2010 00:00:00 GMT

Within the US, internal investigations into suspicions or allegations of employee misconduct follow an increasingly-well-defined approach. But conducting a US-style investigation abroad raises high hurdles under local employment and data laws.

Stage II. Initial Response to an Allegation/Suspicion: Conduct a thorough and legally compliant initial response to an allegation or suspicion of misconduct outside the US.

Conducting Internal Employee Investigations Outside the US - Part 3

Thu, 11 Feb 2010 00:00:00 GMT

Within the US, internal investigations into suspicions or allegations of employee misconduct follow an increasingly-well-defined approach. But conducting a US-style investigation abroad raises high hurdles under local employment and data laws.

Stage III. Interviewing Witnesses: Interview witnesses in a way that complies with local employment and data protection laws.

Conducting Internal Employee Investigations Outside the U.S. – Part I

Thu, 11 Feb 2010 00:00:00 GMT

Global Sourcing: The Next Level of Risk

Wed, 10 Feb 2010 00:00:00 GMT

As I mentioned in my last posting, the Justice Department is becoming more serious about Foreign Corrupt Practices Act (FCPA) enforcement and the recent sting operation in Las Vegas certainly reflects the hard-line, somewhat insidious, strategy of their new playbook. While the indictments involved individuals in the defense/arms industry, I expect enforcement to increase across many industries.

Aside from the recent events foreboding stricter enforcement, some of my peers are also predicting a surge in activity. For example, a former US Attorney assured me this sting was only the beginning and that two more will emerge in the coming months. Dan Karson, an executive managing director for Kroll, said the recent sting operation has “sent chills” down the spine of small and mid-sized businesses who may have falsely hoped the Justice Department’s interest in FCPA was reserved for global Fortune 500 companies.

This increasing level of FCPA enforcement has major implications for companies and how they choose supply chain partners. In the past, a partner’s misconduct may have impacted the organization but didn’t necessarily come with the immediate publicity and massive fines experienced today. This is why companies who never considered making the investment are now starting to consider extending their internal compliance expectations and training throughout their supply chain. Cultural and language barriers aside, this remains a daunting task.

Global sourcing relationships have always been about trust and service – but this is new territory that stretches the boundaries of these relationships. The two most important factors in mitigating an FCPA violation in this instance are selecting the right vendor, supplier or agent from the start and developing a process that ensures transparency. I will be writing much more on this topic as the year moves forward. Let me know what you think – can you expect a vendor, supplier or agent to act in accordance with a company’s compliance policies, procedures and guidelines?

EthicsPoint and LexisNexis Form Alliance to Enable Companies to Mitigate Risk, Reduce Penalties and Protect Their Reputation

Tue, 09 Feb 2010 00:00:00 GMT

PORTLAND, Ore./New York —February 9, 2010 —EthicsPoint, the global authority in hotline and anti-fraud reporting and case management services, and LexisNexis, a leading global provider of content-enabled workflow solutions designed specifically for professionals in the legal, risk management, corporate, government, law enforcement, accounting, and academic markets, announced an alliance to enable organizations to maintain a culture of integrity and compliance. With this alliance, the EthicsPoint Issue and Event Manager Suite of software solutions will be featured as a critical component of the LexisNexis Compliance Solutions offering.

Organizations today face not only an ever-expanding list of regulatory mandates to which they need to maintain compliance, but also governmental agencies that are increasing their enforcement activities around these mandates. In such a climate, it’s imperative that companies both closely monitor and understand the impact of regulatory changes on their business as well as implement policies and processes to ensure potential risks are brought forward and investigated consistently and efficiently. The LexisNexis and EthicsPoint partnership addresses this issue through software and information services.

“We are pleased to announce our alliance with EthicsPoint,” said Renee Citera, Vice President – Research & Compliance of LexisNexis. “We evaluated many vendors for inclusion in this program, and believe EthicsPoint’s industry-leading solution is a natural fit within the LexisNexis Compliance Solutions and will help our clients protect their reputations, promote an ethical workforce and maintain an effective compliance program.”

LexisNexis Compliance Solutions include cutting-edge compliance tools, world-class regulatory intelligence and content, and access to industry-leading compliance experts – a robust combination that yields a unique compliance package unavailable elsewhere on the market.

“It’s clear to me that the pace and complexity of new regulations will continue unabated, the risk of enforcement actions is greater now than ever before, and automating your compliance efforts through software is required to stay current in this environment,” said David Childers, CEO of EthicsPoint. “The combination of the EthicsPoint solution and LexisNexis services and expertise within the legal and compliance realm provide true value for those companies attempting to navigate these complex times.”

About EthicsPoint

EthicsPoint is the global authority in integrated hotline and case management solutions. We help our clients protect their culture and reputation by facilitating the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,300 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit www.ethicspoint.com.

About LexisNexis

LexisNexis® (www.lexisnexis.com) is a leading global provider of content-enabled workflow solutions designed specifically for professionals in the legal, risk management, corporate, government, law enforcement, accounting and academic markets. LexisNexis originally pioneered online information with its Lexis® and Nexis® services. A member of Reed Elsevier [NYSE: ENL; NYSE: RUK] (www.reedelsevier.com), LexisNexis serves customers in more than 100 countries with 18,000 employees worldwide.

Learn Answers to the Latest Top 10 Most Frequently Asked Questions for Issue and Event Manager Pro & Enterprise

Fri, 05 Feb 2010 12:21:15 GMT

Know about city fraud, waste? Call new tip line

Tue, 02 Feb 2010 00:00:00 GMT

Anyone who suspects fraud, waste or misuse of city resources by Portland employees now has a way to report it.

City Auditor LaVonne Griffin-Valade announced the city’s first public fraud alert line is working. Concerns can be reported by phone or through a secure Web site.

Read more at the link below!

Conducting Internal Employee Investigations Outside the U.S.

Fri, 29 Jan 2010 12:15:18 GMT

Join Donald C. Dowling, International Employment Counsel, White & Case LLP, for a hands on webinar on conducting internal investigations into the international context. You will learn how to avoid missteps and legal violations in conducting investigations abroad.

Cleveland school board gives protection to whistleblowers

Fri, 29 Jan 2010 00:00:00 GMT

CLEVELAND, Ohio - 1/29/10 -- The Cleveland school board is trying to regain the public confidence it lost in a highly publicized purchasing scandal.

The board on Tuesday adopted a whistleblower policy that forbids retaliation against employees who report fraud and other misconduct.

Former Cleveland schools Chief Operating Officer Daniel Burns.Board members also approved an employee code of ethics, expanded a policy on conflicts of interest, authorized an independent audit of a state-funded construction program and ordered the district's internal auditor to report to the board instead of to the chief executive officer.

The votes came during a meeting at Whitney M. Young School, in front of about 200 people who had come largely to complain about proposed school closings.

State Auditor Mary Taylor recommended a whistleblower policy as part of a special audit released in December.

The audit found that former schools Chief Operating Officer Daniel Burns approved paying more than $160,000 for printing equipment and consulting the district never received. Burns and Toledo businessman John Briggle are charged with theft, racketeering and tampering with records.

Taylor's office did not find that lack of a whistleblower policy abetted the scandal -- in fact, a suspicious employee brought it to light. But she said such policies help unearth wrongdoing.

The other new policies had been discussed for some time. Board member Natalie Peterson, a lawyer who helped draft the measures, hopes the package reassures wary taxpayers.

"We want to send a strong message from the top," she said. "We're serious about preventing fraud, corruption and other inappropriate behavior."

The whistleblower policy calls for outside management of a fraud hot line the district launched last year.

The line has been managed internally.

About a year ago, the Jefferson County, Ky., school district, which includes Louisville, hired Oregon-based EthicsPoint Inc. to set up and run a telephone and online system for reporting suspected financial fraud. The district started the system after an anonymous letter led to the conviction of a principal who steered $70,000 to sham educational consultants.

The service has so far cost the district about $18,000 and generated 35 calls. Most involved problems such as unauthorized visitors in schools, but tips have landed a few employees in trouble for offenses such as habitual tardiness. No additional fraud has been found.

Director of Accounting Eddie Muns said having an outside manager is worth the expense. He said it gives employees faith that they won't face reprisals and their complaints won't be squashed.

The board approved giving $180,000 to the Bond Accountability Commission for audit of the school district's construction program. The independent commission monitors the spending of local tax money for school construction.

Board Vice Chairwoman Louise Dempsey urged the commission to quickly complete the audit. She noted that some of the 'companies involved in the program have been tied to a probe of corruption in county government.

Commission Vice Chairwoman Sandra Morgan said the panel was fulfilling its responsibility by asking for the audit.

"We didn't approach this with an 'ah-ha' agenda," she said. "We're not looking to nab anyone."

Morgan said she would prefer to hire auditors from outside Northeast Ohio or the state. She said she hopes the audit will be done in six months.

Standing Ovation

Wed, 27 Jan 2010 00:00:00 GMT

I just read Scott McNealy's farewell letter to Sun employees and was struck by a couple of paragraphs I'd like to share:"What we did right and wrong at Sun over the years might make for interesting reading. However, I am not a book writer. I am a husband, father of four, and a builder and leader of people who want to make a difference.But spare me a bit of nostalgia. Not of the mistakes we made, and lord knows I made a ton. But of the things we did right and well.First and foremost, Sun innovated like crazy. We took it to the limit (see Eagles). And though we did not monetize our inventions as well as we could have, few companies have the track record in R&D that we had over the last 28 years. This made working at Sun really cool. Thanks to all of you inventors and risk takers who changed how we live.Sun cared about its customers. Even more than we cared about our own company at times. We looked at our customer's mission as more important than ours. Maybe we should have asked for more revenue in return, but our employees were always ready to help first. I love this about Sun, which I guess makes me a good capitalist, if not a great capitalist.Sun did not cheat, lie, or break the rule of law or decency. While we enjoyed breaking the rules of conventional wisdom and archaic business practice, and for sure loved to win in the market, we did so with a solid reputation for integrity. Nearly three decades of competing without a notable incident of our folds going off course morally or legally. Not all executives and big companies are bad. Really. There are good companies out there. Special thanks to all of my employees for this. I never had to hide the newspaper in shame from my children."While tempted to comment on all I find admirable in these paragraphs, I think it's better to let them stand on their own. I tip my hat to Mr. McNealy and all the employees at Sun.

2009 Most Influential in Business Ethics List

Wed, 27 Jan 2010 00:00:00 GMT

Last week I had the opportunity to spend a day with one of our newer clients, learning about their Compliance and Ethics program, goals for next year and overall philosophy on fostering a culture based on ethical decision making and caring for their customers. One of our topics for discussion was quantifying the return on their ethics and compliance programs, which is often a difficult number to ascertain. While it's somewhat straight forward to calculate time savings in various stages of the various business processes that are part of your GRC programs, it becomes more difficult to calculate the full impact. For instance, how do put a number on not being fined for FCPA violations, or not having a class-action lawsuit filed against you for bad labor practices, or increased sales from consumers who trust your business more than your competitors? It was a lively discussion, and one that I hope to have more often in 2010 as I visit more of our customers.I was reminded of the conversation when I saw Ethisphere's 2009’s 100 Most Influential People in Business Ethics list last week. The list is comprised of people in eight different categories spanning government, non-profits, education and corporations. When you look at the names of the companies represented by these individuals and consider their market success, you can begin to get a good idea that while it may be difficult to exactly quantify the ROI of a culture of integrity, there clearly is a strong correlation between culture and business success.I was especially pleased to see a number of EthicsPoint's customers represented on the list, and would like to congratulate the following people for their outstanding efforts and accomplishments in the field of business ethics over the past year:Peter Solmssen – General Counsel, SiemensSharon Allen – Chairman, DeloitteBill Gates – Founder, Bill and Melinda Gates FoundationKathleen Edmond – Chief Ethics Officer, Best BuyBrian Martin– SVP and General Counsel, KLA-TencorPascal Bourdin – SVP, and GM of European Chocolate Business, KraftCongratulations to all the winners!

Back in the Saddle

Fri, 22 Jan 2010 00:00:00 GMT

This past year was a difficult one for most companies. I am happy to say that EthicsPoint not only survived but thrived during one of the worst economic periods in recent memory. But the work load to succeed took its toll and my conversation with you suffered. To all of you who took the time to link into my blog last year, I want to reiterate how much I enjoy sharing my thoughts in a blog format and that I am dedicating the time and discipline this year to be attentive to this dialog.My blog will soon take on some new dynamics. I also have one of our analysts working with me to ensure I remain current and vocal around the important topics in GRC. A new section of my blog site will be dedicated to monitoring important legislation or regulations. There are many new areas of fraud and risk evolving and the compliance emphasis on FCPA, supply chain management and green initiatives is growing exponentially. I hope to keep current on each of these and share my thinking both here and thru Twitter.This past week the FBI showed that it was serious about FCPA enforcement. Their sting efforts were very effective. Dan Karson of our partner Kroll Worldwide said in a recent article,“This [sting] has sent a chill down the back of a lot of companies…Mainstream companies, not just from the defense industry, are now wondering, 'Am I at risk?'” I have been suggesting for months that small and midsized companies need to better understand their supply chain and extend their compliance programs to these stakeholders. With these new "rules of engagement" the risk level within supply chains just moved to a new DEFCON level. More comments to follow and please comment and tell me what you think.

Pivot Reports - Overview - Winter 10 Release

Thu, 14 Jan 2010 15:23:46 GMT

Overview of Pivot Report Functionality included in Winter '10 Release of IEM Professional and Enterprise

New EthicsPoint Software Updates Enhance Advanced Analytics

Tue, 12 Jan 2010 00:00:00 GMT

Updates to Issue and Event Manager Professional and Enterprise Improve User Experience, Drive Productivity

Portland, OR (PRWEB) January 12, 2010 -- EthicsPoint, the global authority in hotline and anti-fraud reporting and case management services, today announced updated versions of its Issue and Event Manager (IEM) Professional and Enterprise solutions. The updates to IEM Professional and Enterprise deliver to the market a more effective method to analyze data and spot trends in the ultimate pursuit of mitigating enterprise risk while also providing more facilities for EthicsPoint customers to interact with us and other users of our solutions.

With the Winter ’10 release, IEM Professional and Enterprise now ship with Pivot Reports as part of the Advanced Analytics module. Leveraging advanced charting tools, EthicsPoint Pivot Reports deliver the ability to summarize, analyze and explore data in a highly configurable, non-prescriptive manner. With the addition of Pivot Reports users will be able to create comparisons across a multitude of data dimensions facilitating trending and pattern analysis.

“Our customers recognize the value of consistently approaching how they collect, investigate, document and resolve reports of misconduct within their operations. These activities require workflow-oriented software and tools to help mine this data to identify patterns and trends. This improvement to our analytics engine is yet another example of our commitment to innovation and product leadership across an increasingly advanced, data-driven domain.” said David Childers, CEO of EthicsPoint.”The Winter ’10 release provides our clients the flexibility to define their own custom analysis in an extremely intuitive ‘drag and drop’ format.”

Also included in this update is a totally refreshed Customer Resource Center designed to facilitate customer satisfaction by providing a place for users and administrators to engage one another, and share best practices and advice in addition to accessing documentation and training materials. New, smarter search functionality has also been added to the Knowledge Base, reducing the time it takes for users to locate information and solve problems. The Customer Resource Center also offers a dramatically more powerful support ticketing system targeted at quickly connecting users to a client services representative who can provide assistance.

About EthicsPoint

EthicsPoint is the global authority in integrated hotline and case management solutions and enable organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by facilitating the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2300 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit www.ethicspoint.com.

Homepage Updates in Summer 09 Release of IEM Pro and Ent

Mon, 11 Jan 2010 13:33:53 GMT

Walkthrough of changes to the Homepage - Summer 09 Release

What's New in Summer 09 Release

Mon, 11 Jan 2010 12:06:02 GMT

What's new - Summer 09 Release

User Training - Professional and Enterprise

Mon, 11 Jan 2010 11:43:35 GMT

User Training for IEM Professional and Enterprise

Administrator Training - Professional and Enterprise

Mon, 11 Jan 2010 11:41:49 GMT

Admin Training - Professional & Enterprise

Driving Program Awareness and Insight

Fri, 08 Jan 2010 20:06:27 GMT

Due to technical difficulties, the recording of this webinar is not available.

Data Integration Management Services: From HRIS Data to Legacy Data Integration

Fri, 08 Jan 2010 19:08:46 GMT

Due to some technical problems, this recording is not available.

Back Due To Popular Demand! Learn Answers to the Latest Top 10 Most Frequently Asked Questions

Fri, 08 Jan 2010 19:06:50 GMT

Fine-Tuning Your Case Management Workflow

Fri, 08 Jan 2010 19:01:42 GMT

Best Practice Advice for Improving Employee Awareness of Your GRC Program

Fri, 08 Jan 2010 18:59:11 GMT

Recording is unavailable due to technical issues

MobileLink User Guide

Fri, 08 Jan 2010 00:00:00 GMT

EthicsPoint MobileLink provides a streamlined version of Issue and Event Manager on your web-enabled handheld device, allowing you to immediately evaluate incoming reports or cases, so you can respond quickly to time-sensitive issues.

Executive Director Letter to Staff for NonProfits

Fri, 08 Jan 2010 00:00:00 GMT

Sample executive letter to staff - announcing ethics program.

President's Letter to Employees Version 2

Fri, 08 Jan 2010 00:00:00 GMT

Sample President's Letter to Employees

Fri, 08 Jan 2010 00:00:00 GMT

Sample of a president's letter to employees.

Q and A Employees

Fri, 08 Jan 2010 00:00:00 GMT

Sample Questions and Answers from Employees

FAQ for Employees

Fri, 08 Jan 2010 00:00:00 GMT

FAQ for employees

How To File a Report

Fri, 08 Jan 2010 00:00:00 GMT

Sample employee Instructions on how to file a report

Roll Out Letter to Employees

Fri, 08 Jan 2010 00:00:00 GMT

President's Letter to Employees Version1

Fri, 08 Jan 2010 00:00:00 GMT

EthicsPoint Establishes International Data Center to Meet Global Client Needs

Tue, 22 Dec 2009 00:00:00 GMT

Facility powers secure, reliable, sustainable systems to support international demand

PORTLAND, Ore. — December 22, 2009 —EthicsPoint, the global authority in integrated hotline and case management services, today announced that it has established an international data center in order to meet growing demand for its software-as-a-service (SaaS)-based offerings for governance, risk and compliance programs. This investment makes EthicsPoint the first hotline and case management vendor with a data center outside the United States.

Meeting Client Needs Globally

The new international data center is part of EthicsPoint’s strategic growth plan and the company’s continued commitment to addressing customer needs. Currently, EthicsPoint has over 2,300 clients; approximately 40 percent of which have international operations. With demand from organizations headquartered outside of the United States growing, the new data center enables EthicsPoint to better meet the needs of existing and prospective customers with specialized data protection and data privacy demands. For example, the new facility will provide access to a data-privacy-approved location in compliance with the Article 29 Working Party of the European Union.

“The decision to build our new international data center reflects our increasingly diverse global customer base,” said David Childers, CEO of EthicsPoint. “This data center will not only allow us to scale to provide reliable and secure on-demand delivery for our clients while addressing their data privacy concerns, but also reflects our strong commitment to protecting Earth's natural resources by implementing sustainable practices throughout our business.”

Supporting Sustainable Business Goals

EthicsPoint selected the Canadian RackForce data center in Kelowna, British Columbia as the location for this data center. The facility, which first opened in July 2009, has been recognized as one of the greenest and most advanced data centers in North America. It leverages state-of-the-art server hardware and virtualization to minimize energy consumption. Its power comes from Renewable Hydro Power with an extremely low CO2/kWh footprint – 1/100th of coal fired electrical generation.

EthicsPoint’s application system currently processes an average of more than 100,000 transactions per day with greater than 99 percent system uptime and sub-second average server response time. The expanded storage and processing capacity will help meet current and projected user needs for availability, responsiveness and security.

About EthicsPoint

EthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by facilitating the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,300 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit www.ethicspoint.com.

Contact:

Toni Cole, Edelman

503-471-6841

toni.cole@edelman.com

Maintaining an Ethical Workplace: Third-party employee hotline, case management solution helps CDW keep watch

Wed, 09 Dec 2009 00:00:00 GMT

It was an infraction, an apparently isolated breach of corporate policy that could have gone entirely unnoticed. A manager bought a hot new product before its official release date with his employee discount and then sold the product on eBay for a profit.

If it had remained unnoticed and undocumented, the company might have missed the fact that many others were engaging in similar non-ethical behaviors, putting the company’s relationship with its vendors at significant risk and costing them selling opportunities with customers.

Management at Vernon Hills, Ill.-based CDW, a provider of business-to-business technology products and services, wanted to ensure that, as much as possible, incidents like this would not go unnoticed in its operation.

To accomplish this, CDW’s management focused on two related goals. First, to give its co-workers a safe outlet to report suspected violations and seek guidance on ethical and compliance issues. Second, to develop a robust incident management process which would allow it to aggregate data about policy violations so that it could identify issues and trends early.

ACUA Annual Conference

Fri, 04 Dec 2009 12:43:11 GMT

EthicsPoint will be exhibiting at ACUA's 2010 Annual Conference.

SCCE 2010 Compliance & Ethics Institute

Fri, 04 Dec 2009 12:12:14 GMT

EthicsPoint will be exhibiting at SCCE's 2010 Annual Compliance & Ethics Institute Conference.

Ethics Bubble?

Thu, 03 Dec 2009 00:00:00 GMT

Image by ecstaticist via FlickrJust spent some time reviewing the Ethics Resource Center's 2009 National Business Ethics Survey . There's some very interesting data in the report - some of which seems contradictory, which means I'm going to be spending more time this weekend digging into the details.On the positive side, the survey revealed that:Misconduct at work is downReporting of observed misconduct is upEthical cultures are stronger, andPressure to cut corners is lower.But before we start congratulating ourselves too much, however, there were some cautionary data as well. For instance, 30% of people who observed behavior that constituted a "red flag" (activities that may be indicative of material fraud or questionable actions taking place) said they did NOT report it. You can't take appropriate action to mitigate potential misconduct if you aren't aware of it!Furthermore, there is an interesting analysis of results from past Business Surveys that may suggest we are in an "ethical bubble."If you look at the chart, you'll see that in the last economic downturn, reported misconduct also decreased, but as the economy improved, misconduct rose with it. While the sample may be a bit small, the parallels between the S&P Index and observed misconduct are fairly consistent. The ERC surmises this may be because in hard times management may talk (and inspect) more on the importance of high standards. Thus, misconduct goes down.This really has me thinking...On one hand, I know that most of our clients are putting their money where their mouth is - allocating resources to ethics and compliance programs and making a true commitment to fostering an ethical culture. I don't see this changing as we exit the down turn. But the chart is revealing. Curious as to your thoughts - are we really in a bubble? Is this latest good news fleeting?I'll leave you with the advice the ERC has for Ethics and Compliance Professionals:Focus on culture and collect data! Now is the time to assess your culture and put in place processes - especially regarding the collection of potential violations of your stated code of conduct - for how you manage issues and events that expose your organization to risk.

EthicsPoint raises questions, doubts

Thu, 03 Dec 2009 00:00:00 GMT

EthicsPoint, the third-party whistleblower service adopted by Seattle University last month, has sparked both acclaim and outcry from students and faculty.

Though some speculated EthicsPoint was implemented to handle only ethical issues or inappropriate behaviors, the university purchased the software in compliance with the Sarbanes-Oxley Act of 2002, the post-Enron legislation which requires companies and other institutions to handle any embezzlement allegations and protect the identity of whistleblowers. The university will still handle ethical issues with the protocol outlined in Seattle U’s code of conduct.

Reports submitted to EthicsPoint are forwarded to the administration.

Still, the outside approach to gathering complaints has sparked opposition from some members of the university community.

“When I first saw it, I thought they we were going to institute an honor code. I went back and read it, and I thought ‘My God, this is Orwellian,’” said David Madsen, history professor. “Where do these reports go […] who’s getting it?”

An institution using an independent program to oversee internal—and sensitive—affairs at the university is in no way unique. However, according to Jerry Huffman, assistant vice president of human resources, EthicsPoint is not only a secure alternative to traditional handling of ethics cases, but a preferable one.

Lies, Damn Lies and Statistics

Thu, 03 Dec 2009 00:00:00 GMT

Seems to be the season for publishing the results of surveys and other research - I just got finished reviewing PricewaterhouseCooper's excellent report, Image by TW Collins via FlickrThe Global Economic Crime Survey which contains some great data for those of us concerned about fraud and other financial misconduct to consider.One of the things that stuck out to me - especially considering the results from the ERC's 2009 National Business Ethics Survey - was that PwC did not see any statistical difference in the level of economic crime for companies that had suffered during the economic downturn from those that did not suffer. Hence, they conclude that economic crime remains a pervasive business risk, which does not discriminate among its victims based on the relative degree of their financial performance. They do note, however, that organizations sufferng from the downturn did report higher levels of accounting fraud.Among the other data I found interesting:Tips were the detection method in 34% of the cases - with the hotline system accounting for only 7% - reinforcing the need to both foster an environment in which your employees and others feel comfortable bringing issues forward in conversations as well as the need for a consistent approach to capturing and investigating these issuesWhile internal audit is consistently detecting less of the reported frauds over time, the combination of anti-fraud controls and a strong ethical culture appears to be improving the detection of economic crimeThere is a correlation between reported frauds and the frequency of fraud risk assessments - In other words, if you look for it, you will find it.Finally, and what should concern you if you hold a leadership position within your organization, respondents have consistently underestimated their exposure to fraud. Regardless of the research you're reviewing, the data is pretty compelling - fraud and other misconduct occurs in good economic times and bad. Having a strong ethical culture and good controls reduces the amount of fraud, and its associated losses. So what are you doing to reduce your risk?

Kroll Global Fraud Report 2009 / 2010

Wed, 02 Dec 2009 00:00:00 GMT

The global financial services industry saw a dramatic spike in fraud activity with companies losing an average of $15.2 million over the past three years, according to the 2009/2010 Annual Edition of Kroll's Global Fraud Report.

Despite sector-specific spikes and declines in fraud activity, the worldwide fraud rate remained steady in 2009. Companies lost an average $8.8 million to fraud over the past three years, an increase of seven percent over last year’s figure which stood at $8.2 million. The findings are the result of a survey Kroll commissioned from the Economist Intelligence Unit of more than 700 senior executives worldwide.

EthicsPoint and Kroll Expand Partnership to Help Companies Address Fraud and Other High-Risk Incidents

Tue, 01 Dec 2009 00:00:00 GMT

PORTLAND, Ore./New York —December 1, 2009 —EthicsPoint, a leading provider of hotline and anti-fraud reporting and technology services, and Kroll, the world’s leading risk consulting company, today announced their expanded partnership to provide organizations with the tools and support to properly resolve incidents ranging from employee misconduct to widespread fraud schemes.

Without processes to effectively detect, investigate and resolve incidents, companies are at risk of potentially significant financial losses and non-compliance penalties. Kroll and EthicsPoint are strengthening their partnership to address this gap, which has become more important with the rising incidence of corporate theft, misconduct and fraud in 2009.

“We are pleased to expand our partnership with EthicsPoint,” said Tim Whipple, President of Kroll’s Consulting Services Group. “EthicsPoint’s state-of-the art technology is a natural fit with Kroll’s suite of investigative and compliance monitoring services and will help our clients effectively manage their internal reporting requirements.”

As part of the agreement, Kroll and EthicsPoint will collaborate to share knowledge and research among their client base. The expanded alliance extends the client referral relationship globally to now include Asia alongside North America, Latin America and Europe, Middle East and Africa.

“Even with a strong internal investigation protocol in place, there are times when the risks and scale of an issue necessitate the engagement of third-party specialists,” said David Childers, CEO of EthicsPoint. “Kroll’s record and reputation for helping organizations navigate these sensitive situations makes us confident that they can help our customers fully review and resolve any high-risk issues.”

About EthicsPoint

EthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit www.ethicspoint.com.

About Kroll

Kroll, the world's leading risk consulting company, provides a broad range of investigative, intelligence, financial, security and technology services to help clients reduce risks, solve problems and capitalize on opportunities. Headquartered in New York with offices in more than 60 cities in over 29 countries, Kroll has a multidisciplinary team of approximately 3,000 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies, and individuals. Kroll is a subsidiary of Marsh & McLennan Companies, Inc. (NYSE: MMC), the global professional services firm.

For more information, visit www.Kroll.com.

Foreign Corrupt Practices Act (FCPA)

Wed, 25 Nov 2009 00:00:00 GMT

The Foreign Corrupt Practices Act of 1977 (FCPA) is a United States federal law known primarily for two of its main provisions, one that addresses accounting transparency requirements under the Securities Exchange Act of 1934 and another concerning bribery of foreign officials.

The anti-bribery provisions of the FCPA prohibit:

Issuers, domestic concerns, and any person from making use of interstate commerce corruptly, in furtherance of an offer or payment of anything of value to a foreign official, foreign political party, or candidate for political office, for the purpose of influencing any act of that foreign official in violation of the duty of that official, or to secure any improper advantage in order to obtain or retain business.

Environment Health and Safety (EHS)

Wed, 25 Nov 2009 00:00:00 GMT

Environment, Health and Safety (EHS) guidelines were created by the International Finance Corporation in 1998. Organizations based in the United States are subject to EHS regulations found in Code of Federal Regulations

Sarbanes-Oxley Act of 2002 (SOX)

Wed, 25 Nov 2009 00:00:00 GMT

The Sarbanes-Oxley Act (SOX), a federal securities law in the United States, was enforced in 2002, introducing major changes to the regulation of financial practices and corporate governance for publicly traded companies. It covers issues such as auditor independence, corporate governance, internal control assessment, and enhanced financial disclosure.

SOX is arranged into eleven titles. As far as compliance is concerned, the most important sections within these are often considered to be 302, 401, 404 (which no longer applies to small public companies with a public float below $75 million as of November, 2009), 409, 802 and 906.

Data Privacy Directive

Wed, 25 Nov 2009 00:00:00 GMT

The Data Protection Directive (officially Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data) is a European Union directive which regulates the processing of personal data within the European Union. It is an important component of EU privacy and human rights law. The directive was implemented in 1995 by the European Commission.

Federal Energy Regulatory Commission (FERC)

Wed, 25 Nov 2009 00:00:00 GMT

FERC is an independent agency that regulates the interstate transmission of natural gas, oil, and electricity. FERC also regulates natural gas and hydropower projects.

Personal Information Protection and Electronic Documents Act (PIPEDA)

Wed, 25 Nov 2009 00:00:00 GMT

The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian law relating to data privacy. It governs how private-sector organizations collect, use and disclose personal information in the course of commercial business.

In addition, the Act contains various provisions to facilitate the use of electronic documents. PIPEDA was passed in the late 1990s to promote consumer trust in electronic commerce. The act was also intended to reassure the European Union that the Canadian privacy law was adequate to protect the personal information of European citizens.

Federal False Claims Act

Wed, 25 Nov 2009 00:00:00 GMT

The False Claims Act is an American federal law which allows people who are not affiliated with the government to file actions against federal contractors claiming fraud against the government.

The act of filing such actions is informally called "whistleblowing." Persons filing under the Act stand to receive a portion (usually about 15-25 percent) of any recovered damages. The Act provides a legal tool to counteract fraudulent billings turned in to the Federal Government. Claims under the law have been filed by persons with insider knowledge of false claims which have typically involved health care, military, or other government spending programs.

Federal Anti-Kickback Satute

Wed, 25 Nov 2009 00:00:00 GMT

The federal anti-kickback law's main purpose is to protect patients and the federal health care programs from fraud and abuse by curtailing the corrupting influence of money on health care decisions.

Straightforward but broad, the law states that anyone who knowingly and willfully receives or pays anything of value to influence the referral of federal health care program business, including Medicare and Medicaid, can be held accountable for a felony.

Basel II Accord

Wed, 25 Nov 2009 00:00:00 GMT

Basel II is the second of the Basel Accords, which are recommendations on banking laws and regulations issued by the Basel Committee on Banking Supervision.

The purpose of Basel II, which was initially published in June 2004, is to create an international standard that banking regulators can use when creating regulations about how much capital banks need to put aside to guard against the types of financial and operational risks banks face. Advocates of Basel II believe that such an international standard can help protect the international financial system from the types of problems that might arise should a major bank or a series of banks collapse.

In practice, Basel II attempts to accomplish this by setting up rigorous risk and capital management requirements designed to ensure that a bank holds capital reserves appropriate to the risk the bank exposes itself to through its lending and investment practices. Generally speaking, these rules mean that the greater risk to which the bank is exposed, the greater the amount of capital the bank needs to hold to safeguard its solvency and overall economic stability.

Federal Acquisition Regulation (FAR)

Wed, 25 Nov 2009 00:00:00 GMT

The Federal Acquisition Regulation (FAR) is the principal set of rules in the Federal Acquisition Regulation System. This system consists of sets of regulations issued by agencies of the Federal government of the United States to govern what is called the "acquisition process," which is the process through which the government purchases ("acquires") goods and services.

That process consists of three phases: (1) need recognition and acquisition planning, (2) contract formation, and (3) contract administration. The FAR System regulates the activities of government personnel in carrying out that process. It does not regulate the purchasing activities of private sector firms, except to the extent that parts of it are incorporated into government solicitations and contracts by reference.

Financial Instruments and Exchange Law (J-SOX)

Wed, 25 Nov 2009 00:00:00 GMT

he Financial Instruments and Exchange Law is the main statute codifying securities law and regulating securities companies in Japan.

The law applies to:

Registration and regulation of broker dealers and their registered representatives

Disclosure obligations applicable to public companies, investment trusts and similar entities

Tender offer rules

Disclosure obligations applicable to large shareholders in public companies

Internal controls in public companies; in this role the law is often referred to as J-SOX, a reference to the American Sarbanes-Oxley Act (SOX).

Spanish Data Protection Act (LOPD)

Wed, 25 Nov 2009 00:00:00 GMT

The Spanish Constitution recognizes the right to personal privacy, secrecy of communications, and the protection of personal data.

The Data Protection Act (LOPD) brought Spanish law in line with the European Union Data Protection Directive. The LOPD applies to information held by the public and private sectors. The law establishes the right of citizens to know what personal data is contained in electronic records and grants citizens the right to correct or delete incorrect or false data in those records.

Additionally, the LOPD restricts the disclosure of personal information to a third party by requiring the consent of the individual to the specific purpose for which the data was collected. Additional protections are also provided for sensitive personal data.

North American Electric Reliability Corporation (NERC)

Wed, 25 Nov 2009 00:00:00 GMT

NERC reliability standards are developed using an industry-driven ANSI-accredited process that ensures the process is open to all persons who are directly and materially affected by the reliability of the North American bulk power system; is transparent to the public; demonstrates the consensus for each standard; fairly balances the interests of all stakeholders; provides for reasonable notice and opportunity for comment; and enables the development of standards in a timely manner.

Health Insurance Portability and Accountability Act (HIPAA)

Wed, 25 Nov 2009 00:00:00 GMT

The U.S. Department of Health and Human Services (“HHS”) issued the Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”)to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)

The Privacy Rule standards address the use and disclosure of individuals’ health information by organizations subject to the Privacy Rule, as well as standards for individuals' privacy rights to understand and control how their health information is used.

A major goal of the Privacy Rule is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and well being. The Rule strikes a balance that permits important uses of information, while protecting the privacy of people who seek care and healing. Given that the health care marketplace is diverse, the Rule is designed to be flexible and comprehensive to cover the variety of uses and disclosures that need to be addressed.

International Financial Reporting Standards (IFRS)

Wed, 25 Nov 2009 00:00:00 GMT

International Financial Reporting Standards (IFRS) are Standards, Interpretations and the Framework adopted by the International Accounting Standards Board (IASB).

Many of the standards forming part of IFRS were issued by the Board of the International Accounting Standards Committee (IASC)The IASC Foundation is an independent, not-for profit private sector organisation working in the public interest. Its principal objectives are:

to develop a single set of high quality, understandable, enforceable and globally accepted international financial reporting standards (IFRSs) through its standard-setting body, the IASB;

to promote the use and rigorous application of those standards;

to take account of the financial reporting needs of emerging economies and small and medium-sized entities (SMEs); and

to bring about convergence of national accounting standards and IFRSs to high quality solutions.

Equal Employment Opportunity Commission (EEOC)

Wed, 25 Nov 2009 00:00:00 GMT

The U.S. Equal Employment Opportunity Commission (EEOC) is a federal agency whose goal is ending employment discrimination. The EEOC investigates discrimination complaints based on an individual's race, color, national origin, religion, sex, age, disability and retaliation for reporting and/or opposing a discriminatory practice.

The Commission is also tasked with filing suits on behalf of alleged victim(s) of discrimination against employers and as an adjudicatory for claims of discrimination brought against federal agencies.

Commission nationale de l‘informatique et des libertés (CNIL)

Wed, 25 Nov 2009 00:00:00 GMT

The Commission nationale de l'informatique et des libertés or CNIL is an independent French administrative authority. CNIL's mission is to ensure that data privacy law is applied to the collection, storage, and use of personal data.

Created on January 6, 1978, CNIL aims to ensure that the development of information technology remains at the service of citizens and does not breach human identity, human rights, privacy or personal or public liberties.

Department of Transportation (DOT)

Wed, 25 Nov 2009 00:00:00 GMT

The Department of Transportation (DOT) is a government agency in North America devoted to transportation. The largest is the United States Department of Transportation, which oversees interstate travel. All U.S. states, Canadian provinces, and many local agencies also have similar organizations.

Stark III Law

Wed, 25 Nov 2009 00:00:00 GMT

Stark III is Phase III of the physician self-referral prohibition, commonly referred to as Stark II in recognition of the author of the original statute, California Representative Pete Stark.

Phase III changes became effective December 4, 2007. This regulation provides further clarifications and modifications to Stark II, especially regarding physicians in group practice and the relationships between physicians and hospitals.

Environmental Protection Agency (EPA)

Wed, 25 Nov 2009 00:00:00 GMT

The U.S. Environmental Protection Agency (EPA) is an agency of the federal government of the United States charged to protect human health and the environment, by writing and enforcing regulations based on laws passed by Congress.

The EPA was proposed by President Richard Nixon and began operation on December 2, 1970, when its establishment was passed by Congress, and signed into law by President Nixon, and has since been chiefly responsible for the environmental policy of the United States.

Federal Sentencing Guidelines

Wed, 25 Nov 2009 00:00:00 GMT

The Federal Sentencing Guidelines are rules that set out a uniform sentencing policy for convicted felons in the United States federal courts system.

The Guidelines are the product of the United States Sentencing Commission and are part of an overall federal sentencing reform package that took effect in the mid-1960's.

Americans with Disabilities Act (ADA)

Wed, 25 Nov 2009 00:00:00 GMT

The Americans with Disabilities Act of 1990 (ADA) was signed into law by President George H. W. Bush, and later amended with changes effective January 1, 2009.

The ADA is a wide-ranging civil rights law that prohibits, under certain circumstances, discrimination based on disability. It affords similar protections against discrimination to Americans with disabilities as the Civil Rights Act of 1964, which made discrimination based on race, religion, sex, national origin, and other characteristics illegal.

On September 25, 2008, President George W. Bush signed into law The ADA Amendments Act of 2008 (ADAAA). It is intended to give broader protections for disabled workers and "turn back the clock" on court rulings which Congress deemed too restrictive.

Federal Aviation Administration (FAA)

Wed, 25 Nov 2009 00:00:00 GMT

he Federal Aviation Administration (FAA) is an agency of the United States Department of Transportation with authority to regulate and oversee all aspects of civil aviation in the U.S.

The Federal Aviation Administration's major roles include:

Regulating U.S. commercial space transportation

Regulating air navigation facilities' geometry and Flight inspection standards

Encouraging and developing civil aeronautics, including new aviation technology

Issuing, suspending, or revoking pilot certificates

Regulating civil aviation to promote safety, especially through local offices called Flight Standards District Offices

Developing and operating a system of air traffic control and navigation for both civil and military aircraft

Researching and developing the National Airspace System and civil aeronautics

Developing and carrying out programs to control aircraft noise and other environmental effects of civil aviation

Data Privacy

Wed, 25 Nov 2009 00:00:00 GMT

Data privacy is the relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them.

Privacy concerns exist wherever personally identifiable information is collected and stored - in digital form or otherwise. Improper or non-existent disclosure control can be the root cause for privacy issues.

Data privacy issues can arise in response to information from a wide range of sources, such as:

Healthcare records

Criminal justice investigations and proceedings

Financial institutions and transactions

Biological traits, such as genetic material

Residence and geographic records

Ethnicity

The challenge in data privacy is to share data while protecting personally identifiable information. The fields of data security and information security design and utilize software, hardware and human resources to address this issue.

Lilly Ledbetter Fair Pay Act

Wed, 25 Nov 2009 00:00:00 GMT

The Lilly Ledbetter Fair Pay Act of 2009 is an Act of Congress enacted by the 111th United States Congress and signed into law by President Barack Obama on January 29, 2009.

The bill amends the Civil Rights Act of 1964 stating that the 180-day statute of limitations for filing an equal-pay lawsuit regarding pay discrimination resets with each new discriminatory paycheck. The law was a direct answer to the Ledbetter v. Goodyear Tire & Rubber Co., 550 U.S. 618 (2007), a U.S. Supreme Court decision holding that the statute of limitations for presenting an equal-pay lawsuit begins at the date the pay was agreed upon, not at the date of the most recent paycheck, as a lower court had ruled.

Patient Safety and Quality Improvement Act

Wed, 25 Nov 2009 00:00:00 GMT

The Patient Safety and Quality Improvement Act of 2005 (PSQIA) established a system of patient safety organizations and a national patient safety database. To encourage reporting and broad discussion of adverse events, near misses, and dangerous conditions, it also established privilege and confidentiality protections for Patient Safety Work Product (as defined in the act).

Securities and Exchange Commission (SEC)

Wed, 25 Nov 2009 00:00:00 GMT

The U.S. Securities and Exchange Commission (commonly known as the SEC) is an independent agency of the United States government which holds primary responsibility for enforcing the federal securities laws and regulating the securities industry, the nation's stock and options exchanges, and other electronic securities markets.

Currently, the SEC is responsible for administering seven major laws that govern the securities industry. They are: the Securities Act of 1933, the Securities Exchange Act of 1934, the Trust Indenture Act of 1939, the Investment Company Act of 1940, the Investment Advisers Act of 1940, the Sarbanes-Oxley Act of 2002 and most recently, the Credit Rating Agency Reform Act of 2006.

The enforcement authority given by Congress allows the SEC to bring civil enforcement actions against individuals or companies alleged to have committed accounting fraud, provided false information, or engaged in insider trading or other violations of the securities law. The SEC also works with criminal law enforcement agencies to prosecute individuals and companies alike for offenses which include a criminal violation.

2009 National Business Ethics Survey

Wed, 18 Nov 2009 00:00:00 GMT

The Ethics Resource Center began collecting data in the mid-1990s to assess the state of ethics in the American workplace. Its National Business Ethics Survey

® has been in the field every two years since 2003. Including surveys in 2000 and in 19941, this new NBES marks the sixth in the series. NBES is the essential tool ERC uses to collect national data and benchmark changes in employee attitudes over time. It provides both longitudinal data and a look at employee perceptions of topical issues of interest to researchers, management and employees

themselves.

In 2007, NBES benchmarking showed that key measures of workplace ethics had declined since 2005. The drop was steep enough that ERC warned in its report that year that misconduct appeared to have returned to “pre-Enron levels.”

2 We know now that within a few weeks of that report, in December 2007, the United States had begun to enter a severe economic recession that may be ending only now, 24 months later.3 What effect the recession has had on workplace ethics is the focus of this year’s report.

New EthicsPoint Software Updates Streamline Workplace Incident Management

Tue, 17 Nov 2009 00:00:00 GMT

Updates to Issue and Event Manager Enhance User Experience, Improve Productivity

PORTLAND, Ore. — November 17, 2009 —EthicsPoint, the global authority in hotline and anti-fraud reporting and case management services, today announced updated versions of its Issue and Event Manager (IEM) Professional and Enterprise solutions. The updates to IEM Professional and Enterprise are based on customer feedback and requests, and reflect EthicsPoint’s commitment to quality through continuous improvement and feature enhancements that deliver efficiency and productivity gains in workplace incident management.

The EthicsPoint Issue and Event Manager solution is designed to provide a framework for companies to manage the complete lifecycle of incident management, from reporting through the investigation, documentation, resolution and analysis process. Enhanced analytics features in the Fall 2009 release enable data trending analysis for ongoing ethics and Governance, Risk and Compliance (GRC) program improvement. Updates to dynamic browse-and-filter functionality, including a redesign of the Assignments Tab and edits to Grid Controls, help users investigate issues more quickly and easily. Within the report intake process, updates to the Information Contributor feature and the Reporter Follow Up user interface are designed to streamline workflow within the investigation process.

“Our latest release addresses specific requests and needs raised by our customers. Because EthicsPoint has a broad client base from a range of industries, it is vital that we continue to adapt and improve our solutions to meet their needs,” said David Childers, CEO of EthicsPoint. “IEM is designed to help companies of all types and sizes efficiently manage reports of code of conduct violations and inform corporate ethics and compliance initiatives.”

Improvements to IEM Professional and Enterprise in the Fall 2009 release include:

Redesign of Assignments Tab: The Assignments area now has the ability to drag and drop columns, filter data in-line and group information as with the other grids.

Improvements to Grid Controls: A paperclip icon has been added to the dynamic browse and filter grid control to provide a visual indication that one or more attachments have been added to a case.

Enhancements to the Information Contributor: The Information Contributor functionality has been enhanced to include all cases regardless of intake type. This includes both Hotline and Report form methods.

User Interface Enhancements: The Reporter and Reporter Follow Up area of Issue and Event Manager has been modified to provide the reporter with a more consistent and intuitive interface.

About EthicsPoint

EthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit www.ethicspoint.com.

Contact:

Toni Cole, Edelman

503-471-6841

toni.cole@edelman.com>

Quick Links

Tue, 10 Nov 2009 00:00:00 GMT

I've come across a number of really great research reports over the past few weeks, and wanted to share them with you. In each case I'm finding myself going back and finding a new nugget that directly relates to Governance, Risk and Compliance, and the challenges our customers and prospects face. I'd encourage all of you to download these reports if you have already done so.

Kroll Global Fraud Report

This is the latest of the Kroll Fraud reports, where they survey hundreds of senior executives across the world to understand the impact of fraud and corruption both in individual industry segments and in specific geographic regions. One of the things that stood out to me on first reading was that the overall incidence of reported fraud did not increase significantly during the past year, despite what was expected. But there are differences across the different industries and countries worth understanding.

If you'd like to get a quick overview of the contents in the report, you can attend a webinar we are hosting with Blake Coppotelli and David Holley of Kroll.

Transparency International's Global Corruption Report 2009

Learned about this one from the excellent FCPA Blog. This is a really comprehensive report (weighs in at 496 pages!) which definitely requires multiple visits. But to give you a taste of what's inside, consider:

90% of the top 200 businesses worldwide have adopted business codes, but fewer than half report they monitor compliance!Companies with anti-corruption programs and ethical guidelines are found to suffer 50% fewer incidents of corruption. While that may seem obvious -especially based on other research - the question I would have is why, then, do not all companies have business codes, and why do relatively so few monitor compliance?Fulbright's 6th Annual Litigation Trend Survey

Stumbled on the 5th annual survey last year, so was pleased to learn the latest version is out. Interestingly, as opposed to what Kroll reports, this survey of mostly General Counsels, Head of Litigation, and people with titles just below those (e.g. Senior Counsel, Associate General Counsel, etc.) reported that the incidence of companies reporting corruption/bribery investigations over the past 12 months has nearly doubled since last year! But bribery/corruption is not the only thing with which these respondents are challenged. According to the survey 40% have seen increases in wage & hour, multi-plaintiff and employement cases over the past year.

As I said, there is a lot of great information in these reports - hopefully you'll learn something as well!

University buys online ethical watchdog service

Tue, 10 Nov 2009 00:00:00 GMT

EthicsPoint to aid whistleblowers reporting university abuse

"Students and faculty who suspect ethical misconduct on campus can now act as private whistleblowers and instigate ethical investigations, all with the click of a mouse.

President Stephen Sundborg. S.J. announced Oct. 28 Seattle University will use the external and Web-based EthicsPoint as a tool to safeguard against unethical acts of faculty and staff. But students and professors were left scratching their heads as to the reasoning behind the new ethical policy.

The site allows the user to make claims based on a variety of ethics complaints ranging from conflict of interest to sexual harassment to recruiting misconduct..."

Questions from the Front Lines: Real-World Issues in Workplace Investigations

Tue, 20 Oct 2009 20:48:18 GMT

Join us for a relevant, practical discussion of some of the real-world issues investigators face, led by Meric Bloch, one of EthicsPoint’s most popular presenters. The content comes directly from questions asked by people just like you who attended Meric's past speaking engagements. The questions are practical, and the answers draw upon what Meric learned from writing, speaking and conducting over 400 workplace investigations.

University Hotline Available For Reporting Financial Concerns

Thu, 15 Oct 2009 00:00:00 GMT

9:01 a.m., Oct. 14, 2009----The University has a Compliance Hotline, designed to give individuals an additional avenue for reporting concerns they may have about financial, accounting and auditing issues at the University.

The hotline, operated through a national company called EthicsPoint, allows individuals to report any suspected financial irregularity confidentially and anonymously.

“The use of such anonymous reporting systems is a 'best business practice' and has been recommended for all organizations by the American Institute of Certified Public Accountants,” Edward J. Drozd, director of Internal Auditing at the University, said.

“We have a responsibility to our colleagues and the public to ensure that University funds are being used in accordance with legal and contractual requirements. This hotline will help identify issues that can improve our environment.”

University employees are encouraged to continue to report financial concerns through the standard chain of command or by contacting UD Human Resources or the Internal Auditing Department. For those who do not feel comfortable with the standard methods, the Financial Compliance Hotline is an additional option.

Reports, which can be made by anyone -- employees, students and vendors -- may be made 24 hours a day, seven days a week, via telephone or on the World Wide Web. The toll-free telephone number is 1-888-366-6033, and the Web site may be reached by going to [www.udel.edu/compliance]. Individuals may use any computer with Internet access; it does not have to be a University computer.

Reporting categories relate to internal control and financial matters including fraud, abuse of University resources, improper handling of gifts and improper accounting.

The EthicsPoint system uses state-of-the-art security features, including passwords, encryption and firewalls, to protect the anonymity and confidentiality of those making reports. Individuals may identify themselves if they choose to do so, or remain anonymous. Each person who files a report creates a private password and is assigned a unique identifier for secure communication and access to the system.

Notification of reports goes to UD's Internal Auditing Department, where experienced professional internal auditors will conduct necessary investigations to ascertain the facts in each case. Reports will be handled promptly and discreetly. No retaliatory action will be taken against anyone for reporting or inquiring in good faith about potential breaches of UD financial standards.

Prolifiq and EthicsPoint Announce Partnership: `Automatic Alerts´ Help Life Sciences Engage in Good Promotional Practices

Fri, 09 Oct 2009 00:00:00 GMT

WASHINGTON, Oct. 12 -- Today at the annual AdvaMed medical technology industry conference, Prolifiq (booth #219), leading provider of Good Promotional Practices software, announced a partnership with EthicsPoint, the global authority in integrated hotline and case management solutions. Together, the companies will offer an important layer of compliance monitoring to help Life Sciences companies cope with the myriad of government regulations covering the distribution of promotional, educational, and scientific information.

Prolifiq is used by Life Sciences sales professionals to deliver critical information to health care practitioners. An embedded rules engine monitors the communication to ensure that it adheres with established norms for Good Promotional Practices (GPP). With this partnership, Prolifiq will send automatic alerts to a company's EthicsPoint dashboard if communication patterns fall outside pre-defined boundaries. The alerts will trigger follow-up by a compliance officer, who will use EthicsPoint Case Management solution to process and document their assessment.

"We are hearing firsthand that life sciences companies want to provide scientific, promotional, and educational materials to health care practitioners, but are finding it increasingly difficult to do so with the ever-changing and strict rules and requirements for content dissemination," said Jeff Gaus, CEO of Prolifiq. "Our goal is to make it easier for companies to better gauge and monitor their internal-external communications. Together with EthicsPoint, we offer a closed loop solution that covers planning, organizing, delivering, and proactively monitoring and resolving compliance anomalies with health care practitioners."

"We're excited to add yet another layer of compliance monitoring to our Case Management solution set," said David Childers, CEO of EthicsPoint. "Our Life Science customers will benefit from adding another proactive tool that helps them build automatic compliance monitoring into a business process that is so critical to their growth."

Recent industry developments including corporate integrity agreements, FDA Good Reprint Practices, and other guidance, have added greater detail to some of the practical issues that Life Sciences companies must consider when implementing their compliance policies and procedures. A whitepaper detailing how to navigate compliance challenges of product-related communications, including how to incorporate Good Promotional Practices is available for free to download at http://tinyurl.com/yd8zz42.

About Prolifiq

Prolifiq helps sales professionals use digital content in their communications with customers and prospects. Used in highly regulated environments such as Life Sciences and competitive industries such as Technology, Prolifiq's messaging solutions help sellers match approved content to their selling conversation, wrap it in branded messages and measure the effectiveness of their communications. Customers include: AtriCure, Cisco Systems, GE, The BBC, Associated Press, and Getty Images. For more information, visit www.prolifiq.net/lifesciences

About EthicsPoint

EthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by facilitating the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,200 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts. For more information, visit www.ethicspoint.com.

HCCA 14th Annual Compliance Institute Conference

Tue, 06 Oct 2009 16:09:09 GMT

EthicsPoint will be exhibiting at HCCA's 2010 Annual Compliance Institute Conference.

The New Normal

Thu, 01 Oct 2009 00:00:00 GMT

With Less, Do More

The other day I read Microsoft CEO Steve Ballmer’s latest executive e-mail, entitled The New Efficiency. A few of his thoughts resonated with me, and in my opinion, have broad applicability to the market segments and business functions we serve at EthicsPoint. I’d encourage you to read all his comments, but want to highlight a few here.

Ballmer’s email starts with,

In all the talk about the economy, one term that comes up more and more frequently is something called “the new normal.” I like this phrase because it speaks to the fact that economic reality has undergone a fundamental shift over the course of the past 12 months.

So what is the nature of this shift? After years of economic expansion fueled by unrealistic rates of consumption and unsustainable levels of private debt, the global economy has reset at a lower baseline level of activity. Today, people borrow less, save more, and spend with much greater caution.

This is the new normal and it will be with us for some time to come. The issue now is how to respond.

I think Mr. Ballmer is spot on with this line of thinking – despite some encouraging signs of economic recovery, I think it’s going to take longer and be more difficult than any of us want, and even after the recovery has been achieved, the marketplace in which we all compete will be completely different than it was prior to the meltdown.

Mr. Ballmer goes on to stress the importance of cutting costs, but points out that no company ever cut their way to greatness. Rather, to ultimately succeed, you need to do two things – increase productivity and provide value to your customers – the trick is how you achieve these two objectives simultaneously. He writes:

For years, we’ve talked about how information technology enables companies to do more with less. But during this economic reset, IT provides business leaders with the answer to a slightly different question: Can my company with less, do more?

Other trends give this question even greater urgency. Workforces are more distributed and employees are more mobile. Government regulations are increasing and compliance requirements are mounting. Data security is more important to preserve and more difficult to maintain.

At EthicsPoint, we’re seeing Mr. Ballmer’s comments play out in our customer base every single day. Compliance mandates are mounting, governmental enforcement is strengthening (witness the increase in FCPA prosecutions and Corporate Integrity Agreements), rates of employee misconduct – if not increasing – are at least holding steady, and compliance, audit, HR and other budgets are being cut. The only way to effectively manage in this environment is to find ways to build efficiencies into your processes – increase the level of collaboration, communication and insight across the enterprise, while eliminating waste, and the barriers that create and maintain organizational silos.

As I’m going through our own internal 2010 budgeting and strategy-setting sessions, I’m challenging myself and my team to think about Ballmer’s question: how can we – with less, do more?

What are you doing?

"Whistleblower" hotlines show participant concerns.

Mon, 28 Sep 2009 00:00:00 GMT

Institutions can receive reports, track investigations

When a human subjects protection program wants to ensure that participants have a confidential means of reporting concerns about studies, one alternative is a commercial "whistleblower"

hotline service, which provides anonymity to callers.

Some institutions have gone further, employing a service that not only provides a phone and online reporting capability, but the ability to track what kinds of complaints the institution receives to look for trends and possible solutions.

Representatives of EthicsPoint, a Lake Oswego, OR- based company, say more than 200 colleges and universities use their service to log reports about everything from financial misconduct to NCAA violations. At many schools, they also are a conduit for participants and others involved in human subjects research to report serious concerns about studies.

Cornell University in Ithaca, NY, recently started putting out information to participants in informed consent documents about the availability of the EthicsPoint hotline, says Matthew Aldridge, senior IRB administrator for Cornell's Ithaca campus.

"If our office exists for the effort of maintaining the public trust in the research enterprise, then it behooves us to say we will take extra steps to make sure we have independent and anonymous (if wanted) reporting processes," Aldridge says. "People who have concerns can address them without feeling the risks of any sort of repercussion..."

City Waste Hides in Plain Sight

Thu, 17 Sep 2009 00:00:00 GMT

September, 16 2009

Ever since Deborah Edgerly left her post as City Administrator last year amid suspicion of nepotism and other shady dealings, Oakland city officials have been noisy about their resolve to root out corruption in City Hall.

At next Tuesday night’s Oakland City Council meeting, Courtney Ruby, the City Auditor, will debut a program aimed at curbing bad behavior on the part of city employees. The Fraud, Waste and Abuse (FW+A) Prevention program allows City employees and citizens to anonymously report violations while maintaining confidentiality during the investigation. The program comes about one year after Oakland City Council passed a whistleblower ordinance, which protects City employees who report abuses from retaliation, and created a formal process for abuses to be reported and investigated. The program has a budget of $250,000 a year.

At the beginning of this year, in the aftermath of Edgerly’s departure, the City Auditor launched a hotline for people to report hiring abuses. The office received 53 reports. A hotline for all abuses, which started in July, has received nearly 40 reports. The Oakland City Auditor has also contracted with a company called EthicsPoint to process reports.

But the biggest waste in City Hall hardly needs a hotlineor a website for anonymous and confidential reporting. As A Better Oakland wrote when the scope of the city’s budget crisis first started to emerge, Oakland’s city government is unusual. Consider these figures: The average monthly salary for Oakland City employees in 2006 was $7,726, the highest in the country. Between 2000 and 2006, Oakland’s government payroll grew from $24 million to $44 million. The City’s number of full-time employees rose from 4,200 to 5,700 during the same period. It would be hard to find an Oakland resident who would say that City services have risen commensurately.

Society of Corporate Compliance and Ethics - Compliance and Ethics Institute

Tue, 15 Sep 2009 20:15:57 GMT

EthicsPoint will be exhibiting at the Society of Corporate Compliance and Ethics (SCCE) - Compliance and Ethics Institute

<a href="http://www.ethicspoint.com/article/meric-bloch-how-to-avoid-15-common-pitfalls-that-undermine-workplace-investigations"><img src="/images/meric-small-promo.png" /></a>

Gain Insight and Efficiency by Taking a Consistent Approach to Campus Incidents

Tue, 15 Sep 2009 00:00:00 GMT

In order to gain insight into potential organizational risk, a major public university system in southern United States recently conducted a survey to understand how faculty, staff and students reported potential issues across their various campuses. Specifically, the survey focused on what happened when someone observed a violation of the university’s policies, e.g. financial fraud, student safety, research impropriety, discrimination, and more.

Based on results from this study, university leaders noticed two critical weaknesses that exposed the whole system to an unacceptable level of risk

How to Avoid 15 Common Pitfalls that Undermine Workplace Investigations

Thu, 10 Sep 2009 00:00:00 GMT

Companies routinely conduct internal investigations of suspected workplace misconduct. When done well, investigations offer a significant return on investment because the investigation determines both whether misconduct occurred and identifies areas of unacceptable business risk.

All too often, however, compliance professionals make predictably wrong assumptions about their investigations processes. This compromises the utility of their workplace investigations and minimizes the ROI contribution.

Business Officer Magazine, a NACUBO Publication | Do the Right Thing

Fri, 04 Sep 2009 00:00:00 GMT

Find out how talking, training, and technology can create environments that engage everyone in the business of ethics.

How sure are you that your staff will report potentially improper behavior? Find out how talking, training, and technology can create environments that engage everyone in the business of ethics.

You've read the headlines: “University Administrator Sentenced in $175K Embezzlement Case”; “Bookkeeping Supervisor Accused of Theft”; “Official Defends Work as a College Trustee”; “Man Pleads Guilty to Higher Education Student Assistance Fraud and Identity Fraud.”

Most likely, your immediate reaction is, “Not here. That wouldn't happen at my institution. After all, my staff know better—don't they?”

Even if you are confident about the standards and practices established in your office, fostering ethical behavior in the workplace is an ongoing requirement. After all, staff come and go, and economic conditions like the ones we face now can lead people to consider desperate measures.

According to the Association of Certified Fraud Examiners' 2008 Report to the Nation on Occupational Fraud & Abuse, occupational frauds were most often committed by accounting departments or upper management. The ACFE's report also indicated that occupational fraudsters are generally first-time offenders. And another of the study's findings underscores the importance of making ethics part of your institution's culture: “...occupational frauds are much more likely to be detected by a tip than by audits, controls, or any other means.”

Most higher education institutions have gone to great lengths to develop honor codes or policies on academic integrity to encourage ethical behavior from students and faculty. But what measures have been put in place to foster and reinforce similar behavior among professional staffs? Have you considered what your role is in establishing an office where standards and requirements are clear, expected, and supported? People may know right from wrong, but situations outside established boundaries are bound to erupt. How sure are you that employees will make you aware when they observe potentially improper behavior?

These are questions you cannot afford to leave unanswered. Addressing ethical issues is part of managing risk proactively before you are confronted with a crisis. Here's a look at how some of your colleagues are fostering ethical environments on their campuses.

Lead by Example

“It's very important for me and my directors to model ethical behavior,” says Sheri J. Tonn, vice president for finance and operations at Pacific Lutheran University (PLU), Tacoma, Washington. “Managers cannot look the other way. There has to be equitable treatment for everyone—and that goes for everyday behavior as much as for responses to big events. In my office,” says Tonn, “I try to demonstrate openness, consistency, and fairness when discussing ethical issues with my directors. I am direct and encourage that same behavior in others. Also, when taking action in difficult and emotional situations, it is important to stay calm and base decisions on university policies.”

To emphasize ethics in leadership, PLU has established a program that enrolls 15 to 20 staff members each fall based upon the recommendations of their supervisors. “We want to make sure people know how to respond to these [difficult] situations appropriately,” says Tonn.

About 150 administrators have completed the yearlong program, based on the text The Leadership Challenge, by James M. Kouzes and Barry Z. Posner (Jossey-Bass, 2008), which is supplemented by several shorter reading assignments. Sessions include many mini-case studies on conflict resolution and ethical questions, says Tonn, and participants work in small groups to discuss how they, as supervisors, would handle difficult situations based on the advice provided in the materials as well as on the university's existing policies. Case studies focus on theft, safety violations, dishonesty, underperformance, and similar workplace issues.

When it comes to setting the tone for ethical behavior, all eyes are on those in leadership. “What managers do is much more important than what they say,” emphasizes Kevin Robinson, executive director of internal auditing at Auburn University, Alabama. “You have one dean trying to do the right thing, but people know of other situations where matters are handled inappropriately. It quickly undermines your controls if everyone is not on board.”

Fortunately, says Robinson, some experiences at Auburn have underscored the coordinated efforts of the university's leaders. “A few years ago,” he explains, “we had a situation within one division in which a federally sponsored program had expended money inappropriately. It was a fairly small program, and it's even doubtful the federal agency would ever have known. Yet, our administrators were all on the same page as to the right thing to do—namely, to make things right.” That's the kind of action, notes Robinson, that can help improve a control environment and ensure that everyone involved recognizes the importance of ethical behavior.

Put simply: “Leadership has to stand up and set the standard for ethical behavior,” says Tom Champoux, president of the Effectiveness Institute, Redmond, Washington. “Leaders have the responsibility to create a culture in which asking questions is standard operating procedure. Just following the rules is a cop-out. They must challenge employees to ask, ‘What's the right thing to do?’” Then, says Champoux, you must be ready to hear and respond to the answers.

Detecting Fraud

Wed, 02 Sep 2009 00:00:00 GMT

KPMG released their Fraud Survey 2009 the other day. Among some of their findings were:

Nearly a third of executives expect some form of fraud or misconduct to rise in their organizations

66% of respondents reported that inadequate internal controls or compliance programs at their organizations enable fraud and misconduct to go unchecked.

Roughly a quarter of respondents lack effective protocols on how investigations should be conducted and what point the board of directors should be alerted to potential concerns. (check out our website in the next few days to sign up for a webinar addressing internal investigations)

There was a lot of thought-provoking data in addition to the stats above. But the one thing that got me thinking was their finding that 47% of executives believed that Internal Audit, Legal or Compliance would be the most likely to uncover fraud in their organization - the number one source for detection. Yet they note in their report that this contrasts with the findings in both the ACFE Report to the Nation 2008 (tips were identified there as the number one source) and their own KPMG Integrity Survey 2008-2009 that cited Internal Audit as among the least likely channels to which employees would feel comfortable reporting misconduct.

From an EthicsPoint perspective, we've always said the venue is not important - whether fraud is detected by people reporting via a hotline, though face to face conversations with their manager, HR or other appropriate personnel, through controls or other methods - what's important is that your organization have a strong ethical culture, a way to collect reports of misconduct, and a system to consistently investigate, document, resolve and ultimately analyze each report.

But I'm curious as to your reactions - In your own organization or experience, what do you think is the most important channel for detecting fraud?

Staples’ Secret Weapon

Wed, 02 Sep 2009 00:00:00 GMT

In the case of Staples, the world’s largest office supply retail store chain, the most effective weapon in the armory is the company’s soul.

What makes a company a leader? Depends on what’s in its arsenal.

The chain’s CEO Ron Sargent once said that to continue its growth path and build an enduring company, Staples would have to have a “corporate soul.”

Accordingly, in 2004, Staples created its first-ever ethics office and named Nan Stout, the company’s internal employment attorney since 1994, the ethics officer.

What does an ethics officer do? Besides creating and maintaining programs designed to promote ethics and integrity across the organization, Stout also takes the lead, along with the VP of loss prevention, in circumventing shrinkage. She is especially involved in a new effort to combat employee fraud—and in today’s economy, that is no small task. In 2008, theft by employees accounted for a staggering $15.9 billion in retail losses, according to statistics compiled by the National Retail Security Survey. Experts suggest that the downturn will only cause those numbers to escalate further.

To mitigate internally generated shrinkage and promote associate accountability, Staples has implemented a program (see related story below) to prevent and detect employee theft and maintain a consistent ethical culture across all of its stores and operations. Under Stout’s watch, the program is having an effect, even though employee theft is on the rise. Senior editor Katherine Field talked with Stout about Staples’ loss-prevention programs and the company’s stand on ethics, integrity and corporate soul...

Social networking: Cornerstone for your “new” compliance program

Tue, 01 Sep 2009 00:00:00 GMT

We live in a new world of communication and information sharing. In the last 24 hours, over 900,000 new blog posts were written – a majority of them about product or service information, idle chatter, or personal experiences with  companies and their employees. In fact, by the time you finish this paragraph, two new blog sites will be created.

Blogs (short for web-log) are just one part of the 21st century’s online conversation. This conversation includes an array of networking tools, blogs, bookmarking sites, and other social media resources. It is part of what’s known as “Web 2.0,” a term that describes new ways people learn and interactively share information through the Internet. These online conversations are fast, expansive, and crucial to be a part of, and if you are like most compliance professionals, you are neither aware nor involved enough.

KPMG Fraud Survey 2009

Thu, 27 Aug 2009 00:00:00 GMT

"Amidst the current economic downturn, and the pledges of renewed vigor of regulatory enforcement, our 2008–2009 Fraud Survey reveals serious challenges confronted by leaders in the public and private sectors. Since the latest economic downturn began, vast sums of market capitalization have been wiped out. Trillions more have been committed to stabilizing financial institutions, injecting liquidity into the capital markets, and jumpstarting the economy through infrastructure spending programs. The aftermath of the downturn has further uncovered numerous Ponzi schemes that caused investors to watch billions more vanish.

Aside from questioning where yesterday’s money went, many remain concerned about where tomorrow’s money is going. To be sure, record levels of government spending may usher in record levels of fraud, waste, and abuse. Deals made to offload toxic assets may be exposed to self-dealing. In those industries outside the center of direct government intervention, managers may face downward pressure to do whatever it takes to “make the numbers” as analysts and creditors scrutinize financial results. And for those companies operating outside the United States, increased investigation and prosecution of anti-bribery and corruption laws mean employees and agents may trigger risks like never before.

Our survey reveals the perceptions of senior executives across this new landscape as they consider the nature of fraud and misconduct risks in their organizations going forward, and the challenges they confront in their efforts to prevent, detect, and respond to such risks..."

Association of College and University Auditors Annual Conference

Tue, 25 Aug 2009 12:25:37 GMT

EthicsPoint will be exhibiting at the Association of College and University Auditors (ACUA) - Annual Conference.

Digital Law & Social Media at Engage Expo - San Jose

Mon, 24 Aug 2009 20:29:30 GMT

Amanda Mayhew, our EthicsPoint General Counsel, will be speaking at Engage Expo in San Jose

MSU rolling out ethics, integrity initiatives

Sun, 23 Aug 2009 00:00:00 GMT

A year after a landscaping scandal led to the retirement of a longtime university leader, Mississippi State University is looking to improve the ethical culture on campus.

"We want to assure everyone that Mississippi State is above reproach," MSU President Mark Keenum said.

The university is rolling out new ethics and integrity initiatives that include increased employee training and the creation of a third-party reporting system and new whistle-blower policy.

"Whether you've had a problem recently or not, this is something that should be addressed," Higher Education Commissioner Hank Bounds said. "It's really good common sense work that we should all be doing."

...

Rightsizing the Internal Audit Function for Higher Education

Fri, 21 Aug 2009 14:58:50 GMT

How much of your higher educational institution’s resources should be dedicated to the internal audit function?

<div style="margin:4px 0;color:red">Unfortunately due to technical difficulties there is no audio available for this webinar.</div>

American Health Lawyers Association Fraud and Compliance Forum

Fri, 21 Aug 2009 10:58:43 GMT

EthicsPoint will be exhibiting at the American Health Lawyers Association (AHLA) - Fraud and Compliance Forum

Ethics and Compliance Officers Association 2009 Annual Business Ethics & Compliance Conference

Fri, 21 Aug 2009 10:53:48 GMT

EthicsPoint will be exhibiting at ECOA's 2009 Annual Business Ethics & Compliance Conference.

Focus On Call Center Services - Web Exclusive!

Thu, 20 Aug 2009 00:00:00 GMT

Many retailers operate hotlines to provide employees, suppliers, and customers with a way to confidentially and anonymously report misconduct or policy violations. Coldwater Creek is one such retailer. But when Divisional VP of Internal Audit Fred Halpin found effectiveness and efficiency problems with the retailer’s homegrown management-operated voicemail-based hotline, he knew it was time to overhaul the problematic system.

Ethics 101: New training works to promote integrity

Wed, 19 Aug 2009 00:00:00 GMT

With the Monday start of the fall semester, Mississippi State University unveils a new training program, reporting system and policy changes to better promote ethics and integrity at the university.

“At Mississippi State, we take seriously our commitment to being responsible and ethical, and I believe each member of our community is a part of that effort,” said MSU President Mark Keenum.

MSU’s departments of internal audit and human resources management, along with the general counsel’s office, recently conferred with an authority in the field to develop content for broad-based training related to ethical situations that might be encountered and how they relate to applicable laws, regulations and policies.

Beginning Sept. 15 for non-academic administrators, human resources staff members will begin online training and, later, class discussions of case studies.

In addition to training, a new ethics reporting system officially approved by Keenum is providing a way to anonymously address potential issues of waste, fraud or unethical actions. The new Web-based MSU Ethics Line is the first independently operated reporting service at a Mississippi public university.

The reporting Web site, www.msstate.ethicspoint.com, is independently operated by EthicsPoint of Lake Oswego, Ore., a company serving more than 2,000 clients nationwide, including more than 300 colleges and universities. Anonymous reports also may be made by telephoning toll-free 877-310-0424.

Reporting Wrongs with a Mouse and a Click

Wed, 19 Aug 2009 00:00:00 GMT

5Teachers College has launched a Web site and telephone hotline that provide faculty, staff and students a way to anonymously and confidentially report allegations of misconduct or fraud in areas ranging from finance and accounting to environmental health and safety.

The site and hotline were created in partnership with Portland, Oregon-based EthicsPoint Inc., which has developed similar reporting systems for educational institutions across the country, including Cornell University, Georgetown University and the University of Pennsylvania.

The development of the reporting system comes amid TC’s continuing efforts to promote safety, security and ethical behavior. Indeed, the site and hotline were not developed in response to any action or event, but instead are designed to be an additional resource for employees, one that draws on best practices and the latest in technology.

“I want to make it very clear that this service is a proactive measure rather than a reaction to any breach of conduct,” states TC President Susan Fuhrman in a letter to the TC community that can be found on the new site. “While I hope and expect that few of us will ever need to use the hotline, I am pleased that we can provide it and enable all members of our community to feel protected and empowered in upholding the College’s high ethical standards.”

Employees are still encouraged to speak with their managers first should there be an issue of concern, but if there is a need for anonymity, the new online site and hotline number provide an easy and effective way to report an incident. The new reporting system is specifically for issues related to finance, accounting, environmental health and safety. Existing reporting methods for such things as harassment and other grievances remain in place.

TC has been working with EthicsPoint for several months to tailor the portal for the needs of the College. As structured, the site gives users the option of calling the hotline number without having to identify themselves or simply filling out a report online. (The site is hosted on EthicsPoint’s server and thus is not part of TC’s Web site.) To file a report, users are given the option of clicking on either Accounting and Financial or Environmental Health & Public Safety.

From there, users have the option of clicking on a range of specific reporting areas that include everything from Conflict of Interest and Theft/Embezzlement to Student Safety and Unsafe Working Conditions. The online forms themselves ask users a number of questions and request various details about the incident.

Once the report is submitted, the system automatically issues the user a unique code, known as a “report key,” that the person can then use to log onto a secure section of the site after 10 business days to check if there are any follow-up questions or submit more information. Users can opt to remain anonymous throughout the entire process.

Any report submitted through the site automatically enters a centralized database and is then routed to appropriate personnel to investigate. The online system is robust enough that it can detect a potential conflict of interest of anyone who is responsible for investigating an incident and route the report to only those who are clear of any potential conflicts.

Treasury & Risk - Tool Time

Tue, 18 Aug 2009 00:00:00 GMT

EthicsPoints recent IEM launch was included in Treasury & Risks weekly Tool Time round-up. Except below:

"EthicsPoint has enhanced its application that helps companies with hotline and anti-fraud efforts keep track of hotline reports and follow-up investigations, as well as the reporting and data analysis involved. Portland, Ore.-based EthicsPoint's Issue and Event Manager now has a dashboard that users can alter to display the information they need most. The upgrade also provides more ways to analyze data sets, more pre-formatted charts and graphs, improvements in the user interface and performance enhancements."

EthicsPoint Listed in This Year's Inc 500/5000

Thu, 13 Aug 2009 00:00:00 GMT

EthicsPoint's Business Model:

Publishes software that helps its clients protect their culture and reputation by automating the business processes involved in identifiying, reporting, investigating, and resolving code of conduct violations. More than 2,000 organizations across all industries use EthicsPoint\'s telephone hotline, Web-based reporting, and case management services as a component of their overall governance, risk, and compliance efforts.

Organizations Turn to EthicsPoint Professional Services to Optimize Compliance Initiatives

Wed, 05 Aug 2009 00:00:00 GMT

Implementation and consulting services align people, processes and technology for sustainable risk management

PORTLAND, Ore. — August 5, 2009 —EthicsPoint, a leading provider of hotline and anti-fraud reporting and case management services, today announced the expansion of its Professional Services Organization (PSO) to include additional services that help clients develop and improve Governance, Risk and Compliance (GRC) programs. Based on a proven methodology and experience gained from over 2000 client implementations of EthicsPoint Issue and Event Manager (IEM) Software, the company’s PSO now delivers hands-on consulting to help organizations build a business culture of integrity and compliance.

With employee fraud and misconduct predicted to rise due to the economic downturn, ethics and compliance programs form an important part of corporate efforts to manage risk. To help existing customers maximize their GRC program effectiveness, EthicsPoint PSO is offering new Program Optimization services. As part of this service, EthicsPoint consultants conduct a comprehensive evaluation of client business objectives and program needs and deliver recommendations and guidance on program improvements, including how to take advantage of unused functionality within their current EthicsPoint program, upgrading to an advanced application or integrating with other GRC systems.

Design and Deliver a Clear Governance Framework for Success EthicsPoint’s solutions consultants provide a range of implementation services, training and product support. Drawing upon its experience working with stakeholders spanning industries from health care to manufacturing, the Professional Services team partners with clients to understand business challenges, define the core objectives and develop a clear governance framework that will provide ongoing support to manage organizational risk.

EthicsPoint consultants systematically assess client program requirements and align them with current and future business objectives to deliver a readily adoptable, efficient implementation. With a system that is intuitive and easy-to-use, users can quickly access and analyze information to gain insights into current ethics issues and plan improvements that will minimize the company’s risk exposure.

A Guide to Improving Culture and Managing Risk Formed in April 2008, EthicsPoint’s PSO has grown by over 150 percent in the last 12 months. The Professional Services team comprises corporate governance and ethics professionals dedicated to helping EthicsPoint customers design GRC programs that incorporate EthicsPoint hotline and case management solutions into the company’s overall compliance framework, delivering value that goes deeper than basic product support.

The EthicsPoint approach to professional services is based on a closed-loop methodology that incorporates four major components:

Alignment of priorities with Governance, Risk and Compliance processes and initiatives

Awareness of concerns, losses, events and organizational risk

Management of business processes

Insight and transparency into trends and data

“In today’s business climate, risk is a moving target, so our Professional Services consultants approach each client with the strategic goal of improving their overall GRC efforts,” said David Childers, president and CEO, EthicsPoint. “We work closely with each client to understand their unique business challenges and build a sustainable structure that increases productivity and delivers a faster return on investment.”

Additional services offered by the PSO team include custom education and scenario-based training, best practice recommendations, integration and change management, and dedicated account management and support.

About EthicsPoint EthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit www.ethicspoint.com.

# # #

Contact: Toni Cole, Edelman (503)471-6841 toni.cole@edelman.com

EthicsPoint Enhances Hotline Reporting and Case Management Solutions

Tue, 04 Aug 2009 00:00:00 GMT

New Issue and Event Manager provides greater visibilityinto business, operational risks

PORTLAND, Ore. — August 4, 2009 —EthicsPoint, a leading provider of hotline and anti-fraud reporting and case management services, today announced updated versions of its Issue and Event Manager (IEM) Professional and Enterprise solutions. Improved features and an enhanced user interface streamline access to hotline information and improve data analysis capabilities, providing compliance, HR, audit, security and other business stakeholders greater visibility into business and operational risks.

The EthicsPoint Issue and Event Manager application is designed to serve as an end-to-end compliance solution, from the initial intake of reports, through investigation and resolution processes, and finally, to reporting and data analysis for ongoing ethics and GRC program improvement. The new versions of IEM Professional and Enterprise give ethics and compliance managers a more comprehensive and intuitive view into hotline data and incident reports, delivering detailed insight into areas of risk as well as greater assurance that compliance programs are in place and effective.

“Many HR and compliance teams are being squeezed by ethics program staffing and budget cuts coupled with a simultaneous increase in cases of workplace misconduct that they must document, investigate and resolve,” said David Childers, CEO of EthicsPoint. “Technology such as EthicsPoint Issue and Event Manager can fill an important role by automating and streamlining this work and freeing up staff time to focus on and develop effective strategies to manage broader ethics and compliance risks.”

Customizable dashboard and dynamic UI streamline workflow

The changes made to IEM were made based on client feedback, with the goal of making it easier for organizations to realize the full potential of their hotline and case management investment. Improvements to IEM Professional and Enterprise include:

·        Dynamic and configurable user dashboard: Users can personalize their home page to display frequently accessed reports and information that is most relevant to them, such as saved reports, system messages or RSS feeds.

·        Additional data viewing tools: The expanded data functions help users analyze and interface with data sets including “drag and drop;” column chooser; sort, filter and group; and new data export formats. There are also additional preformatted charts and graphs to display information visually.

·        Enhanced user interface features changes designed to enhance workflow and productivity. From navigation architecture and page views to icon design and color palette, users will find a more dynamic and interactive UI that makes it easier to navigate to find, view and understand relevant information.

·         Performance enhancements from continued investment in server and data center technologies, as well as rich internet application technologies including AJAX, ASP.NET, Silverlight and other standards-based components, provide a secure, dynamic and modern user experience.

About EthicsPoint

EthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit www.ethicspoint.com.

 

# # #

Contact:Toni Cole, Edelman503-471-6841toni.cole@edelman.com

Software Association of Oregon Elects New Chairman and Vice Chair To Board of Directors

Mon, 03 Aug 2009 00:00:00 GMT

Ryan Buchanan And David Childers Provide Dynamic Leadership As SAOTakes Commanding Advocacy Role For State’s Diverse Tech Community

PORTLAND, Oregon, August 3, 2009 - The Software Association of Oregon (SAO) today announced that it has elected Ryan Buchanan as chairman and David Childers as vice chair to its board of directors. These two appointments follow the recent selection of Matthew Nees as SAO’s new president and spotlight the organization’s growing emergence as a leading advocate for Oregon’s diverse technology community.

SAO’s board of directors consist of more than 30 organization members representing some of the most innovative and dynamic technology companies in the country. As chairman and vice chair to the board, Buchanan and Childers will draw on the experience and skills offered by board members to maximize SAO’s ability to build opportunities and economic growth for Oregon’s technology companies.

Ryan Buchanan has been an SAO board member since 2007 and is president and CEO of web and email marketing company eROI. Buchanan has served as president of the board of the Portland Advertising Federation and as a board member of the Friends of the Children, Oregon Entrepreneurs Network, Starve Ups and Greenlight Greater Portland. He was named Portland Business Journal’s “40 Under 40,” and received honors as one of the “50 Great Leaders For Oregon” by Oregon Business Magazine.

Childers joined the SAO board in 2009 and is president and CEO of EthicsPoint Inc., innovators in governance, risk and compliance management software and services. He is a member of the Society of Corporate Compliance and Ethics, the Ethics & Compliance Officer Association and the National Association of Corporate Directors. He is a charter member and serves on the leadership council of the national Open Compliance and Ethics Group. In 2008 he was named one of the “100 most Influential People In Finance” by Treasury & Risk Magazine.

Buchanan’s replacement of Michael Phillips as board chair is part of a leadership transition within SAO that began in 2008. Philips played an instrumental role in facilitating the recent restructuring of SAO as the organization moved to meet the new challenges being faced by Oregon’s technology companies.

“Michael did an amazing job as a leader, facilitator and referee, at a time when SAO was reevaluating its mission and vision for the future,” said Buchanan. “As board chair, he skillfully steered the organization through an evolution that is already showing results.”

“Thanks to the hard work of many, SAO is now poised for enormous success,” said Phillips. “Recent activities show that we are heading in the right direction and it is now time for dynamic leaders within the software community, such as Ryan, to take us into the future.”

Earlier this year, SAO worked closely with the Governor’s office as advocates for the State’s technology community. The organization helped identify projects for federal stimulus spending and outlined key areas where technology investments could play a key role in the State’s budget. SAO also played a pivotal role in establishing Portland’s Clean Technology Alliance, advocates for the advancement of environmentally friendly hardware and software technology  

About the Software Association of Oregon

SAO has been connecting Oregon’s software and technology leaders to each other and relevant technology topics for the last 20 years.  As the only membership based association headquartered in Oregon solely dedicated to the technology industry, SAO offers events, training, services and advocacy to bolster the health of the vital local software industry. 

###

FOR IMMEDIATE RELEASECONTACTS:Brad Brenner, 503-736-0610brad@brennerassociates.com

Misconduct Rarely Happens in Isolation: How You Can Detect Critical Trends

Mon, 27 Jul 2009 00:00:00 GMT

Executive Summary (excerpt)

The data most organizations need in order to have visibility into potential code of conduct violations is already available to them. Yet companies are often unaware of these issues until they become multi-million-dollar lawsuits. Our observations of the marketplace, validated by various ethics research studies, show that a major cause of these situations is managers typically do not recognize or correctly escalate issues communicated to them by employees. When the information-gathering process stops at local levels within a company, the potential for true insight is missed.

EthicsPoint Bridges the Gap between Hotlines and Open-Door Reporting

Tue, 21 Jul 2009 00:00:00 GMT

New forms simplify and standardize documentation, enable more comprehensive view into incidents and misconduct trends.

PORTLAND, Ore. — July 21st , 2009 —EthicsPoint, a leading provider of hotline and anti-fraud reporting and case management services, today announced the availability of Issue and Event Manager Report Forms, customizable web-based report templates that extend the secure, easy-to-use format of EthicsPoint’s hotline reporting portal to managers for documenting issues and complaints received in conversations with their employees. 

Vast majority of all issues are reported face-to-face According to KPMG’s Integrity Survey 2008-2009, employees are almost twice as likely to notify their supervisor or another manager of misconduct, rather than contacting the ethics and compliance hotline. The new Report Forms, which integrate with EthicsPoint Issue and Event Manager Professional and Enterprise versions, help organizations ensure that issues and events requiring documentation, investigation, resolution and analysis are handled consistently, regardless of whether the report originated from the hotline or in manager-employee conversations.

“While many organizations encourage an open-door policy with managers, they often struggle to ensure these verbal reports are appropriately documented and communicated to the appropriate group in a timely manner,” said David Childers, CEO of EthicsPoint. “It makes sense for organizations to take advantage of the existing workflows and data analytics capabilities in their hotline and case management solution.”

“At Town Sports International, we encourage our employees to raise issues either with their supervisor, HR or through our hotline,” said Jim Rizzo, senior vice president of Human Resources. “With the Issue and Event Manager Report Forms, all reports go directly into the same case management workflow, which helps give confidence to our employees that their reports will be addressed and resolved consistently.”

Integrated reporting and case management enable greater business insights EthicsPoint’s HTML-based Report Forms help streamline issues documentation, providing managers with a reporting mechanism that is consistent with the hotline and automatically integrates data within a centralized database. The Report Forms can be customized to capture necessary information about any type of workplace issue or complaint, including:

HR management issues

Work-related injuries

Security investigations

Retail loss prevention 

Patient falls and injuries for healthcare providers

Conflict of interest

Competitor misconduct

Any other code of conduct violation

Forms can also be customized to reflect unique branding requirements and can be made accessible from a company’s intranet, web portal, or via file folders from the desktop of authorized personnel. 

“Companies that only monitor and investigate issues coming in through their hotlines have limited visibility and could be exposed to liability or non-compliance penalties,” commented Childers. “By enabling managers to easily and quickly document issues reported to them, EthicsPoint is helping our clients significantly reduce risk throughout their organization.”

aggregating this data in a centralized database, organizations can more easily spot trends that may indicate a widespread risk to the organization.”

About EthicsPointEthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit www.ethicspoint.com.

Contact:Toni Cole, Edelman 503-471-6841 toni.cole@edelman.com

Copyright 2009 EthicsPoint, Inc. EthicsPoint and the EthicsPoint logo are trademarks or registered trademarks of EthicsPoint, Inc.  All other trademarks are the property of their respective owners.

Lessons from the Dark Side

Wed, 01 Jul 2009 00:00:00 GMT

Meet Nicholas and Carolyn Ryberg. Nick is a former vice president of HR for a Fortune 500 company; Carolyn is a former small business owner.

They are happily married, strive to be good parents and are comfortable in their hometown of Eagan, Minn., a bedroom community just outside of Minneapolis. They are both studying to receive Master of Divinity degrees from the Western Theological Seminary in Holland, Mich. Carolyn is also a resident seminarian at the Peace Reformed Church in Eagan.

They are "normal." They are also ex-cons.

Georgia Tech's Networking and Mentorship Programs Challenge Employees

Tue, 30 Jun 2009 00:00:00 GMT

Five years, two promotions, and one Outstanding Staff Performance Award later, Ms. Diggs-Butler, who coordinates registration in the George W. Woodruff School of Mechanical Engineering, says she's found a place to work for life: "It doesn't matter whether you're a staff person or on faculty, everyone realizes they're important here."

Ms. Diggs-Butler is one of several employees who have benefited from university mentorship and networking programs designed to further career plans. While she participated in Mentor Tech, a program primarily for support-staff members, faculty members have seen success from similar programs.

Adjo A. Amekudzi, an associate professor of transportation engineering, took part in a mentorship series sponsored by a National Science Foundation grant. Aimed at raising the number of women in scientific and engineering careers, it helped prepare her for a successful tenure bid, she says. She also attended informal networking events and workshops offered by the university. "They make women more aware of the kinds of resources and other things that can help them," she says.

Georgia Tech also used money from that grant to work on eliminating bias of all kinds in the promotion-and-tenure system. A team of university designers created a computer-simulation game that places players in hypothetical promotion-and-tenure situations, and challenges them to identify forms of bias. After seeing participants grow more aware of the biases that can surface during the process, researchers posted the game online for the general public to use. Promotion-and-tenure committee members also use the game as part of their training.

In 2002, Georgia Tech began using EthicsPoint, a hotline that employees can call anonymously with job complaints. "The employees are very pleased that there's a way in which they can relate issues to management without having to be the one who stands up and falls on their sword," says Phillip W. Hurd, director of internal auditing.

While performance management and conflict coaching are high on the agenda at Georgia Tech, which employs more than 5,700 people, Pearl J. Alexander, senior director for employee-relations services, says there's still room to improve. "We don't want to be satisfied with where we are," she says. "We definitely want to lead in this area."

Operators Are Standing By: Hotline Reporting at Thunderbird School

Fri, 26 Jun 2009 00:00:00 GMT

New graduates of the Thunderbird School of Global Management in Glendale, AZ are challenged to sign a professional oath of ethics akin to the medical practice's Hippocratic Oath. But the graduate school knows that pursuing an ideal isn't the same as achieving it. Some students don't follow the rules. Some students do things that imperil their lives. And that's why Thunderbird has also implemented EthicsPoint, a Web-based anonymous hotline and case management system. Originally introduced in 2006 to allow faculty and staff to report incidents of unethical behavior, the college expanded the functionality in 2008 to all students as a safety measure.

Most Colleges Avoid Risk Management, Report Says

Thu, 25 Jun 2009 00:00:00 GMT

Less than a quarter of colleges regularly assess how they could prevent or respond to threats such as criminal acts, environmental catastrophes, and financial misconduct. And half of colleges plan for such risks only after receiving an audit, experiencing a campus crime, or seeing the fallout from such a problem on another campus.

Whistleblowing: Are We Hearing More of it Now and How Should We be Responding?

Tue, 23 Jun 2009 16:45:25 GMT

David Childers, CEO and President, will be speaking on Whistleblowing: Are We Hearing More of it Now and How Should We be Responding, at the Institute of Internal Auditors (IIA) Governance, Risk, and Compliance Conference.

Ethics on the Cheap????

Fri, 19 Jun 2009 00:00:00 GMT

I just ran across a recent thought-provoking article in the Christian Science Monitor, called "Are Ethics Too Expensive? about companies cutting back on ethics training due to budget pressures. This got me thinking on a number of fronts:

How can we measure the long-term ramifications of these decisions? I spend a good part of my time at work thinking about how to prove the positive return on investment for ethics programs. So little hard data exists I find the same statistics being used over and over in the media (the cost of fraud, according to the ACFE, the increased shareholder value for the Ethisphere "Most Ethical Companies," etc.). But if there's a lack of hard data to prove the positive, there's even less to show the adverse affects of a poor ethical culture (unless you take what's written in the popular media every time a company on Wall Street fails). I'd love to know which companies are cutting back and track their performance over time - I'll bet they suffer.

Given that we're all under pressure to keep costs down, you can't just argue to keep spending flat to previous years, much less increase it. So - instead of cutting training altogether or severely cutting back on it, have these companies looked at new ways to deliver the training? I filled in for our CEO David Childers today on a "Use of Social Media in Compliance" webinar and talked about ways companies can use Web 2.0 technologies and sites such as Twitter, Facebook, Blogging, LinkedIn, etc. within their compliance programs. Based on the instant polls we conducted, not many organizations have embraced Web 2.0 yet. There are a lot of cool and inexpensive ways to deliver your training if you're willing to try new things.

I'm curious - what are you doing to make your ethics training more efficient and effective?

Doing More with Less in Today’s Economy: Obstacle or Opportunity?

Wed, 17 Jun 2009 19:34:19 GMT

Bill Piwonka, Senior Director of Marketing, will be speaking about Doing More with Less in Today's Economy at the Association of Certified Fraud Examiners (AFE) conference in Las Vegas, NV.

SCCE: West Coast Regional Compliance Conference

Tue, 16 Jun 2009 10:09:42 GMT

David Childers, CEO and President, will be speaking on Data Privacy and Helplines at the Society of Corporate Compliance and Ethics (SCCE): West Coast Regional Compliance Conference.

Voluntary Boundaries of Compliance: How to Draw the Line

Tue, 16 Jun 2009 00:00:00 GMT

Deloitte whitepaper: 2009 American Recovery and Reinvestment Act, Going Beyond Compliance

Tue, 16 Jun 2009 00:00:00 GMT

Thanks to the 2009 American Recovery and Reinvestment Act (ARRA), public infrastructure is receiving a major infusion of federal dollars. Since the plan was first announced, there has been considerable debate over how to ensure that the nation spends the stimulus dollars wisely, avoiding some of the more egregious fraud, waste and abuse problems that have plagued earlier emergency spending initiatives like the responses to hurricanes Katrina and Rita and the reconstruction of Iraq.

To prevent large amounts of fraud, waste and abuse from derailing ARRA, it is critical for every organization receiving substantial ARRA funds to get the basics right – from planning all the way through to closeout audits – and then to effectively execute them. Getting the basics right can help reduce waste, fraud, and other incidents that will tarnish the reputation of the spending agency.

Only after the basics are in place can program management and anti-fraud program controls be further strengthened by utilizing more innovative management and technology practices, including:

Using scenario planning to determine all the combination of things that can go wrong when you are rolling out multiple projects at great speed

Adopting a portfolio management approach to identify synergies among projects that can be effectively delivered within the time frame allotted

Transforming financial operations and processes to collect and report financial performance data on a real-time basis

Using innovative procurement models to shift the risks and incentivize performance

Putting everything – contracts, expenses, project details and the like – up on the Web for public consumption, and making it searchable

Using social media tools to facilitate a meaningful two-way conversation with the public about how stimulus funds are being spent

Employing analytics tools to transform the volumes of raw data collected into useful information

Developing a collaborative workspace to facilitate interagency and intergovernmental information sharing and collaboration in real time

Using these innovative techniques can help to mitigate the amount of fraud, waste, and abuse in the ARRA program while optimizing performance. Moreover, diffusing these innovations throughout the organization can enhance overall agency performance long after ARRA funds run out.

This report helps government agencies manage the tidal wave of stimulus funds, first by getting the compliance basics right and then by building more robust operational capacity. This is critical to preventing ARRA funds from going the way of other emergency spending initiatives that were marred by unacceptably high levels of fraud, waste and abuse.

DII Best Practices Forum

Thu, 11 Jun 2009 12:29:05 GMT

David Childers, CEO and President, will be speaking on Compliance and a Culture of Ethics in Challenging

Environments at the Defense Industry Initiative (DII) in Washington, DC.

Ethics Resource Center 2007 National Business Ethics Survey

Thu, 11 Jun 2009 00:00:00 GMT

As the Ethics Resource Center presents the findings of its 2007 National Business Ethics Survey (NBES), the fifth in its benchmark series, we are more aware than ever that the world of "ethics" has moved far beyond the world of "compliance." Equally important, the study reveals that understanding and measuring an organization's ethical behavior is absolutely central to the risk equation that every business now faces -- and to the value that it brings in the financial and commercial marketplace.

National Retailer Federation Loss Prevention Conference

Mon, 08 Jun 2009 11:17:05 GMT

EthicsPoint will be exhibiting at the National Retailer Federation (NRF) - Loss Prevention Conference.

American Recovery and Reinvestment Act Compliance: Is Your Institution Ready?

Thu, 04 Jun 2009 18:34:13 GMT

Is your Higher Education institution one of thousands of organizations receiving stimulus funds from the American Recovery and Reinvestment Act? Do you fully understand the impact of its provisions on your compliance program?

Bottlenecks in Ethics Reporting

Thu, 04 Jun 2009 00:00:00 GMT

Does the Ethics Office Always Receive the Complete Picture? Do ethics offices and senior leaders get all the information they need?

Organizational structure and inconsistent language standards serve as impediments to the capture of risk information.

EthicsPoint Establishes Fund for Ethics Research at The University of Arizona

Tue, 02 Jun 2009 00:00:00 GMT

Program to advance business ethics research and ethical management practices

Portland, Ore. (PRWEB) June 2, 2009 -- EthicsPoint, a leading provider of hotline and anti-fraud reporting and case management services, today announced a gift to The University of Arizona Foundation that will establish the EthicsPoint Fund for the Discovery and Dissemination of Ethics Research. The first of its kind for the University and EthicsPoint, the Fund will support research, education and collaborative programs designed to redefine the focus and impact of business ethics research.

"The economic downturn has underscored that poor ethical leadership can have a negative impact on not only a company's reputation, but also the bottom line," said David Childers, CEO, EthicsPoint. "EthicsPoint and The University of Arizona's Eller College of Management share a common view that business ethics must transition from the philosophical to the practical. EthicsPoint makes this donation with the dual goals of helping prepare the next generation of business leaders and of advancing research to better understand the dynamics behind behavioral ethics in business."

Under the administration of the Department of Management and Organizations (M&O) in the Eller College of Management, the EthicsPoint gift will provide for research discovery and dissemination. The M&O department will work with EthicsPoint to define and support research in areas including organizational justice, behavioral decision-making and management information systems. They will jointly promote these findings and education via reports, webinars and other marketing and educational programs.

EthicsPoint and M&O will also partner to offer the inaugural Business Ethics Symposium hosted by the Eller College of Management. At this symposium, industry compliance officers and M&O faculty will offer panel discussions that tie best practices from industry with emerging research from academia.

"This program represents an important collaboration between the public and private sectors to redefine and promote ethical leadership," said Stephen Gilliland, Arnold Lesk Chair in Leadership and Head of the M&O Department, The University of Arizona. "The EthicsPoint gift will not only fund our research, but will give both our students and faculty the opportunity to gain real-world experience and knowledge with leaders from EthicsPoint. We are honored by EthicsPoint's recognition of our work and look forward to furthering it with their generous support."

"The cutting-edge research by the University faculty on the dynamics behind ethical decision-making, combined with our experience working with over 2,000 organizations, will enable us to deliver more value to our clients and help them build a sustainable business culture of integrity," added Childers.

About The Eller College of Management The Eller College of Management at The University of Arizona is internationally recognized for pioneering research, innovative curriculum, distinguished faculty, excellence in entrepreneurship, and social responsibility. The College is home to top-ranked entrepreneurship, MIS, MBA, doctoral, and undergraduate programs, and leads the nation's business schools in generating grant funds for research. The Eller College of Management supports more than 5,500 undergraduate and 600 graduate students on the UA campus in beautiful Tucson, Arizona.

The Department of Management and Organizations (M&O) in Eller has embraced an emerging field of behavioral ethics that focuses on organizational practices and individual decision processes. The M&O Department represents one of the strongest groups of researchers in the world using this new orientation, and is defining and developing the next generation of business ethics research. This new orientation draws on social scientific research methods, with an emphasis on quantitative data analysis and experimental methods.

About EthicsPoint EthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit http://www.ethicspoint.com.

Back to School

Mon, 01 Jun 2009 00:00:00 GMT

I'm currently sitting at my son's dance studio, waiting for him to finish his hip/hop rehearsal in preparation of the big recital in two weeks. Ironically, in one of the studios nearby, the class is working on a dance to Alice Cooper's 1972 hit, "School's Out," while I'm writing this blog announcing the new EthicsPoint Fund for the Discovery and Dissemination of Ethics Research with The University of Arizona's Department of Management and Organizations in the Eller College of Management. School is definitely NOT out for EthicsPoint!

The first of its kind for the University and EthicsPoint, the Fund will support research, education and collaborative programs designed to redefine the focus and impact of business ethics research. One of the things that attracted us to the work being done at The University of Arizona is they share our view that the teaching and research of business ethics needs to transition from the philosophical to the practical.As a result of our partnership, we'll be working with the faculty of the Department of Management and Organizations in a number of ways, including:

Establishing a Business Ethics Symposium later this year in which industry ethics and compliance officers and faculty from M&O will jointly participate in panel discussions that tie best practices from industry with budding research from academia.

Publicizing the work of the M&O faculty in the area of business ethics through webinars, whitepapers and other communication vehicles.

Working with the faculty on their research projects into business ethics when appropriate.

Collaborating with the faculty within their classrooms, with EthicsPoint senior management participating as guest lecturers, providing students with the perspective of private industry to augment their studies.

This announcement is just the start in our relationship with The University of Arizona, one that I see having great promise and potential, and I can't wait to see where it goes!

Is That a Pledge Pin, Soldier?

Sun, 31 May 2009 00:00:00 GMT

Forgive the reference to one of the favorite movies from my early teenage years, but it came to mind when I read a NY Times article about the Harvard MBA's who were taking a pledge to act responsibly, ethically, and refrain from advancing their "own narrow ambitions" at the expense of others.

Don't get me wrong, I'm all for people acting with integrity and ethics, but I find this news somewhat disturbing. First, only 20% of the graduating class has signed it so far. I refuse to believe the rest of the 80% don't believe in what the oath stands for. Instead, I'm very hopeful that those 80% feel a bit like me - why do I need to sign an oath to do what should be considered normal course of action?

As a father of two boys (12 and 14), I certainly hope they don't need to sign an oath to remember to do what's right - I know that the values my parents, coaches, teachers, Sunday School leaders and other adults instilled in me helped form the basis for my actions. Likewise, I would hope that the future leaders of business already had formed a moral compass that will guide them as they encounter ethical challenges in the workplace. If an oath helps them remember to do the right thing, great. But hopefully it's only a reminder to do what they would have done otherwise, and not the sole thing guiding them.

Perhaps I'm being a bit cynical - what do you think?

Client-Exclusive: Chicago User Forum

Thu, 28 May 2009 19:02:48 GMT

Join EthicsPoint and other professionals like you in a one-day forum that encourages networking, sharing of ideas, and sharing of best practices.

Client-Exclusive: Toronto (Canada) User Forum

Thu, 28 May 2009 16:21:27 GMT

Join EthicsPoint and other professionals like you in a one-day forum that encourages networking, sharing of ideas, and sharing of best practices.

Ernst &Young European Fraud Survey 2009

Thu, 28 May 2009 00:00:00 GMT

Last week Ernst & Young released their European Fraud Survey 2009 - a fascinating and disturbing (they called it "startling") report. I'd strongly recommend any readers with European operations to download a copy, as it highlights a number of key problems, including a shockingly high tolerance for unethical behavior and a serious lack of confidence in senior management and board members.

The survey was conducted in January and February with a total of 2,246 interviews with employees in 22 European countries - all participants were employed with companies with over 1,000 employees, stock exchange-listed or multinationals.

Here are just a few nuggets I pulled:

55% of respondents expect corporate fraud to increase over the next few years

29% believe management to be untrustworthy

42% believe that the senior ranks in an organization pose the biggest threat of fraud.

25% thought it was acceptable to make case payments to win new business (potential FCPA violations!)

At a country level, only 12% from Italy or France believed their management always operated with a high level of personal integrity (my ancestral home of the Czech Republic didn't fare much better at 13%)

On a much happier note, we had a fantastic user forum in Boston last week. Very interactive, lots of networking (favorite quote from the day from a conversation between two participants - "We HAVE to meet more often- we only work five minutes from one another!") and a great presentation from Doug Cornelius on the implications of social networking for compliance officers. I'll be in Chicago next week and am really looking forward to meeting our clients there. (unfortunately will not be able to attend the Toronto Forum also next week, but looking forward to hearing how it goes).

Ernst & Young European Fraud Survey 2009

Thu, 28 May 2009 00:00:00 GMT

Image by otrocalpe via FlickrLast week Ernst & Young released their European Fraud Survey 2009 - a fascinating and disturbing (they called it "startling") report. I'd strongly recommend any readers with European operations to download a copy, as it highlights a number of key problems, including a shockingly high tolerance for unethical behavior and a serious lack of confidence in senior management and board members. The survey was conducted in January and February with a total of 2,246 interviews with employees in 22 European countries - all participants were employed with companies with over 1,000 employees, stock exchange-listed or multinationals.Here are just a few nuggets I pulled:55% of respondents expect corporate fraud to increase over the next few years29% believe management to be untrustworthy42% believe that the senior ranks in an organization pose the biggest threat of fraud.25% thought it was acceptable to make case payments to win new business (potential FCPA violations!)At a country level, only 12% from Italy or France believed their management always operated with a high level of personal integrity (my ancestral home of the Czech Republic didn't fare much better at 13%)On a much happier note, we had a fantastic user forum in Boston last week. Very interactive, lots of networking (favorite quote from the day from a conversation between two participants - "We HAVE to meet more often- we only work five minutes from one another!") and a great presentation from Doug Cornelius on the implications of social networking for compliance officers. I'll be in Chicago next week and am really looking forward to meeting our clients there. (unfortunately will not be able to attend the Toronto Forum also next week, but looking forward to hearing how it goes).

Know Your Wage: How to Prepare and Protect Your Company from the Lilly Ledbetter Fair Pay Act

Fri, 22 May 2009 10:30:49 GMT

With a retroactive effective date of May 28, 2007, it is imperative that companies know, and understand, the ramifications and the significant effect the Lilly Ledbetter Act law has on your record-keeping policies and compliance programs. Are you confident that your organization is prepared to comply with this new Act? Attend this webinar and become familiar with the history and scope of this monumental law, and learn valuable strategies to address its potential effect on your organization.

Interesting Litigation Survey

Thu, 21 May 2009 00:00:00 GMT

At the end of March my family and I escaped the dreary weather of Portland for the warmth and sunshine of Arizona. At the time I remarked to my wife just how much I disliked the whole air travel experience - from the lines at security to over-crowded planes with decreased/ nonexistent service (food, beverage, a kind word, etc...). There's just no comparison to the experiences I had as a child, when flying was fun (at least to me).

I thought about that today as I was flying across country, sandwiched between the window and a woman who evidently couldn't remember that her husband (and the person - I hope -on whose shoulder she wanted to sleep) was on her LEFT side, and not the right, where I sat. Because, despite the discomfort and inconvenience that is now associated with air travel, I actually had been looking forward to my flight. Not for the flying experience, but for the four hours my laptop battery would last, and the uninterrupted time to get some work done!

One of the things I did somewhere over Minnesota was read the 2008 Fulbright Annual Litigation Trends Survey, from the law firm of Fulbright and Jaworski LLP. Although published in October of 2008, I just ran across this earlier this week, and I found it fascinating! Here are just a few tidbits I pulled from the report:

One third of all publicly held companies and 17% of all privately held companies have at least one lawsuit with more than $20 million at issue

One of every 10 companies spends at least $10 million or more annually (excluding settlements and judgments!) 

A third of all publicly held companies and 17% of all privately held companies have at least one lawsuit with more than $20 million at issue

43% of respondents from the largest companies expect disputes to increase this year

The greatest increases in multi-plaintiff cases in the US are Wage-hour, discrimination and privacy issues

Half of the US respondents consider Labor/Employment litigation to among their greatest concerns

Companies spending $1 Million or more on litigation increased in both the US and UK. Among smaller companies, the percentage spending $1M+ more THAN TRIPLED and increased by half among mid-sized companies

One third of privately held companies and 60% of publicly held companies conducted at least one internal investigation requiring outside counsel. More than half report 2 to 5 of these investigations Considering all this, the biggest question I have is...

Why aren't more companies implementing ethics and compliance programs that have proven to reduce both the risk of litigation and the cost associated with settlements and judgments???

Oh, and I was on a plane today because I am attending the first of the 2009 EthicsPoint Regional User Forums here in Boston. I'm really looking forward to meeting many of our customers here in the Northeast, including Doug Cornelius, who writes a great blog - Compliance Building, and will be presenting on the use of social media in Ethics and Compliance programs.

Ethics: Lessons Learned from the Trenches

Thu, 14 May 2009 11:37:06 GMT

Does your University have the type of culture that will lead to ethical lapses or breakdowns? Or, the type that will keep it out of trouble?

Using actual cases to illustrate, Hank Shea, Senior Distinguished Fellow, University of St. Thomas School of Law and Holloran Center for Ethical Leadership Professions, explains the causes, consequences, and cures for typical ethical breakdowns and misconduct found in Universities, or any organization, that can lead to criminal wrongdoing.

Healthcare Organizations: Designing, Implementing and Maintaining an Effective Compliance Program

Wed, 13 May 2009 12:50:55 GMT

View this webinar and learn from the expertise of John Steiner, Chief Compliance Officer UK HealthCare of the University of Kentucky, a well known leader in Healthcare Compliance. John addresses the key legal principles that are the foundation of effective corporate compliance and specific methods for implementing those principles in complex healthcare organizations.

EthicsPoint Names Michael Lund new Director of Global Partnerships

Thu, 07 May 2009 00:00:00 GMT

Industry veteran brings strengths in building high-performing channel programs

PORTLAND, Ore. — May 7, 2009 —EthicsPoint, a leading provider of hotline and anti-fraud reporting and case management services, today announced that Michael Lund has joined the company as the Director of Global Partnerships.  Mike brings a unique set of experiences with more than 20 years of sales and marketing leadership in the technology and professional services markets.“Strengthening our global presence and supporting our OEM, Integration and Referral Partners are key components of EthicsPoint’s strategic plan to maintain our rapid growth,” said Tom O’Keefe, executive vice president, EthicsPoint. “Mike brings a strong record of success in building superior channel programs, and his experience as a vice president of sales and general manager gives him the ability to contribute right away to both EthicsPoint and our partners’ success.”Prior to joining EthicsPoint, Mike was the vice president, North American sales and general manager at Genevalogic/Netop where he led his team to double-digit growth in consecutive years by doubling sales through channel partners. Prior to that, Mike held key sales leadership positions at Activant Solutions.“EthicsPoint strong commitment to growing the contribution from their Global Partners, enviable reputation as the leading provider of hotlines and case management solutions and incredible passion and level of talent throughout the organization are among the reasons I am so excited to take on this role,” said Lund.  “I look forward to working collaboratively with our partners to drive an even high level of growth.”About EthicsPointEthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.For more information, visit www.ethicspoint.com.# # #Contact:Toni Cole, Edelman (503) 471-6841 toni.cole@edelman.comCopyright 2009 EthicsPoint, Inc. EthicsPoint and the EthicsPoint logo are trademarks or registered trademarks of EthicsPoint, Inc.  All other trademarks are the property of their respective owners.

EthicsPoint Honors 2009 Best Ethics and Compliance Portals

Thu, 07 May 2009 00:00:00 GMT

Custom Portals Showcase Best Practices in Business Ethics, Compliance Communications

PORTLAND, Ore. — May 7, 2009 — In conjunction with Corporate Ethics and Compliance Week, EthicsPoint, a leading provider of hotline and anti-fraud reporting and case management services, today announced the winners of the 2009 Best Ethics and Compliance Portals contest. Entries were judged based on their clarity of message, quality of reporter experience and effective integration with an overall governance, risk and compliance (GRC) strategy. The 10 client portal pages selected as the EthicsPoint 2009 Best Ethics and Compliance Portals are:

AkzoNobel

AstraZeneca

Catholic Healthcare Partners

The Coca-Cola Company

Diocese of Cleveland

FMC Technologies Inc.

Integrys Energy Group

Staples 

Toyota Financial Services 

University of California System

“These winning portals illustrate the outstanding job these organizations have done to foster a business culture of trust and transparency,” said Tom O’Keefe, executive vice president, EthicsPoint. “By customizing their portals to reflect their organization’s unique branding, these clients have created a seamless experience to market their ethics and compliance programs and create greater employee awareness.”Winning Perspectives on a Sustainable Compliance EnvironmentAstraZeneca:  “At AstraZeneca, we believe that compliance programmes should do more than offer a reporting mechanism,” said Steve Mohr, global compliance officer. “The AZethics portal is an important part of our communication strategy which supports our aim to embed a culture of ethics and integrity through our commitment to a clear set of principles defined in our Code of Conduct and supporting Global Policies. All employees worldwide are educated in these principles and are encouraged to take an active role in making our corporate culture of ethics and integrity a reality.”The Coca-Cola Company:  “At The Coca-Cola Company, we understand that our reputation is our most valued asset. Through our Company values and initiatives like the EthicsLine, we are committed to being a leader in corporate responsibility and maintaining world-class standards of integrity and fair treatment of all Company associates and other stakeholders,” said Sharon Zealey, chief ethics and compliance officer. “In the 200 plus countries where we operate, we offer EthicsLine as an on-line resource available 24/7 with language translations, and as a toll-free hotline.”   FMC Technologies Inc.:  “FMC possesses a culture of integrity based on a spirit of ethics, trust and cooperation – principles that we expect our employees to live every day, and that every employee can always expect from FMC,” said Jeff Carr, vice president, general counsel and secretary. “We live in an increasingly complex and interconnected world; we respect and are committed to complying with the laws, customs and cultures of the communities in which we operate. We are pleased that EthicsPoint has recognized our ethics portal as noteworthy.”University of California System: “UC's core values are integrity, excellence, accountability and respect, which are essential to fulfilling our mission of instruction, research and public service,” said Sheryl Vacca, senior vice president, ethics, compliance & audit services and chief compliance & audit officer. “Our partnership with EthicsPoint strengthens our ability to institutionalize these vales in our daily work, and in doing so helps us to fulfill the university’s mission.”Front Line of Employee and Stakeholder CommunicationsCustomized portals form an important part of a company’s overall GRC efforts. They serve as a resource for employees, partners, customers, shareholders, suppliers and other stakeholders seeking information about the organization’s code of conduct. With the economic downturn driving many organizations to look for ways to improve the efficiency and effectiveness of their compliance programs, businesses are emphasizing cooperation and communication among stakeholders. By making ethics and compliance everyone’s business, organizations can derive stronger business value from their GRC efforts.To view the 2009 winning portals and learn more about best practices for integrating a portal into a broader corporate reporting program, visit www.ethicspoint.com/hotline/service/customer-portals.aspx. About EthicsPointEthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.For more information, visit www.ethicspoint.com.# # #Contact:Toni Cole, Edelman (503) 471-6841 toni.cole@edelman.comCopyright 2009 EthicsPoint, Inc. EthicsPoint and the EthicsPoint logo are trademarks or registered trademarks of EthicsPoint, Inc.  All other trademarks are the property of their respective owners.

EthicsPoint 2009 Best Ethics and Compliance Portal Winners!

Thu, 07 May 2009 00:00:00 GMT

It is with great pleasure that I am able to announce, honor and celebrate the 10 winning companies in the EthicsPoint 2009 Best Ethics and Compliance Portal contest.

These portals were chosen from among our more than 2000 customers, and were judged based on a number of factors, including clarity of message, quality of reporter experience, effective integration within their overall governance, risk and compliance (GRC) strategy and innovative use of technology.

Please join me in congratulating this year's winners:

AkzoNobel

AstraZeneca

Catholic Healthcare Partners

The Coca-Cola Company

Diocese of Cleveland

FMC Technologies Inc.

Integrys Energy Group

Staples

Toyota Financial Services

University of California System

To view a screenshot of these winning portals or learn how we can work with you to improve your portal, visit our site.

Ethics and Compliance Week

Sun, 03 May 2009 00:00:00 GMT

It's been a few weeks since my last post - no idea where the time goes. But I'm hoping to post at least 3-4 times this week - lots going on, as it's Ethics and Compliance Week. For now I've just got some random items...

Just read a really interesting blog by Shanti Atkins, President and CEO of ELT, discussing the impact of the "Obama Effect" on Workplace Compliance. Whether you fervently support our new President or find yourself disagreeing on his policies thus far, I think we all can agree that compliance will play a big part in his policies, and it pays to keep up with all the new legislation. (If you want to get more informed on the impact of the Lilly Ledbetter Fair Pay Act, sign up for our upcoming webinar, to be given by Martin Wickliff, JR - Epstein Becker; Green, P.C

Congratulations to all the EthicsPoint customers who were named among the 100 Most Ethical Companies. (I'd name them all, but the list would get unwieldly for a short blog!)

The OCEG Red Book 2.0 Final Draft has been released - If you haven't downloaded it yet, you should!

If you ever have a chance to go to Blue Hill NYC restaurant, I strongly encourage you to do so - had a phenomenal meal there earlier this month

Look for more stuff here later this week - I'm hoping to preview some really cool data we've been looking at as we pull together our latest benchmarking report; we'll be announcing the winners of the 2009 Best Ethics and Compliance Portal contest, and maybe a few other things as well.

Can Web 2.0 rekindle America’s love affair with the automobile?

Thu, 30 Apr 2009 00:00:00 GMT

As many of you know I made the decision to go back to school this year and have been attending an extended learning program at MIT Sloan School of Business. I have my quarterly meeting in Cambridge coming up and was reading through my assigned case studies this weekend. One of the readings concerned a supply chain situation at Ford that was taken from events earlier this decade. I don’t know if the professor was looking to evoke this line of thinking, but I started wondering if the automobile world could transform itself and convert to the Dell distribution model. So while this is outside the realm of my normal blog topics I am hoping to leverage this forum to get some quick feedback for this zany idea.

The Dell Direct Model has been very successful from a supply chain and margin contribution perspective. Dell Direct is a business model that eliminates the traditional distribution channel and goes directly to the consumer. Traditionally, as is in the case of Ford and others, there is a supply chain that supports the manufacturer (the “brand”); the finished goods are shipped to a variety of distribution outlets and the consumer selects a branded product from one or more of these outlets.

Dell broke this model by using a Web 2.0 enabled business model that removed the traditional hardware distributors and opened a line of communication directly with their customers. They also ensured/marketed that the computers they sold would be customized for each client and delivered to their home. They built a website with a well defined on-line configurator and allowed the consumer to craft the PC of their choice.

Stick with me – I know this may sound crazy, but with the automobile industry in chaos-wouldn’t this model work for cars just as it has for computers?

One of the many problems with the auto industry is over supply. In 2008 manufacturers had the capacity to make 17 million cars annually to support a 10 million domestic car demand. The current cost-to-market structure and low margin of profit per vehicle has collectively rendered auto company business plans not successful at the 10 million vehicles sold rate. Regrettably, the industry has continued to blindly build significantly more than 10 million cars, go deeper in debt and is now financially and credibility bankrupt.

By changing their go-to-market strategy Dell proved they could derive stronger margins, control their inventory costs and nurture a very satisfied consumer base. So what would this mean for the car buying consumer? First the buying experience would change dramatically. Showrooms would be totally reconfigured with more interactive displays and computer simulations but the overall footprint would be reduced dramatically. Sure the auto dealers would need to have a few, very few, new models in stock for the person who just wanted a good, better or best model and wanted a new car today. There would still be used cars, but for a new car the majority of us would configure our new car, do the paperwork and have it arrive 3-4 weeks later. Or, we might never visit a showroom and simply configure and buy the car on-line.

If you let your mind wander a bit and if you have ever configured a Dell system you can begin to think about how this buying experience might work. Packages and promotions would be similar. Like a free upgrade to a XM/Sirius radio instead of an upgrade to a DVD Burner from a standard CD drive. How about custom wheels in lieu of an extended battery? Door to door shipping is a premium option, but a cost-efficient pick up area near a rail distribution hub could provide the lowest shipping cost option.

The advantages of this system could be remarkable. The cost to build and maintain (just think of the property tax savings in some states) a dealership would be significantly reduced. Even rural communities would be better supported with this model. While the assembly-line process would need to evolve to ensure overall vehicle costs do not rise dramatically, the advantage of knowing your exact demand would eliminate excess inventory and floor-plan costs would be dramatically reduced.

Because manufacturers are primarily shipping product on demand it is likely transportation costs would improve – the carbon footprint would also be reduced.I can imagine unique designer packages for interiors that are truly unique. Resale values might hurt downstream with some poor choices, but why not a Martha Stewart, NASCAR, or NCAA interior of your choice? All would add license opportunities and potential additional revenue. Buying online also provides click through revenue from alternative financing sources or custom items from tailpipe extensions to HD-DVD systems made for the vehicle, but not available from the manufacturer.

More importantly, just like Dell, the auto manufacturer would begin to know what motivates the consumer and cars would evolve just as PCs have to meet the usage demands of the consumer. Lower R&amp;D costs, fewer miscalculations (can anyone say Pontiac) and an overall improved track record for consumer loyalty. Can you imagine blogs and twittering by designers, engineers and quality assurance folk who were sincerely interested in market feedback?

There are a number of specific business planning details I will need to construct before going to MIT next week, but help me out with a little informal survey…would you buy a car using a system like this? If not, why not?

THIS JUST IN -- Chrysler files for Chapter 11 (http://tinyurl.com/d3f5kf) -- are they better off dead or alive??

ACFE: Occupational Fraud: A Study of the Impact of an Economic Recession

Tue, 21 Apr 2009 00:00:00 GMT

With the economy struggling to find its foothold, many businesses and individuals are facing the greatest financial concerns in recent memory. In these tough times, protecting valuable — and increasingly scarce — economic resources has become a monumental task. Losing assets to fraud may be enough to send an already struggling organization to the financial brink.

To get a pulse on how the economy is affecting fraud trends, the ACFE went to the experts who are in the trenches fighting fraud on a daily basis. By surveying anti-fraud professionals about their experiences and observations, we hope to gain some insight into the correlation between economic downswings and fraudulent activity.

 

To read the full article, please click here.

 

Health Care Compliance Association - Annual Conference

Mon, 20 Apr 2009 17:10:23 GMT

Tom O'Keefe, EthicsPoint's Executive Vice President, will be a featured speaker at the Health Care Compliance Association (HCCA) Annual Conference.

Healthcare Risk Management Takes a Broader Perspective

Thu, 16 Apr 2009 00:00:00 GMT

Using a comprehensive incident management system increases efficiency and insight, reducing risk in the healthcare industry.

From fraud and theft to the challenge of meeting government regulations, businesses are at risk to numerous factors that can have a negative financial and reputational impact. Keeping up with corporate governance, risk management and legal compliance mandates promises to become relentlessly more complex in 2009 as turbulent economic conditions continue to impact the business world.

The case for anonymous hotlines

Wed, 15 Apr 2009 00:00:00 GMT

Summary

* One in five American workers possesses personal knowledge of workplace fraud, according to a 2002 study sponsored by Ernst & Young LLR

* Some hotlines work better than others. The difference has a lot to do with the adoption of some key best practices.

* A good system uses a database that can automatically determine the correct recipient by comparing data such as the nature of the allegation and the location involved.

Making Ethics Everyone's Business

Wed, 15 Apr 2009 00:00:00 GMT

Companies take aggressive measures to prevent fraud that costs organizations 7% of their annual revenue.

Taking a Six Sigma approach, Cummins deployed a company-wide anonymous reporting mechanism and case management system to report, manage and resolve incidents that may expose the company to fraud or compliance risk. They selected a third-party vendor, EthicsPoint, to provide a trusted, safe resource for employees to report issues and, if necessary, remain completely anonymous.

Note: Cummins is an EthicsPoint Inc. client

OCEG Announces Standards to Improve Corporate Conduct (Red Book 2.0)

Mon, 13 Apr 2009 00:00:00 GMT

The OCEG GRC Capability Model™ (also known as Red Book 2.0) sets out practices that will ensure better corporate governance and drive compliance with laws, regulations and company policies. "Red Book 2.0 is a critical tool that will protect and build value in every organization that uses it," says OCEG president, Carole Switzer. More than 200 individuals with expertise in governance, risk management, compliance, ethics, audit and internal controls contributed to the development of Red Book 2.0 and thousands more reviewed it during the open comment period. Now, the public may obtain a final copy at www.oceg.org.

EthicsPoint clients are automatically eligible for a free special "Basic Plus" OCEG Membership. Download the OCEG Basic Member Edition of Red Book 2.0 at www.oceg.org

Celebration of Excellence

Mon, 13 Apr 2009 00:00:00 GMT

Madoff. Satyam. Stanford. Who's next?

Actually, I don't want to know who's next. I'm tired of hearing about ethical lapses, fraud, misconduct, etc. I'm tired of opening the morning paper (actually, my browser) and reading about who's been accused of FCPA violations, bribery, or worse. Spring has arrived here in the Pacific Northwest, and I'm feeling hopeful and optimistic, and I'm tired of all the negativity.

Thus, I'm very pleased to announce that EthicsPoint has launched the nomination page for the 2009 Best Ethics and Compliance Portal contest. We want to recognize clients who have done an outstanding job of fostering cultures of integrity and compliance. We're soliciting nominations for Ethics Portals that demonstrate excellence in the following areas:

Clarity of message

Integration of technology within an overall ethics and compliance strategy

Quality of user experience

Overall "look and feel."

So please click on the link above and nominate your organization! And good luck!

(and if you're just getting started on building your portal, you may want to check out the 2008 winners. And I'd also encourage our existing clients to attend the April 23 webinar "Get Creative! Are You Optimizing Your Hotline Portal Page to Increase Employee Awareness?")

Investigation management tools ease fraud pains

Fri, 10 Apr 2009 00:00:00 GMT

In today's complex and distributed financial services environment, an organization ... needs a 360-degree view of enterprise fraud investigations.

Financial service organizations are often in disarray when it comes to having consistent processes and technologies for managing fraud investigations and loss. The disarray is a result of:

Fragmentation. Financial service organizations often lack a common platform for managing enterprise-wide investigations, fraud, incidents, issues, events, complaints and/or loss. Instead, different business groups within the organization manage corporate investigations in their own silos.

Inconsistency. These fragmented investigation processes are poorly defined and do not provide an enterprise visibility into incidents and loss. As a result, the organization has a variety of methodologies ranging from the ad hoc to the mature.

Misuse of technology. Financial service organizations tend to have an abundance of homegrown spreadsheets, custom-built databases, and perhaps an occasional commercial product thrown into the mix. There is limited adoption of enterprise technology to manage fraud investigations processes.

NACUBO: Recovery Act Rules and Reporting Requirements Emerge

Fri, 10 Apr 2009 00:00:00 GMT

April  9, 2009

As the federal government gears up to pump billions of dollars into the economy through the American Recovery and Reinvestment Act of 2009 (Recovery Act), several notices have been released (or are coming soon) detailing quarterly reporting requirements, grant and contract provisions, and more. There is a strong focus on transparency and accountability in the use of these funds, including quarterly reporting on expenditures and outcomes.

Given the urgency of getting rules in place quickly, Federal Register notices implementing the Recovery Act are generally being released as interim final rules with a request for comments. With this type of hybrid notice, the regulations take effect immediately even as the agency actively requests comments and anticipates publishing revised rules in the future.

The following notices and guidance memoranda are now available for review.

The "Art" of Customer Service

Thu, 09 Apr 2009 00:00:00 GMT

Guest blog from Mike Hyatt-Evenson, EthicsPoint Director of Client Services

My father-in-law is a retired pharmacist. All jokes aside about being a drug dealer, for part of his career he worked as the pharmacy manager where he, as you can expect, was continually enticed by pharmaceutical salespeople. Since the pharmaceutical sales model is one of the most competitive, highly compensated models in the world, I asked him how he would choose what to buy. His answers struck me. Fundamentally, everything had to do with the salesperson who:

Kept their promises.

He trusted.

Really listened to understand his needs.

Took the extra step.

What struck me was that he did not mention price, quality, gifts, or incentives. Though he was talking about salespeople, those qualities are exactly what we train our customer service people to do. For example:

We always call when we say we will.

We build trust and relationships with our customers to develop long term loyalty.

We actively listen to our customers so we completely understand their needs and pain.

We distinguish ourselves from our competitors by doing more than just the minimum.

This reinforces one of the concepts that I believe makes some companies great – the “art” of customer service. The “science” of customer service comes in accurate tracking of customer information, good phone systems, proper staffing, efficient use of tools, etc., etc. Any company can do the science.

The “art” of customer service means that we deliver what and when we say we will. It means that our customers are doing most of the talking. It means that our customers know that we take pleasure in working with them and doing our jobs. It means that we let our customers tell us the story of their child’s graduation if they want to. It means that we quit talking and get down to business if they want to. It means that we take the extra step to make our customers’ jobs a little easier. It means that we happily communicate good news but are also honest with bad news. It means that customer service is not a department, but is pervasive in everything we do across the organization. It is what will lead to a great customer experience.

In this economic environment, our customers are (and should be) scrutinizing every penny they spend. I believe that the companies who live and breathe the “art of customer service” in everything they do will be the ones left standing.

GRC Comes of Age

Mon, 30 Mar 2009 00:00:00 GMT

Our President & CEO, David Childers, is quoted. From the article:

"One of the most striking survey results consists of the difference between the top GRC obstacles and the most important elements of GRC program success that respondents identify. Given that lack of funding was the top impediment, it would also seem logical to assume that it was a top element of success.

It was not.

In fact, funding was the least important element of GRC success, according to respondents who identified "people, process, and technology" and "organizational culture/tone at the top" as far more important drivers of success (see "Data Insight: Elements of GRC Success")."

Say on Pay

Tue, 24 Mar 2009 00:00:00 GMT

My wife, who I consider a good lawyer and I totally disagree on the way the public outcry has been unleashed against some executives at AIG and other organizations. She holds to the belief that this “bonus money” is her tax dollars and these people don’t deserve to be paid with her money. I get the frustration, but my point is why does this “say on pay” deserve to be different than an individual shareholder’s opportunity to control the way corporations incentivize and pay their executives? In my view it doesn’t.

I have never been in favor of say on pay by shareholders or God forbid the Government. Shareholders have the right to make their feelings heard but most are not qualified to make decisions for the organization. Shareholder say on pay should remain a vote with their feet or their proxy statements. In my last installment I said that boards have to step up, dig in and bring some collective sensibility to this process. I think it is also time for shareholders to step up, dig in and remove some board members. Some of these directors also need to be thanked for their meritorious service and sent to permanent retirement not just shuffled to the next board.

I believe that the world has to hold Board of Directors to an increased level of accountability. Boards (not shareholders) have the obligation to understand what it takes to hire and incentivize key executives. Boards (not shareholders) are empowered to set reasonable and appropriate incentive targets – regardless of the number of trailing zeros. We have a governance system that has worked for more than 100 years, but greed and lack of accountability has diluted its value. And what is this silly tax idea??? Simply stated, boards must return to accountability for executive compensation so that is ensures that all the organization’s stakeholders get rewarded.

So what do you think government’s or a shareholder's role should be on “say on pay”?

Accountability

Sun, 22 Mar 2009 00:00:00 GMT

I have tried to stay on the sidelines because a number of people are blogging about the AIG bonus issue, but I can’t contain myself any longer. This is likely to be part one of a three or four part series, because this issue, in my opinion, is much larger than just the public’s reaction to these bonus payments.

First, no one that earned and received these bonuses at AIG is guilty of anything. They did their job and deserved to be rewarded for their efforts based on contractual agreements. So I am not only saddened but ashamed of the blame game behavior of both the liberal and conservative news media and a number of very ignorant protestors camping out on AIG executive’s lawns.

If you have never worked in a variable compensation model it is impossible to understand the pressure of carrying a quota or delivering the next great source of new revenue. Therefore, targeting these very blue collar individuals to interview on TV just makes the situation worse.

So, if these executives aren’t to blame then who is? It is a long list – the senior executives who built the compensation models, followed by the compensation committee and the board of directors for AIG that approved them. Next in line is the US Government for not being proactive in evaluating and better adjusting or confirming these bonuses when AIG first was asking for money. Congress comes next for not reading Dodd’s language – which expressly allows for the bonuses to be paid. Finally this is just another faux pax by the Obama administration. The President’s Chief of Staff needs to clean house of their PR and protocol staff because their actions and mistakes in the first 60 days of this administration are comical to the point of being criminal.

Do I think that all these multi-million dollar bonuses that a number of companies that took bailout money are fair or justified, no I don’t. But that isn’t the question on the table. If these payments were being decided in a court of law, not a court of public opinion, there isn’t a case to be made that these should not be paid. The Constitution, if it made it to the Supremes would also support payment.

The real conversation should be about Board accountability and “Say on Pay.” For the moment I am going to concentrate on accountability and will save comments on say on pay until my next installment.

President Obama’s reaction to AIG bonus payments isn’t the first time has echoed the public’s outrage. Most American’s felt pretty much the same way when executives on Wall Street and executives from bailed out banks received significant year-end bonuses and other compensations. The President followed up with a “close the barn doors after the cows are in the pasture” $500,000 salary freeze for executives of organizations that take new Federal funds. If I am to believe CNN the average American thinks a $500,000 salary package is unbelievable – almost immoral.

So how much is a CEO worth? In this silly quarter to quarter world we live in they seem to be worth a lot for what seems to be very little sustained performance. If there are “criminals” in this process it is the compensation committee chairs and boards that approve these crazy compensation plans. Incentive compensation is all about moving the needle. If as a CEO I can show growth, profitability, new market expansion, or ?? to improve my company’s share value and sustainability I am worth a lot, and no one should complain because by moving the needle every stakeholder of the company is getting rewarded. But let’s get serious, the transactions and deal sizes have gotten crazy and justification of paying a small “percentage” of the deal is ludicrous. Don’t misunderstand me, I get hard work, creativity and value and don’t balk at million dollar plus bonuses – but $20 million? Boards have to step up, dig in and bring some collective sensibility to this process.

What do you think?

EthicsPoint Announces Webcast Series: Managing Risk in the New Economy

Thu, 19 Mar 2009 00:00:00 GMT

Industry leaders deliver guidance and best practices on business ethics, compliance

Portland, Ore. (PRWEB) March 19, 2009 -- EthicsPoint, a leading provider of hotline and anti-fraud reporting and case management services, is offering a series of webinars on compliance, ethics and risk issues in the current business climate. Thought leaders from across the governance, risk and compliance (GRC) industry will provide insights and advice for finance, human resources, security and audit professionals confronting the new risks facing businesses today.

Webinar Details:

Ethical Integrity Leadership: Setting the Tone from the Top

Who: Howard Sklar, vice president and global anti-corruption leader, American Express Company What: An overview of the impact of tone-at-the-top on ethical behavior throughout the organization and an examination of different methods for turning tone-at-the-top into an operational reality using examples from government and the private sector When: Friday, March 27, 2009 at 10:00 AM PDT/1:00 PM EDT

 

Anti-Money Laundering and the Foreign Corrupt Practices Act - Are you ready?

Who: Ellen Zimiles, founder and CEO, Daylight Forensic and Advisory LLC What: Best practices for establishing effective FCPA compliance programs including risk assessment, policies and procedures, internal auditing controls and investigating due diligence When: Tuesday, March 31, 2009 at 10:00 AM PDT/1:00 PM EDT

Developing a Culture of Honesty and Integrity …is Not Easy!

Who: Bob Phillips, president, RW & Associates, Inc. What: Cultural change initiatives that help change behaviors and achieve peak organizational performance from the author of Absolute Honesty; Building a Corporate Culture that Values Straight Talk and Rewards Integrity When: April 8, 2009 at 10:00 AM PDT/1:00 PM EDT

Designing, Implementing and Maintaining an Effective Corporate Compliance Program in Healthcare Organizations

Who: John E. Steiner, Jr., Esq, CHC, CCEP, chief compliance officer, UK HealthCare of the University of Kentucky What: The fundamental building blocks for effective corporate compliance, including both offensive and defensive strategies for enterprise compliance programs across complex healthcare organizations. When: Wednesday, April 15, 2009 at 10:00 AM PDT/1:00 PM EDT

Archived Webinar: The Foreign Corrupt Practices Act (FCPA) Year in Review: How Recent Investigations and Prosecutions Will Impact Compliance Programs

Who: Danforth Newcomb, of Counsel and Philip Urofsky, partner, Shearman & Sterling LLP What: Lessons from recent FCPA enforcement cases and how they can be applied in practical, cost-effective ways to mitigate corruption compliance risk

Archived Webinar: HR + Ethics & Compliance = A Critical Partnership

Who: Vicki Sweeney, principal, ethics & compliance, KPMG What: The benefits of collaboration between Ethics and Compliance and Human Resources and how to cultivate a mutually beneficial partnership between Human Resource department, highlighting examples of applications KPMG uses to support common Ethics and Compliance and HR objectives

To register for an upcoming event or access archived recordings and presentation materials on-demand, visit EthicsPoint webinar resource center at http://www.ethicspoint.com/resources/webinars/default.aspx.

About EthicsPoint EthicsPoint enables organizations to foster a business culture of integrity and compliance. We help our clients protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of behavior that may be inconsistent with their code of conduct, to the subsequent investigation and resolution of these cases. Over 2,000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.

For more information, visit www.ethicspoint.com.

Contact: Toni Cole, Edelman (503)471-6841

Copyright 2009 EthicsPoint, Inc. EthicsPoint and the EthicsPoint logo are trademarks or registered trademarks of EthicsPoint, Inc. All other trademarks are the property of their respective owners.

Blowing the Whistle Just Got Easier

Wed, 18 Mar 2009 00:00:00 GMT

With the passage of the American Recovery and Reinvestment Act of 2009 (ARRA), commonly known as the Stimulus Act, $500,000,000,000 (sorry I just wanted to type all those zeros) is now being moved into employers across a wide spectrum of industries to stimulate our economy.

If you work for or run an organization that is in defense, education, energy, environmental cleanup, government technology, healthcare, housing, hunger assistance, infrastructure projects, scientific research or transportation you are first in line for these funds.

That is the good news. The bad news is that within the Act is the McCaskill amendment which significantly broadens the scope of whistleblowing and puts EVERY EMPLOYER at serious risk.

The Amendment to the Act does not cover Federal Employees (they have the Whistleblower Protection Act), but is extended to all private employers and state and local governments, including their contractors and subcontractors, who receive Stimulus funds. This means if I get ARRA funds and I hire you as my contractor, and you hire a sub-contractor(s) to complete the project – every organization in this chain is accountable to the McCaskill amendment.

The Act significantly expands the whistleblowing provisions defined under SOX includes “internal disclosures, including disclosures made by employees in the ordinary course of performing their job duties.” Attorneys Allen Roberts and Frank Morris of EpsteinBeckerGreen did a great job of detailing this act and I encourage you to review their whitepaper.

I hope you are listening. This means that not only should every employer have a methodology to support anonymous reporting, but they need a methodology to document, classify, escalate and otherwise track issues brought forward which would be considered relevant information through an “open door policy.” Here are the “violation types” or talk tracks specifically identified:

Gross mismanagement of an agency contract or grant relating to Stimulus funds,

Gross waste of Stimulus funds,

Substantial and specific danger to public health or safety related to the implementation or use of Stimulus funds,

Abuse of authority related to the implementation or use of Stimulus funds, or

Violation of law, rule, or regulation related to an agency contract or grant awarded or issued to Stimulus funds.

This law puts the responsibility firmly on the employer as there does not need to be a preponderance of evidence of retaliation, in fact it can be circumstantial. Therefore, the employers should implement and consistently follow procedures that document their actions during and post receipt of any disclosure.

Should employers retaliate against the "whistleblower," the action is swift and significant. The Office of the Inspector General is bound by the Act to review and make a determination within 30 days of the validity of the claim. If the claim is deemed valid, the Act requires the IG’s office to make a determination within 180 days. The complainant is entitled to reinstatement, back pay, compensatory damages, attorneys’ fees, and if warranted exemplary damages. If it goes to trial the complainant is entitled to a jury trial and the Act specifically removes any employer right to arbitration.

Finally there is no preemption to this Act, so States have the option to add to this Act if they feel it “necessary.” So over time this could be become very messy.

The bad news isn’t over yet. Everyone is waiting for Health and Human Services to promulgate the Act’s requirements for changes in HIPAA privacy regulations. When they do I will let you know the risks and requirements.

Full Disclosure – EthicsPoint is a market leader in Hotline/Helpline &amp; Issue Management market. We will no doubt benefit from the passage of this legislation, but my intent is not to encourage or scare you into purchasing products and services from our company. My concern is one of big government, that in my opinion, just got a lot bigger and the downstream risks to smaller private employers in the Stimulus Act are significant.

March Madness

Mon, 16 Mar 2009 00:00:00 GMT

It's that time of year again - the NCAA Men's and Women's Basketball Championship. Get ready for a slew of articles about how much productivity is lost while people research their brackets, fill them out, debate the merits of each team, and follow along Thursday and Friday as the games are played (oh yeah, and blog about it!).

So who do you like? Me? I like Stanford. But, unfortunately, the Mighty Cardinal men failed to make the Big Dance this year (nor did they qualify for the NIT, but they are in something called the CBI. Whatever.). The Women's bracket isn't out yet, but as the No. 2 team in the nation, I'm predicting a Number One seed, and I'll be projecting them to upset UConn in the final.

So without my beloved Cardinal men to cheer on, what should I do? Rather than stick with the Pac-10, which is what I've done in the past, I've decided to broaden my horizons. So this year, I'm rooting for one of the following to win: Ohio State, Utah, West Virgina, Robert Morris, BYU, Texas A&amp;M, Northern Iowa, Marquette, Cornell, California, Oklahoma State, UCLA, VCU, Minnesota, North Carolina, Butler, Syracuse or Stephen F Austin.

If I didn't name your alma mater, there's an easy way to get on this list - simply join these fine institutions, and sign up as an EthicsPoint customer! In the meantime, I'll be cheering on these fine teams!

PBCC may pay Ethics Point to track complaints

Mon, 16 Mar 2009 00:00:00 GMT

By KIMBERLY MILLER

Palm Beach Post Staff Writer

Ethics complaints at Palm Beach Community College may soon funnel through a private company under a proposal that school officials acknowledge is a little "big brother."

College trustees will consider a $6,000 contract today with the company Ethics Point, an Oregon-based firm that would be responsible for taking complaints from PBCC students or employees and routing them to the correct school office.

Richard Becker, PBCC's administration and business services vice president, said the arrangement is necessary so that information about campus safety or ethical lapses doesn't get lost in the system.

"With just about every financial collapse, someone comes forward and says 'I knew about this and I wish I knew who to go to with the information,'" Becker said. "This gives them the ability to do it anonymously through a third party vendor."

Complaints can be reported to Ethics Point via the Internet or by phone. Operators log the complaint and send it to the appropriate office at PBCC for investigation. The system also gives school administrators a way to audit and follow up on all complaints coming into the college.

Becker said no specific incident prompted the proposal, but there are several examples of how people tried to report wrongdoing only to be thwarted by the system.

The Securities and Exchange Commission is currently investigating how allegations it received about Bernie Madoff's multi-billion dollar Ponzi scheme were never investigated.

"You almost can't afford not to do this," Becker said about the agreement with Ethics Point. "This is big brother and senior management isn't beyond being looked at also. If you're doing stuff that's legal and proper you don't need to worry about it."

The annual contract costs about $3 per full-time employee. PBCC's bill will be about $6,000 per year.

Ethics Point has more than 300 schools as clients, including Cornell University, University of Pennsylvania and Tufts University.

If approved by PBCC trustees, the program is expected to begin at PBCC in the fall.

FCPA in the Spotlight

Thu, 12 Mar 2009 00:00:00 GMT

Some of you may have noticed I recently added a blog role to this page over on the right. (I also added a "My Faves" and the mint love letters at Babbo are to die for, but I digress). For those of you in compliance at large organizations, I strongly recommend the FCPA Blog - this is a great place to get timely commentary on corruption, FCPA violations, compliance and more.

I mention it because today they recognized the work of Dan Newcomb and Philip Urofsky, who publish the FCPA Digest - a great resource for people interested in recent trends and patterns in the enforcement of the FCPA.

On the shameless plug side of things, I'm very pleased to provide a venue for Dan and Philip to present on The FCPA Year in Review: How Recent Investigations and Prosecutions Will Impact Compliance Programs, as part of EthicsPoint's ongoing webinar series. Click here to register!

We've put a big focus this year on hosting relevant, interesting webinars - partnering with experts such as Dan and Philip to share their knowledge, advice and experiences. If there is a topic you'd like to see covered, please let me know.

Whistleblower Programs: Challenges for Multinational Companies

Tue, 10 Mar 2009 00:00:00 GMT

Whistleblower Programs: Challenges for Multinational Companies," provides an overview of the challenges faced by multinational companies when implementing Sarbanes-Oxley compliant whistleblower programs in the European Union and other countries. The note also briefly describes approaches to implementation that companies can use to address these challenges. The information is general in nature and subject to change, as this area of the law continues to evolve.

Direct link to download PDF.

 

via Skadden, Arps, Slate, Meagher & Flom LLP, March 10, 2009 Katherine D. Ashley, Gary DiBianco, Dana H. Freyer, Matthias Horbach, Pierre Servan-Schreiber

 

A New Look at the Internal Auditing Standards…Applying Them Every Day and What’s Changing

Mon, 09 Mar 2009 19:02:29 GMT

Our presenter, J. Michael Peppers, Associate Vice President & Chief Audit Officer, University of Texas M. D. Anderson Cancer Center, past ACUA President, and current member of the IIA Standards Board, will help us discover how the new International Standards for the Professional Practice of Internal Auditing (issued January 1, 2009) will impact the profession.

Contracts and Covenants

Mon, 09 Mar 2009 00:00:00 GMT

Yesterday morning I honored my daughter’s wishes and attended the performance of the church bell choir she to which she belongs and loves. At the end of the week I didn’t have any intention of attending services but took one for the team, letting my wife and other daughter stay home to work and study, to hear our oldest daughter play the bells.

When I looked at the bulletin I saw that the homily was to be delivered by a Franciscan Monk. I can’t say that I was excited about the prospect. A number of years ago I spent some time in study of the Franciscan Order hoping to improve the work / family balance in my life. I sincerely admire their Order and mission of personal peace and harmony with the world around us. But after taking a vow of silence and spending two days in a monastery setting without speaking a word I knew that I am not cut out for the Franciscan lifestyle.

Much to my surprise and delight the homily was not only topical and insightful but also uplifting. The jist of his message was examining the difference between the “Contract God” we imagine and the “Covenant God” that spoke to Abraham.

This caused me to think about my own management style and the way in which I deal with people and provide stewardship for my family. Without a doubt I live a contract driven life. I will give or reward you with this, if you are successful in providing that. Get good grades, get a car. Drive revenue and get a promotion, more pay and more recognition. Work hard, save money to your 401K, be prudent with your investments and you will be rewarded with monetary security and someday retirement – oops.

What happened to my contract? Given the recent sub-prime and other implosions the global economy my 401K, as I was reminded during the homily, has been reduced to a 200 1/2K.

The homily went on to describe God’s covenant relationship with Abraham. This is a great story regardless of your religious persuasion. Imagine being a 99 year old guy that God taps on the shoulder and says “time to get started.” But this “mission” wasn’t (according to the Friar’s homily interpretation) a contract to go and build a nation, but rather a covenant of unconditional trust, expectation and hope.

While I it is unlikely I will shift completely away from my contract roots, I hope that I can translate some of this teaching into the way I interact and support my team and family. I have always strived to deliver integrity in my “contracts.” During these uncertain times, I want to find a fitting level of integrity as I set clear expectations, trust in the commitment and abilities of the people we have chosen and trained, and inspire hope for the future.

Meric Bloch Series Part 3: Reporting the Investigation Findings and Post-Investigation Issues

Wed, 04 Mar 2009 16:23:06 GMT

What role technology?

Wed, 04 Mar 2009 00:00:00 GMT

BusinessWeek ran an interesting article yesterday, Tech That Combats Employee Fraud. While I thought the article was well written, what I found most interesting was the series of comments posted by readers on the web page. One poster was incensed that companies might deploy keystroke loggers or monitor website usage of employees. Another thought it was perfectly acceptable, as we wouldn't condone watching movies all day on a DVD player or spending hours on the telephone ordering items from a Sears catalog.

I think these people are missing the point.

Culture is Key

Technology should be an enabler, supporting the strategies and tactics employed to meet corporate objectives. When combating fraud, fostering and maintaining an environment of integrity, honesty and ethical decision-making is far more important than deploying technology to inhibit or root out misconduct. The Ethics Resource Center's National Workplace Ethics Survey clearly shows that having a positive work environment strongly correlates to minimizing misconduct.

So How Much Big Brother?

The other comment I'd make relates to management philosophy on how much monitoring is necessary. I'll leave it to the lawyers to argue where and when the line is crossed when infringing on the right to privacy for employees. But my own personal management style is to set expectations, and then let my reports live into them. At the end of the day, I care whether the work is done - with high quality - and that my employees act with integrity and respect for others and follow our code of conduct. Since I have no issue if they work long hours - including weekends - I don't really feel that I should have an issue with them taking time to view Youtube, update their Facebook accounts, shop online, IM, or other activities that others believe shouldn't be done on "company" time. In my mind, the lines between "company" and "personal" time have blurred.

If I have an employee who chooses to not to live up to our agreed upon objectives and expectations, then I have a management problem that I need to correct. Similarly, if they break the law, or violate our code of conduct, then I will take appropriate actions. Technology may help me identify these adverse situations, augmenting the culture I help set for our employees, but in the end, I hold myself accountable for hiring great people, treating them with respect and allowing them to be professionals.

What do you think? What is the "right" amount of employee monitoring?

Proud Papa

Tue, 03 Mar 2009 00:00:00 GMT

If you read my first blog post, you’ll probably remember that I promised to try really hard not to let this become just another vehicle for pushing corporate marketing messages. I may be on the fine edge of breaking that promise today, but I just have to do it.

Over the weekend we launched a brand new web site, and I am really proud of it. I think it really accomplishes what we set as our objectives for the project:

Make it simple to understand what we do

Provide content that can help our existing customers do their jobs better

Represent who we are as a company and individuals – open, approachable, friendly

There’s still a LOT to do; more content to be added, a new section with photos and bios (not of our executives, but of all the people who make us successful; our client service representatives; our sales people; our call center specialists, etc.), more case studies – the list goes on and on. In the meantime, I encourage you to check it out and send me and my team your feedback.

Finally, I would be remiss if I didn’t do a couple of very well deserved shout outs:

To the team at Pollinate Media, for exceeding our expectations and being such a great partner in this project.

To Grady Locklear, for spearheading our effort to highlight all the cool things our customers are doing.

And finally, to Rodica Buzescu, for everything. There is no way we could have made it to this day without your energy, enthusiasm, skill and dedication. You truly exemplify the values that make EthicsPoint great!

The Great Debate

Tue, 03 Mar 2009 00:00:00 GMT

How do you teach Ethics? There have been a lot of op ed and blog posts lately about how US and European business schools need to increase the focus on business ethics within their curriculum. On one level my reaction is, "well, duh!" Academic research has overwhelmingly confirmed that companies with strong cultures of integrity suffer fewer incidents of fraud, have lower turnover, decreased costs and outperform their less "ethical" competitors.

But on another level, I wonder to what degree a university or graduate school can truly change the nature of an individual with 18-25 years of life experience. Furthermore, how effective will that learning be if higher principles are not adhered to in their work environments once the students leave academia?

I bring all this up because our CEO, David Childers, is participating in the OICF Ethics Bowl and Great Debate this weekend. A lot of schools have ethics bowl challenges for their students (which I think is a great experience for all involved), but I really like the twist the OICF has introduced this year with the Great Debate. On Friday night the tables will be turned, as the judges - including David and other local CEOs - will be asked to debate an ethical challenge and subsequently judged by the student debators. David has written about this year's subject in his blog.

I see this as a great way to reinforce with the students that business leaders truly do care about making decisions of integrity, and that the lessons of the classroom really do have applicability in the outside "real" world. What do you think - can ethics be taught?

The SEC Sucks

Mon, 02 Mar 2009 00:00:00 GMT

When retiree Phyllis Molchatsky filed suit in NY against the SEC in December 2008 for failing to protect investors I just looked at it as going after the deepest pockets. But after watching the 60 Minute segment on Sunday night I think she may be justified in pointing the blame their direction.

In the CBS interview, Harry Markopolos was asked how many times he sent materials to the SEC. Markopolos calmly responded, "May 2000. October 2001. October, November, and December of 2005. Then again June 2007. And finally April 2008. So five separate SEC submissions."

Markopolos is not superman, he is a 52 year-old accountant who said he was able to see that something was wrong in minutes and it only took him 2 hours of study to prove it. He went on to say that the SEC was full of lawyers who were great at scrutinizing documents, but were not trained or capable of identifying fraud.

A few weeks ago I was watching the news where a congressman asked if they could bring the regulators associated with the issue into the hearing room. When asked why, he responded because “I want to tell them they suck at their job!”

It seems that the SEC does suck at its job. There is no shortage of litigation around the Madoff matter. My question is can and should the SEC and its regulators be held directly liable for failing to protect shareholders?

Santa Clara Signs onto EthicsPoint Reporting Service

Mon, 02 Mar 2009 00:00:00 GMT

Santa Clara University has gone public with its deployment of an ethics hotline and reporting system from EthicsPoint that enables members of the campus community to confidentially report issues or concerns related to criminal or unethical or otherwise inappropriate behavior, including discrimination, harassment, campus safety, cheating, and substance abuse.

You can’t make this stuff up…

Thu, 26 Feb 2009 00:00:00 GMT

A friend of mine sent me this link tonight (http://www.truthout.org/022409J) and it is so sad it is almost comical. What a pathetic politically correct world in which we live. If the implications of this are factual then God help us all.

EthicsPoint's David Childers to judge student debate at OICF Ethics Bowl

Wed, 25 Feb 2009 00:00:00 GMT

EthicsPoint’s David Childers to judge student debate at OICF Ethics Bowl Childers and other local business leaders to debate business ethics in Great CEO Debate WHO:    David Childers, CEO of EthicsPoint and frequent lecturer on the subject of business ethics, will serve as a judge and debater at the 2009 Ethics Bowl in Portland, Ore. Portland-based EthicsPoint helps over 2,000 organizations around the world build a sustainable culture of integrity through anonymous whistleblower hotlines and integrated case management solutions. WHAT:    The Ethics Bowl is an annual student debate competition judged by business leaders in which student teams debate the ethical implications of real-world scenarios. The event is hosted by the OICF and includes teams from 10 local colleges. This year, the event also includes a Great CEO Debate, in which the roles are reversed as two teams of business leaders debate an ethics dilemma related to the economic crisis. Participants include senior executives from EthicsPoint, The Regence Group, 24-Hour Fitness, Legacy Health System and Qwest Communications, among others. WHY:    The collapse of the financial sector and revelation of large-scale corporate frauds reinforced the importance of ethics in business. The Ethics Bowl is designed to raise students’ awareness of ethics and the role it plays in their lives and future careers. The Great CEO Debate offers local business leaders the opportunity to share their views on ethics within the context of the current business environment. WHERE:    Great CEO Debate: Portland Center for Performing Arts Dolores Winningstad Theatre 1111 SW Broadway Portland, OR 97205    Ethics Bowl Student Debate: B.P. John & Clark Commons Marylhurst University 17600 Pacific Highway (Hwy 43) Marylhurst, OR 97036-0261 WHEN:    Friday, February 27 7:30 PM    Opening Event & Great CEO Debate     Saturday, February 28 8:30 AM – 3:20 PM    Opening Plenary Session & Rounds 1-4 of Competition

3:30 PM – 4:40 PM    Final Round of Competition (Top Two Teams) 4:45 PM – 5:00 PM    Awards Ceremony & Closing Remarks 5:00 PM – 6:00 PM    Reception & Team Recognition TO LEARN MORE:    Contact:    Toni Cole, 503-471-6841, toni.cole@edelman.com Visit www.oicf.org/ethicsbowl.htm for more information on the 2009 OICF Ethics Bowl.

Blowing the Whistle

Tue, 24 Feb 2009 00:00:00 GMT

Sorry that I have been away for so long, it isn’t for the lack of desire – too many responsibilities with the year-end, shareholder meeting and 2009 growth demands.This weekend I began to prepare for my participation in the “Great Debate” sponsored by the Oregon Independent College Foundation (OICF). It seemed to be the appropriate Blog subject and I was incredibly lucid in my thinking, but following a system crash I had to redo this blog post; and it now comes with an epiphany – if Microsoft made cars we would walk to work three or four times a week.

As I now sit here on Monday night, after a very long day of work and a session with my personal trainer who seems to just live to kick my ass I am far less lyrical.

In an earlier post I mentioned my involvement with the University of Arizona and the Eller Ethics Bowl. I find my time with these very bright and inspired students to invigorate my thinking and challenge me to be a better mentor.The OICF Ethics Bowl is an academic competition that stresses the importance of ethics in the workplace, combined with leadership, decision making, and interpersonal relations. So aside from being a judge on Saturday, this Friday I will be on stage with 7 other CEO's in Oregon, judged by a student panel from the OICF's member schools debating a current ethical dilemma.

The topic is all too real. A senior bank executive, who is not part of the lending operations, discusses the impending risk they see based on the bank’s sub-prime policy with the bank’s CEO. The CEO tells the executive they have always been a team player, but have also always been too risk adverse. The CEO explains that the bank had hedged against the sub-prime risk and that while they appreciate this concern; a more immediate concern is the less than stellar growth numbers the executive’s division is reporting. The executive goes home and tells their spouse that they are conflicted at work. The spouse’s response is “how do we pay our bills and keep our kids in private school if you lose your job?”

The question for the panel is basically “what’s a girl to do…” This scenario can be played a dozen different ways. A single mom sees her boss doing something wrong, but how do you pay the rent if you are retaliated against. This is a real problem and while I can discuss the how and why surrounding the importance of having the right culture to report misconduct it doesn’t answer the question.In this case, a person raised their hand, expressed an opinion and was told there is no risk and you better get your personal house in order if you keep pushing this agenda.However, I can also turn the tables. People at Peanut Corporation of America must have seen and felt the same way. They didn’t want to lose their jobs, but by the last week in January, the number of tainted peanut butter salmonella cases had reached 600, at least nine people are dead and PCA is bankrupt.

So I ask you – how could this executive be more effective in exposing this risk? Or, should they remain silent?

Cleveland Diocese offers fraud hot line

Tue, 24 Feb 2009 00:00:00 GMT

The Catholic Diocese of Cleveland announced Tuesday that a financial-misconduct hot line has been established to report any concerns about suspected financial wrongdoing.

Risks Facing Private Equity in the New Economy

Wed, 18 Feb 2009 11:39:20 GMT

The effect of the ongoing economic turbulence has drastically altered investment strategies. Are you prepared to adapt?

Is Information and Knowledge Becoming a Commodity that Higher Education Cannot Afford?

Wed, 18 Feb 2009 11:31:20 GMT

Learn from the Director of IT Policy and Law at Cornell University about prominent government regulations affecting higher education information technology.

Program allows anonymous reports of wrongdoing

Wed, 11 Feb 2009 00:00:00 GMT

Iowa State is not perfect, and violations of school policy occur. Those who want to report these occurrences while wishing to remain anonymous can use Iowa State’s EthicsPoint hotline system.

IAPP Summit

Tue, 10 Feb 2009 20:38:24 GMT

The annual IAPP Privacy Summit focuses on international topics, policy and strategy. Recognized as a leading forum for the discussion and debate of privacy policy, the Summit features expert speakers, representing Fortune 50 corporations, government agencies, privacy advocacy groups and researchers.

Don't Waste My Time!

Wed, 04 Feb 2009 00:00:00 GMT

I’ve wanted to write this post for the past two months, but have held off so as to protect the innocent. You see, I’ve spent a significant amount of time lately reviewing and interviewing candidates for a Product Manager (Welcome, Scott!!!!) role on my team. This is a time-consuming job in the best of times, but much more so now - there are a LOT of people looking for jobs.

What’s been especially frustrating in this process are the people who make it to the initial phone interview and are unprepared. My first question is always, “Based on your research, what do you think are our biggest challenges?” I can’t tell you how many educated, experienced people told me they really didn’t know much about our company so they couldn’t answer the question.

Look, I’m not expecting them to have insider’s information – I just want to get a sense for their business savvy (especially since my follow up question is always, “how would you solve that challenge?”). I’ll be honest - I find it insulting and disrespectful of my time to come to an interview that unprepared, and if you can’t answer that question, you probably aren’t getting into the second round. With the Internet, there really is no excuse for not knowing what we do, with whom we compete, who we list as customers, etc. (this is far easier than calling up companies and asking for their annual reports, which is what I was taught to do in college!)I thought about these encounters the other day at our 2009 sales and marketing kick off meeting.

Our sales team has been organized by industry segment for the past 3-4 years, and it makes so much sense (I really don’t know why so many software companies organize by geography). When our sales reps get on a call with a prospect, they are prepared to discuss the relevant regulations, laws, challenges, etc. that a company in that segment would face. They are able to offer concrete evidence of how we can help mitigate those challenges, including a litany of customers just like them who have successfully used our technology in their daily lives. In short, they can have a valuable conversation right off the bat, rather than wasting the time of the person on the other end of the phone!Watch for the changes in the way we market coming soon – and let me know if you ever feel I’m wasting your time!

Turning Point in History?

Mon, 02 Feb 2009 00:00:00 GMT

Ronald Regan and Abraham Lincoln are my two favorite presidents. Both faced very difficult times in our country’s history, and both responded with personal strength and conviction to shape and dramatically change in our world. Both were masters of compromise and communication.

What is remarkable about these great leaders is that neither of them is recognized for bringing a “big IQ” to the Office.One of the quotes I like and feature on this blog is from Ronald Reagan. Regan said, “There are no easy answers, but there are simple answers. We must have the courage to do what we know is morally right.”Tomorrow is a big day for our nation and a turning point in our history. Not because of the color of Mr. Obama’s skin, but because of the way our nation is responding to its new leader, the promise of a new direction and a new hope for our future.

As I think about the problems our country faces today and the important role our new president will play, I am prayerful that Mr. Obama will have the moral courage to do what is right for the country. Some of the early decisions he has made give me great hope, others frankly give me pause. He has selected a number of individuals for his cabinet who are not only bright, but are free thinkers. Can he control the conversation and will he have the conviction to lead despite what is politically expedient? How important do you think Mr. Obama’s first 100 days in office will be?

2008-2009 Integrity Survey

Mon, 02 Feb 2009 00:00:00 GMT

Image by ~jjjohn~ via FlickrI just started reviewing KPMG’s Integrity Survey 2008-2009, and a bit like the Edelman Trust Barometer I mentioned in an earlier post, this is a pretty staggering report for anyone concerned with the state of ethics and integrity in business today. I’m pretty consumed right now getting our new web site ready for its imminent launch, so don’t really have time to highlight all the great statistics – I’ll do that in a later post. In the meantime, I’d encourage anyone with an interest to download the report.

SaaS vs. On-Premise Solutions: The ROI of Proactive Case Management

Mon, 02 Feb 2009 00:00:00 GMT

Many organizations have implemented an anonymous hotline service to capture reports of issues and events that violate a written code of conduct. Yet valuable information remains hidden within these organizations, and operational risk remains higher than it should. Companies can realize an immediate ROI through proactive case management of these reported issues and events. Proactive case management goes well beyond utilizing a hotline or web-based reporting and analyzing issue and event reports in a spreadsheet. Coordinating risk management across legal, HR, finance, IT, and business operations requires a centralized and systematic approach to capturing and processing reports of theft, safety violations, employee misconduct, etc. And building an ethical culture requiresmore than just formalization of policy management and increased employee awareness.

However, a comprehensive and proactive case management approach not only helps the organization reduce overall risk – and reduce the costs of ethical and legal transgressions – but can also significantly reduce the overall costs of risk management itself. This research paper will identify the benefits and returns on investment from a proactive case management approach driven by a state-of-the-art SaaS solution – including time savings, cost avoidance, cost containment and SaaS-related efficiencies.

FPL may be fined millions for '08 outage

Wed, 28 Jan 2009 00:00:00 GMT

FPL may face millions in fines from federal regulators because of an outage last year caused by an engineer's blunder.

Florida Power & Light expects to get hit with 25 or more violations of reliability standards and perhaps millions of dollars in fines for an outage last year in which a field engineer's blunder caused about one million customers statewide to lose power.

Trust Me!

Tue, 27 Jan 2009 00:00:00 GMT

The 2009 Edelman Trust Barometer report was just released, and frankly, the news is depressing. Trust in U.S. business is at all time low among “informed publics” ages 35 to 64 – lower today than after the Enron scandal and dot-com bust. The data from Europe isn’t much better, though emerging economies such as China seem to be faring better on this scale. The data that should encourage those of us in business, however, is in the section on why trust matters: 91% of 25-to-64-year-olds around the world indicated they bought a product or service from a company they trusted, and 77% refused to buy a product or service from a distrusted company (my emphasis). Here at EthicsPoint we’re extremely proud of our nearly 100% customer retention record, but this report is a good reminder that we can’t rest on our laurels, and simply listing customer orientation as a core value is not enough. We have to earn your trust every single day. If we fall short of that, please let us know, and hold us accountable to the commitments we make.

Risky Business

Mon, 26 Jan 2009 00:00:00 GMT

Despite what I tell my 13 year old son, I really am not a trendsetter, nor a very good prognosticator of things to come (my latest investment summary statement will more than confirm that statement!). But I like to believe I’m at least smart enough to recognize a trend – especially when lots of really smart people are already talking about it. And what I’m hearing and reading a lot lately is that companies are really shifting their focus from compliance to managing risk.

Interesting report I just finished reading Forrester Research Analyst Chris McClean’s latest research, Trends 2009: Governance, Risk, And Compliance Hit The Big Time. (You’ll need to either have a subscription or purchase this report to view it). In the summary, Chris writes:

“Another bubble burst. The chain reaction stemming from the credit crisis caused an implosion of the global economy. Political, corporate, and economic leaders have argued ferociously about how we can reverse the damage, questioning business ethics, the role of government, and even fundamental economic assumptions. While the dust settles, professionals responsible for governance, risk, and compliance (GRC) will play major roles in transforming the corporate landscape to reduce the possibility for another such collapse. Process and technology strategies in 2009 will focus on risk standardization, increasing oversight, performance and risk management coordination, evolving expectations of corporate responsibility, and big shifts in GRC technologies.”

In the subsequent report four out his five big trends in GRC for 2009 have managing risk more efficiently as a central theme. If this isn’t at the top of your priorities for this year, why not?

Reasons for a Strong Compliance & Ethics Program: Avoiding the Big Legal Stick

Mon, 26 Jan 2009 00:00:00 GMT

An effective and diligent ethics &  compliance program can help prevent liability disasters.“Any rational person attempting in good faith to meet an organizational governance responsibility would be bound to take into account this development and the enhanced penalties and the opportunities for reduced sanctions that it offers.”

Click to view the presentation.

Internal Hotlines vs. Third-Party Systems

Sun, 25 Jan 2009 00:00:00 GMT

This white paper describes the major factors for consideration when determining whether to develop and manage an ethics and compliance “hotline” reporting system or to select and implement a third-party solution.

Beyond Compliance: Implementing Effective Whistleblower Hotline Reporting Systems

Sun, 25 Jan 2009 00:00:00 GMT

“Hotline” reporting systems have been in use for more than two decades, and have proven an effective method for detecting workplace fraud and abuse. In response to the corporate disasters that were brought to light by whistleblowers, Congress included in the Sarbanes-Oxley of 2002 the requirement for a “hotline” reporting system to accept employee allegations of financial and accounting fraud. But the use of these reporting systems has spread rapidly into non-profits, colleges, universities, and K-12 school districts. The categories of reports taken through these hotlines includes not only accounting issues, but human resources, IT, bribery and acceptance of gifts, misuse of assets, environmental concerns and other compliance areas. Once viewed as a simple “tip line”, the modern hotline reporting system has been elevated to a comprehensive tool for managing an organization and reinforcing cultural ideals and the code of conduct.

The Corporate Governance Movement

Sun, 25 Jan 2009 00:00:00 GMT

Citing from the resource:

The corporate governance movement began during the last century and continues to this day. Roots of the movement can be traced to the publication of The Modern Corporation and Private Property, by Adolf A. Berle and Gardiner C. Means in 1932, which argued that dispersion of equity ownership in the modern corporation had separated ownership from control. Later that same decade, shareholder “gadflies” arose to try to exercise more control through shareholder resolutions.

Click here to read the full article.

Defining the Role of the Chief Ethics & Compliance Officer (CECO)

Sun, 25 Jan 2009 00:00:00 GMT

When appropriately designed and situated in an organization, ethics programs—and the officers who lead them—can and do make a difference. The key is to have a program that is adequately structured, with sufficient authority and responsibility given to its designated leader to carry out his or her responsibilities. When this happens, a proper tone is set from the top, an ethical culture grows, and misconduct is reduced. By contrast, a Chief Ethics and Compliance Officer (CECO) who serves as window dressing likely does more harm than good, especially in times of difficulty.

Click here to download the article.

Financial fraud: Does an economic downturn mean an uptick?

Sun, 25 Jan 2009 00:00:00 GMT

As economic conditions soften around the globe, fraud risks for businesses appear to be on the rise. A slowing economy may increase pressure on companies to meet — and often exceed — short-term performance goals (sometimes at the detriment to the organization in the long-term) or to demonstrate that shareholder value has improved due to management’s leadership. In some instances, organizations may expect results that can be achieved only in a thriving economy. It is this mindset in slower economic times that can contribute to increased fraudulent activity.

An Opportunity for Transformation

Sun, 25 Jan 2009 00:00:00 GMT

Rapidly accelerating pressures fuel the need for internal audit to transform its thinking from financial controls-centric to shareholder value-centric—and to drive efficiency into traditional internal audit processes.This PwC whitepaper examines key topics for internal audit transformation: •    It’s time to question the internal audit status quo•    The shareholder value challenge•    How to unleash the power of internal audit

Click to download the entire report from PWC.

How can the CEO make the difference?

Sun, 25 Jan 2009 00:00:00 GMT

Too many companies have made the headlines because of illegal and unethical conduct. The cost to a company in terms of fines, penalties, reputation and lost business can be staggering. The individual costs to those involved can be shattering. We hear much about the need for the right tone at the top, but what does this mean in practical terms?

Click to download the entire article.

Compliance and Technology: A Special Report on Process Improvement and Automation

Sun, 25 Jan 2009 00:00:00 GMT

This white paper on compliance and technology is the product of a joint effort by PricewaterhouseCoopers, Virsa Systems, Inc., and CFO Research Services (CFO-RS). The paper gauges the progress of companies as they work toward ongoing compliance with the internal control provisions of the U.S. Public Company Accounting Reform and Investor Protection Act of 2002, commonly referred to as Sarbanes-Oxley (S-O). With research conducted by CFO-RS, the paper assesses the current state of S-O compliance, with a focus on how companies are using technology to automate internal controls in their compliance systems. The study is based on the results of an electronic survey of senior finance executives at 180 major public companies as well as in-depth interviews of senior executives at 10 companies.

Click here to read the full report.

ACFE – Report to the Nation

Sun, 25 Jan 2009 00:00:00 GMT

According to research conducted by the Association of Certified Fraud Examiners (ACFE), U.S. organizations lose an estimated 7 percent of annual revenues to fraud. Based on the projected U.S. Gross Domestic Product for 2008, this percentage indicates a staggering estimate of losses around $994 billion among organizations, despite increased emphasis on anti-fraud controls and recent legislation to combat fraud.

Click here to download the entire report.

SEC stresses importance of compliance

Sun, 25 Jan 2009 00:00:00 GMT

In an open letter released Tuesday, the SEC warned chief executives of registered financial services firms to be vigilant when it comes to keeping their compliance programs in order.

In the letter, Lori Richards, director of the U.S. Securities and Exchange Commission compliance inspections and examinations office, stressed the importance of protecting the interests of customers, clients and shareholders.

Compliance is necessary to protect everyone, including the integrity of firms, she wrote.

Click here to read the full article.

Predicting the unpredictable: Protecting aerospace & defense companies against fraud, reputation and misconduct risk

Sun, 25 Jan 2009 00:00:00 GMT

This white paper provides step-by-step guidance to aerospace and defense companies on how to develop an effective antifraud program, which goes beyond financial statement risk to cover such areas as reputation, operational, legal and strategic risks. While it may not be possible to eliminate the risk of fraud altogether, with proper planning, policies and procedures, a company can at least identify it early and minimize its damage. Furthermore, the aerospace and defense industry is unique in that the programs are large, competition is high, and the compliance area is complex with significant penalties for non-compliance, creating additional incentives and pressures that can lead to fraud.

Privacy Protection and Compliance in Higher Education: The Role of the CPO

Sun, 25 Jan 2009 00:00:00 GMT

Privacy—and the loss of it—attracts attention. Few issues enjoy a higher national profile. And in the growing list of data breaches reported over the last year, the leading industry sector has been higher education. Colleges and universities now find themselves in the spotlight as they grapple with an increasingly complex legal and regulatory environment relating to information privacy and security. It is not surprising, then, that a recent survey of college and university attorneys identified the proliferation of privacy regulations and technology to be among the most important issues and trends emerging for higher education in the next five to ten years.

Top Nine Health Industry Issues in 2009

Sun, 25 Jan 2009 00:00:00 GMT

Top nine issues addressed in the report include:

Impact of economic downturn

Underinsured and uninsured

M&A in the pharmaceutical industry

Prevention

Genetic testing

Technology

Hospitals - pay for performance

Payers and employers using incentives for healthier lifestyle

ICD-10

 

Cost of corporate fraud far outweighs cost of legal compliance

Sun, 25 Jan 2009 00:00:00 GMT

Several years ago, an epidemic of corporate accounting scandals at Enron, WorldCom and a host of other companies rocked the financial markets, wiped out investment accounts and pension plans, and threw workers into unemployment lines. Congress responded to the public outrage by passing the most comprehensive package of corporate reform legislation in decades -- the Sarbanes-Oxley Act of 2002.

Click here to download the article.

Top 10 Business Risks in 2009

Sun, 25 Jan 2009 00:00:00 GMT

The new Ernst & Young report identifies the top 10 global business risks by analyzing the top risks identified for some of the world's most important industry sectors. It also highlights the risks “below the radar” that could also have a significant impact over the next three to five years. The top 10 risks identified (2008 rankings in parentheses) are:1.    The credit crunch (2)2.    Regulation and compliance (1)3.    Deepening recession (New)4.    Radical greening (9)5.    Non-traditional entrants (16) 6.    Cost cutting (8)7.    Managing talent (11)8.    Executing alliance and transactions (7)9.    Business model redundancy (New)10.    Reputation risks (22)

Click here to read the full report.

The Role of Board in Governance

Sun, 25 Jan 2009 00:00:00 GMT

From the article:

Director activities vary by company. A good list of director duties can be found in state corporation statutes. Delaware Corporation Law, for example, says the "business and affairs" of Delaware corporations "shall be managed by or under the direction of a board of directors," and lists certain corporate decisions that can be made only by the board. This broad mandate for the board is consistent with laws of other states. It is also consistent with the Model Business Corporation Act of the American Bar Association, which many states use to guide their statutes.

Click here to read the full article.

Analyst predicts utilities to gain from stimulus

Wed, 21 Jan 2009 00:00:00 GMT

The emphasis of the proposed stimulus package on energy infrastructure could provide a significant boost to the utility sector in 2009, an analyst said on Wednesday.

Baird analyst David Parker maintained a "Positive" outlook for the sector, based on President Barack Obama's prioritization of energy infrastructure. Parker expects the plan to push profit growth above average. The proposed $825 billion recovery package would be comprised of infrastructure investments and tax cuts, with planned allocations for renewable energy, highway construction, energy efficiency, transmission and clean water.

Inspirational vs Scare Marketing

Wed, 21 Jan 2009 00:00:00 GMT

On powerful people and enterprise software. What gets your attention? What drives you to make a buying decision? As a marketer, I think about this all the time – how can I explain the benefits of my solution and motivate you to want to learn more or even buy it? I remember a professor in business school telling me that people ultimately want to be richer, more attractive, more powerful and perhaps healthier – if you can promise those things, you’ll be successful.

Unfortunately, enterprise software rarely makes the list of things people look for in a mate, so I need to appeal to prospects on a different level.Scare marketing isn’t the way to build a relationshipI think the easy way out is to use “scare” tactics; identify the bad things that can happen if you don’t have my solution (“Employee Fraud rises During Economic Downturns,” “Executive Caught Embezzling – Is it Happening to You?” “Avoid Huge FCPA Fines”!”). Sure, you’ll get attention – people slow down to gawk at car accidents, watch “reality” crime shows and listen to bombastic radio hosts, right?– But I don’t think you’re helping your brand or starting the relationship with your future customers off well when this makes up the bulk of your messaging.

Focus on value Instead, I’d prefer to be more inspirational - which I think actually ties back to the root motivators identified by my professor. If I can help you save time, save money, reduce risk, eliminate daily frustrations, etc. ultimately you will become richer and more powerful (pay raises and promotions come to those who help their organizations achieve these things). I won’t promise to never use negative stories in my marketing, but I do hope to keep them to a minimum.

What are your thoughts? What gets your attention?

Shameless plug Oh, and if you are worried about the rates of fraud rising in these tough times, you may want to check out our upcoming webinar. Meric Bloch, VP of Compliance and Corporate Investigations, Adecco Group North America, is an expert on workplace investigations, and promises to share his insights on how to fight fraud.

My Latest Ethical Dilemma

Tue, 13 Jan 2009 00:00:00 GMT

Late in 2008, I bought a new car and, because I’m such a wonderful father, I traded my old car with my youngest daughter. This meant she got to replace her 2001 Hyundai (worth only a few thousand dollars) with my old 2004 Mercedes, which she agreed was an excellent deal. Not wanting to list and sell her old car myself, I found a broker through my network of friends. He agreed to sell the car for a modest fee. We listed the car and within a couple of months the car was sold.

To date, I have yet to receive any money and we soon came to realize that we, along with several other people in Portland, had been taken by a broker who had skipped town.Right now, I own – e.g. have the title in my possession - the Hyundai. A very nice person, to whom I have only spoken briefly on the phone, paid cash to the broker for this car and now has possession of it, but no title. The police tell me that if I so desire, I can claim the car a stolen and they will arrest this person and hopefully get my car back. My insurance company tells me that they consider the car stolen as well. But they can’t process any claim I might have until the police are involved.

About a month ago, the court appointed attorneys for the broker told us that there was a surety bond in place and that when all the claims were processed we would see some proceeds from the bond. Yesterday I got a registered letter saying that the claims amounted to just over $620,000 and there was a surety bond in place in the amount of $40,000. So my math says I will get about $6.00 for every $1,000 my car was worth. Of course there are likely to be some attorney fees involved so my $30.00 windfall may go down.Here is my dilemma. The person who bought my car did so in good faith. He paid cash for the vehicle (and, in my opinion, paid a premium price). If I file a claim for this money, I will be forced to call him a thief and send the police or a private towing company to reclaim my car. I would then get the car back to clean up and re-sell and he gets nothing. I haven’t checked to see if there is any tax benefit from me taking this as a loss, but if I do, how do I deal with the title of this car – for which, by the way, I am still paying the insurance on?

Candidly, I won’t miss a meal if I just write this off, but there doesn’t seem to be any roadmap as to how to make this a win-win.What would you do in my place?

About This Blog

Thu, 08 Jan 2009 00:00:00 GMT

I’ve got a confession to make, and like many confessions, this is a bit embarrassing to me.This is my first blog post. Ever. I’ve had marketing leadership roles in technology for more than 20 years. I have Twitter, Facebook, Delicious, LinkedIn, Digg, Naymz and a bunch of other Web 2.0 accounts. I routinely read a number of blogs. I believe in the value of these technologies so much, I even immediately explained to my CEO that we were going to start blogging, and that included him when I first started here in mid September. Not only did he enthusiastically agree, but he beat me to the punch and already has started posting.

I don’t know why it’s taken so long, but now really is a good time to start my own blog. I’ve learned a number of things since joining EthicsPoint: My coworkers truly care about doing the right thing and exceeding the expectations of our customers. The people here are friendly, approachable and passionate about what they do. This passion is appreciated– I’ve heard over and over when talking to our customers that they really like the personal attention they’ve received from Employee A and B. But as a company, we haven’t taken advantage of the technologies that can improve our communication and strengthen our relationship with you.

Blogs are just one way we’re changing that. So, in order to walk the walk, I’m belatedly – but happily - entering the blogosphere. Because I’m blogging as the leader of the marketing team at EthicsPoint, many of my posts will touch on things relevant to our industry, business ethics in general, marketing and will include some company info as well. But I’m going to try really hard not to have this become just another vehicle to push our marketing messages. You can get those on our web site, through our case studies, press releases, whitepapers, sales presentations, etc. Instead, I’m essentially going to write about things that you and I might discuss if we were having a beer together after a day of work.Hopefully you’ll find it useful, interesting or thought-provoking. But whether or not I hit the mark, I sincerely hope you’ll join the conversation and let me know your thoughts.

With More Oversight on the Horizon, Drugmakers Work to Polish Image

Thu, 08 Jan 2009 00:00:00 GMT

The pharmaceutical industry, confronting sluggish growth, low prestige and the prospect of more-aggressive government oversight, is moving on several fronts to burnish its image and align itself rhetorically with the health reform goals of President-elect Barack Obama and the Democratic Congress.

 

 

Integrity vs. Ethics

Wed, 07 Jan 2009 00:00:00 GMT

The first thing you should know is that I actually hate the use of the word “ethics”.Over the next few months I plan to write about things that I believe are shaping our industry and influencing the way in which organizations address ethics and compliance. Despite being the CEO of a company called EthicsPoint, the first thing you should know is that I actually hate the use of the word “ethics” when applied to the business world. The problem is that, in its purest form, a person or organization is considered either ethical or unethical based on their actions. But as you and I know, life doesn’t work like that.

Illustrative Case: What to Do About Child Labor? Let me give you an example…Since 2003, I have had the pleasure to work with Paul Melendez at the University of Arizona, where they hold a world-class Ethics Bowl in the fall of each year. More than 20 universities from around the world send teams of two extremely bright and engaged students to share their solution to a “hypothetical” ethical dilemma. Every year that I have judged this event there are always one or two groups of students who take the ethical high-road. One year the case presented involved a company’s foreign country sub-contractor using child labor to harvest the raw materials that supplied 75% of the company’s revenue. Unfortunately, child labor is a common practice in this country and one that is difficult to control. One group of students recommended to immediately stop using the contractor and find another geographic source for the raw material. Their solution was clearly the “ethical bright-line”, but enacting their solution would in all likelihood bankrupt the organization in a matter of weeks.

The Better Way: Finding a Creative Business Solution of High Integrity. Instead of “ethics,” I prefer to use the term “integrity”. In the example above it is easy to see what the righteous solution might be, but we do not live in a perfect world and often are unable to instantly mitigate a terrible situation. In this case the best solution is to invest in education and governance around the supply chain’s labor policies; knowing that while you work to correct the problem your profits will be affected and some child labor will undoubtedly be used. Frankly a business decision of high integrity, like investing to change a paradigm and accepting the fact child labor is still in use, could be considered by an “outsider” to be unethical.Building a sustainable ethical culture takes time and requires difficult decisions to be made as well as learning from our mistakes.When business leaders are faced with tough decisions that affect people’s livelihood or the sustainability of a business’ franchise the best possible response is often likely to be “baby steps” of high integrity that begin to reshape the values of the organization.

Unfortunately, because we live in a two-quarter-at-most-world, a lot of great companies initially find themselves in the penalty box for making these kinds of long-term decisions.(If you would like to see how the issue of child labor in developing countries is being addressed, I encourage you to visit the International Cocoa Initiative’s website. )

That’s all for now – what are your thoughts? Do you agree that we need to make a distinction between “ethics” and “integrity” or do you feel I’m off base? Should I have judged the example above differently – was the ethical high road the right one to take? Let me know by posting or sending me an email directly.

Data Breaches Up Almost 50 Percent, Affecting Records of 35.7 Million People

Tue, 06 Jan 2009 00:00:00 GMT

Businesses, governments and educational institutions reported nearly 50 percent more data breaches last year than in 2007, exposing the personal records of at least 35.7 million Americans, according to a nonprofit group that works to prevent identity fraud.

Up in Smoke: Better oversight needed of charity dollars

Mon, 05 Jan 2009 00:00:00 GMT

With charitable organizations reporting declines in giving because of the poor state of the economy, it's imperative that groups ensure that every dollar is spent wisely.

OCEG Red Book

Mon, 05 Jan 2009 00:00:00 GMT

Citing from OCEG's description:

Leading publications including The Wall Street Journal, Business Finance magazine, InsideCounsel magazine, Treasury & Risk Magazine, Compliance Week, and academic journals have recognized the Red Book. It is widely lauded for articulating the value of integrated GRC and demonstrating that it is possible to achieve this value. After three years of use by organizations of various size and type, and receipt of feedback on that use, it is time to update the Red Book to reflect the evolution of GRC that the OCEG community has driven.

Click to download the Red Book.

 

We Need to Talk

Thu, 01 Jan 2009 00:00:00 GMT

Welcome to my blog. This is my first blog…ever! The purpose of my writing here is to offer some insight into what I believe is driving my business, our industry, and the regulatory environments in which we operate.

I begin this dialog with more than 20 years of experience as a CE0, Board member and technology change agent in hopes of starting a passionate dialog about the issues we face. My goal is to generate some creative ideas that support innovation and operational success. I invite you to consider the issues I will present and respond to this blog – I want to hear what you have to say!Those who know me will say that I always speak my mind and, although this tends to make my legal team a little nervous, I wouldn’t change this quality about myself.

Anyway, I generally have an opinion on things - okay, okay, I have a strong opinion on everything! - and I'd like to share it here. However, for this blog to be of value it must be honest and interactive. It must be bold. I assure you I will be honest regardless of how irreverent it may seem, but the interaction depends on you.

For now, I leave you with a thought of what’s to come: my vision for the next couple of years is that supply chain management, from a governance, risk and compliance (GRC) perspective, is one of the most important issues to be addressed. I am hopeful we will talk a great deal about it here and that we can share examples of ways to improve the process.

Fry's Official Faces Fraud Charges

Tue, 23 Dec 2008 00:00:00 GMT

A top executive at Fry's Electronics Inc. has been arrested on federal charges that he defrauded the retailer of $65 million in a kickback scheme, using much of the money to repay huge gambling debts at Las Vegas casinos.

In Madoff’s Wake, Scrutiny of Accounting Firms

Sun, 21 Dec 2008 00:00:00 GMT

As more details unfurl in the Bernard L. Madoff fraud case, so do the lawsuits. And the big accounting firms, which oversaw many of the feeder funds that funneled billions of dollars into what prosecutors describe as the largest Ponzi scheme ever perpetrated, are likely to be among the defendants.

Bribe Payers Index

Tue, 09 Dec 2008 00:00:00 GMT

As the effects of the financial crisis are being felt around the world, Transparency International’s 2008 Bribe Payers Index (BPI) exposes the degree to which companies of the leading exporting nations are likely to engage in bribery when doing business abroad.

North Kingstown launches EthicsPoint whistleblower hotline

Tue, 02 Dec 2008 00:00:00 GMT

Got a beef with your boss? Think a councilman is crooked?

Town employees, vendors and even students can now complain online about government abuse -- without fear of retaliation.[...] But those who fear retaliation can rely on the anonymous reporting system, which is handled by EthicsPoint, an Oregon-based company.

 

Director of the SEC sends open letter to CEOs on critical importance of compliance

Tue, 02 Dec 2008 00:00:00 GMT

On December 2, 2008, Lori A Richards, Director of the SEC sent an open letter to CEOs of SEC-Registered companies stressing the critical importance of the compliance function within organizations, and strongly urging companies to avoid making cuts in this area during these economic tough times.

EthicsPoint Revamps Ethics Reporting at University of Utah

Mon, 01 Dec 2008 00:00:00 GMT

With a new ethics hot line system, anonymous ethical questions from University of Utah staff and faculty have more than doubled, said Randy Van Dyke, assistant vice president for auditing and risk services at the University. EthicsPoint, based in Portland, Oregon, manages the University’s hot line, which is dedicated to reporting unethical practices on campus. Since the University started using EthicsPoint services two years ago, reports have doubled. “Prior to that time, we administered a hot line internally,” Van Dyke said. “But we changed to EthicsPoint because it was becoming standard practice to outsource this type of arrangement in the wider business community.”

EthicsPoint Selected as Hotline Provider for Liberty Public Schools

Thu, 27 Nov 2008 00:00:00 GMT

Within eight weeks, Liberty Public Schools will be installing and activating a fraud, waste and abuse hotline. The hotline will be accessible by staff, students and the community."The EthicsPoint system was the least expensive of the options but provides the highest quality service," he said.

From Bake Sales to Tenure, Ethics Issues are Featured in Week’s Education News

Mon, 17 Nov 2008 00:00:00 GMT

Bake sales have become the latest casualty in the battle over whether schools should manage the quality of food that students eat on campus. California’s tough new nutritional standard for public schools have made the staple of fundraising pretty much a thing of the past, reports the San Francisco Chronicle. State guidelines dictate that any food sold on campus during the school day meet certain guidelines as to fat and caloric content — rules that eliminate most bake-sale fare. Some parents told the Chronicle that the restrictions are draconian and put a significant dent in a proven fundraising strategy — a problem in times of financial crisis. Advocates counter that the goal of the recently enacted legislation is simply to protect students and stem obesity, and that schools had set themselves up for this situation by becoming dependent on a fundraising tactic that was inherently bad for children.

NIH to step up public access policy compliance efforts

Tue, 04 Nov 2008 00:00:00 GMT

The National Institutes of Health (NIH) announced that it will check applications, proposals, and progress reports to ensure compliance with the Public Access Policy that went into effect in April.

Inquiry Spotlight: GRC, Q4 2008

Mon, 03 Nov 2008 00:00:00 GMT

Governance, risk, and compliance (GRC) continues to be a hot topic of interest for security and risk professionals. Between July 2007 and July 2008, Forrester's security and risk management team received 1,798 inquiries on a variety of topics — 198 of which were from clients interested in GRC. Of the GRC-related inquiries recorded, 46% covered compliance best practices, 32% concerned GRC vendor selection, and 24% addressed risk management.

Click here to read the entire article from Forrester.

Security And Risk Professionals: Must-Read Research In An Economic Downturn

Thu, 30 Oct 2008 00:00:00 GMT

As the global economy stands on the brink of a complete meltdown, the role of the security and risk management professional is never going to be more important than it is right now. With so many unknown hurdles still ahead, it's up to you to help navigate your company through uncertain times. What five things do you need to do now?

1) Prioritize your projects and fight for your budget;

2) properly secure all your information and infrastructure assets;

3) put governance, risk, and compliance (GRC) projects on your CEO's priority list;

4) make sure your business is resilient and can respond to any disruption; and

5) share your security and risk perspective within and beyond your organization.

Click here to read the entire article at Forrester.com.

Internal Audit Guide

Thu, 16 Oct 2008 00:00:00 GMT

Citing from OCEG's description:

The OCEG Internal Audit Guide (OIAG) can be used by:

Internal auditors completing an internal audit of GRC Capabilities.

Audit committee members, to gain an understanding of the means to achieve GRC objectives.

Oversight and strategic personnel, including those charged with governance responsibilities, who need to understand the necessary and desirable components of a GRC Capability, and how to implement appropriate mechanisms within their organization.

GRC strategic and operational professionals, such as chief compliance and ethics officers, as the Guide helps them to understand what to expect of an effective assessment program.

Operational personnel who may be subject to GRC Capability audit, as the Guide provides useful preparatory information.

Fraud More Than Doubles For Travel, Leisure And Transportation Companies Losing An Average Us$2.5 Million Over Past Three Years

Mon, 15 Sep 2008 00:00:00 GMT

The average travel, leisure and transportation company loss to fraud has increased by 66% largely driven by the credit crunch and tough economic climate, according to the latest Kroll Global Fraud Report. Companies lost an average of US$2.5 million to fraud in the past three years, compared to last year's figure which stood at US $1.1 million. The figures are a result of a survey Kroll commissioned from the Economist Intelligence Unit of 890 senior executives worldwide.

EthicsPoint Ranked #701 on the Inc. 5,000 List of Fastest-Growing Companies

Fri, 22 Aug 2008 00:00:00 GMT

PORTLAND, Ore., August 20, 2008 — EthicsPoint, the market leader in business process optimization for Issue, Event, and Loss Management, announced today that it has been selected as one of the Inc. 5,000 fastest-growing companies in America by INC. magazine. To qualify for the award, companies must be U.S.-based, privately held, and independent, having been founded and generating revenue by 2003. Companies are ranked according to percentages of revenue growth from 2003 through 2006.

The list is the most comprehensive look at the most important segment of the economy – America’s independent-minded entrepreneurs. “Our second annual Inc. 5000 continues the most ambitious project in business journalism,” said Inc. 5000 Project Manager Jim Melloan. “The Inc. 5000 gives an unrivalled portrait of young, underreported companies across all industries doing fascinating things with cutting-edge business models, as well as older companies that are still showing impressive growth.” 

“The past twelve months have marked a period of unprecedented growth as EthicsPoint continues to deliver extraordinary products and services to the Governance, Risk, and Compliance marketplace. Our clients trust us to provide the tools they need to manage risks and deal with an ever-evolving regulatory environment,” said Tom O’Keefe, executive vice-president of EthicsPoint.

EthicsPoint’s list of accomplishments in 2008 has been significant. EthicsPoint was recognized twice by the Portland Business Journal as the 6th Fastest-Growing Technology Company in the Pacific Northwest and 20th Fastest-Growing Private Company overall in Oregon. Within the Inc. 5000 assessment, EthicsPoint ranked 8th fastest growing in its geographic region.   

"Inc. supports and embodies the entrepreneurial spirit of America, and we are very pleased to receive this honor" said David Childers, president and CEO of EthicsPoint. “This national recognition means a lot to our team. Their commitment to client satisfaction has provided us a consistently high customer retention rate, which I believe reflects the true measure of our success.”

###

About EthicsPoint EthicsPoint is the market leader in business process optimization for Issue, Event, and Loss Management. The company provides a robust, on-demand, single-platform workflow solution that leverages an industry-leading global hotline and report management system. EthicsPoint’s comprehensive solution can cost-efficiently integrate detached, localized activities or provide immediate point solution benefits. The EthicsPoint solution is used by over 1,700 clients in a variety of industries worldwide to incorporate compliance initiatives and business process management via an on-demand, Software-as-a-Service delivery model. For more information, visit www.ethicspoint.com.

About Inc.com Inc.com, the daily resource for entrepreneurs, delivers how-to guides, advice, tools, breaking news, and rich multi-media to help business owners and CEOs start, run, and grow their businesses. Inc.com offers dynamic marketing solutions to help advertisers effectively reach Inc.com's audience of business leaders. Visit http://www.inc.com.

Data security: What the law requires of IT

Mon, 18 Aug 2008 00:00:00 GMT

IT's legal duty to secure sensitive data is complex and continuously evolving. Here's how to avoid the legal ramifications of a data breach.

EthicsPoint, Inc. Named Oregon's 6th Fastest-Growing Technology and Software Company

Fri, 25 Jul 2008 00:00:00 GMT

PORTLAND, Ore., June 25, 2008 — EthicsPoint, Inc., the market leader in business process optimization for Issue, Event, and Loss Management, was ranked the 6th fastest-growing technology company in the region.       The list of Fastest-Growing Technology and Software Companies, compiled annually by the Portland Business Journal, is based upon percentage growth from 2005 – 2007. Earlier this year, EthicsPoint was ranked 20th among the 100 Fastest-Growing Private Companies in Oregon. This annual ranking is based upon percentage growth across all industries in this same time period.

“The past twelve months have marked a period of unprecedented growth as EthicsPoint continues to deliver extraordinary products and services to the Governance, Risk, and Compliance marketplace. Our clients trust us to provide the tools they need to manage risks and deal with an ever-evolving regulatory environment,” said Tom O’Keefe, executive vice-president of EthicsPoint.

“I am delighted with the array of recognition that EthicsPoint has received this year,” says David Childers, EthicsPoint’s president and chief executive officer. “These achievements are evidence of the dedication and expertise of our team, and I am proud to share this award with each and every one of them.”

PCC offers Web site for financial disclosures

Wed, 09 Jul 2008 00:00:00 GMT

From Portland Community College's websitewww.pcc.eduThe irony of having a really good system to empower whistleblowers is, you pray you never need it. That’s the situation Portland Community College finds itself in as it unveils EthicsPoint software this summer. EthicsPoint is a Web site and a toll-free telephone number for students, staff and faculty – and for the community at large – to report potentially inappropriate financial activity committed by someone at PCC...

EthicsPoint Receives Honorable Mention for the QSR Applied Technology Award

Wed, 02 Jul 2008 00:00:00 GMT

EthicsPoint's Issue and Event Manager receives an honorable mention for the QSR Applied Technology Award for its two-way communication between El Pollo Loco's employees and human resource staff members. In the past, El Pollo Loco—like many other chains—provided a hotline for employees to report violations of its Code of Business Ethics and Conduct. But as the brand grew, the chain’s human resources team realized it needed a better way to solicit and address employee concerns.

EthicsPoint, Inc. Named Oregon's 20th Fastest Growing Private Company

Mon, 23 Jun 2008 00:00:00 GMT

PORTLAND, Ore., June 23, 2008 — EthicsPoint, Inc., the market leader in business process optimization for Issue, Event, and Loss Management, was recently ranked 20th overall on the list of the Top 100 Fastest-Growing Private Companies in Oregon. This is the second consecutive year that the company has been ranked in the Top 100. Last year the company was ranked eighth.

"We are pleased to be recognized as one of Oregon's fastest-growing private companies for the second year in a row,” said Tom O’Keefe, executive vice president of EthicsPoint. “EthicsPoint has focused on what we do best – delivering innovative software and services to support Governance, Risk, and Compliance needs worldwide – and we are honored to be recognized again in the top 20."

The annual Top 100 Fastest-Growing Private Companies in Oregon list recognizes the privately owned companies in Oregon that have demonstrated the most revenue growth and includes companies in industries such as healthcare, real estate, and technology. The list was compiled by the Portland Business Journal newspaper.

"This award belongs to everyone at EthicsPoint,” said David Childers, EthicsPoint’s president and chief executive officer. “I sincerely and gratefully give credit to the dedication, skill, and creativity that our team delivers every day as they serve our clients and more than eight million stakeholders around the globe.”

Chicago Mayor Richard M. Daley to Address the 7th Annual Compliance and Ethics Institute

Tue, 17 Jun 2008 00:00:00 GMT

Because government entities are increasingly faced with the need to implement ethics and compliance programs, this year's program includes a one-day track devoted specifically to compliance and ethics issues faced by city and county governments. Mayor Daley will discuss the significant efforts underway in the City of Chicago to develop an effective ethics and compliance program.

EthicsPoint CEO, David Childers, Named Among 100 Most Influential People in Finance

Mon, 09 Jun 2008 00:00:00 GMT

Portland, Ore. – June 9, 2008 – EthicsPoint announced today that David Childers, its president and chief executive officer, was recently named one of the 100 Most Influential People in Finance by Treasury & Risk Magazine. Mr. Childers was listed among other top technology leaders from IBM, Oracle, Archer Technology, Business Objects, SAP, and SAS.

“This is a tremendous honor, and I am deeply humbled,” said David. “To be considered a leading industry contributor, and to be mentioned in the company of so many outstanding leaders, is an incredible feeling.”

Under Mr. Childers’ leadership, EthicsPoint has become the market leader in business process optimization for Issue, Event, and Loss Management. EthicsPoint has been named one of The Portland Business Journal’s 100 Fastest-Growing Private Companies for two years running and was chosen one of Oregon Business Magazine’s Top 100 Best Companies to Work For in 2006. 

“David is an invaluable asset to EthicsPoint,” said General Merrill A. McPeak, chairman of the board for EthicsPoint. “I have served on the board of many companies, and in my experience, his thought leadership, forward thinking, and grasp of technology are unparalleled.”

Mr. Childers is a pioneer in the field of Governance, Risk, and Compliance. He is a member of the Ethics Officers Association and the National Association of Corporate Directors and is a charter member of the Open Compliance and Ethics Group (OCEG), a coalition of the nation's business leaders assembled to develop compliance standards and guidelines. Mr. Childers also serves on the OCEG steering and technology committees, where he is responsible for the development of issue awareness and resolution guidelines and best practices. He is also a frequent lecturer on the subject of business ethics.

Treasury & Risk Magazine summarizes Mr. Childers’ achievements: 

“While heading up a company that provides sophisticated solutions for enhancing governance, Childers finds time to contribute to the broader ethics and compliance community by serving on nonprofit organizations dedicated to improving the principles of good governance.“

To read more about the nomination, please visit: http://www.treasuryandrisk.com/article.php?article=1337

Anatomy of a Financial Fraud

Fri, 02 May 2008 00:00:00 GMT

William "Jay" Zubick was issuing change orders almost as fast as his contractor in Idaho could write them down. Battling a serious heart infection, the 42-year-old investment counselor and Ironman triathlete decided in January 2007 that rather than return to his home in an exclusive gated estate community on California's Monterey Peninsula, he would take his wife and four children to the lakeside home he was having built in Coeur d'Alene to convalesce.

EthicsPoint Successfully Completes SAS 70 Type II Audit

Thu, 01 May 2008 00:00:00 GMT

Portland, Ore. – May 1, 2008 – EthicsPoint, Inc., a market leader in business process optimization for Issue, Event, and Loss Management, announced today that it has received SAS 70 Type II certification, an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). Third-party auditor Plante & Moran, PLCC, performed the audit, which is an independent report on the design of EthicsPoint’s business processes and procedures. "We are thrilled to receive this important certification,” said David Childers, president and chief executive officer of EthicsPoint. "We pursued the more arduous Type II certification to demonstrate the rigorous processes, procedures, and internal controls we have in place surrounding our on-demand, Software-as-a-Service solutions." The Sarbanes-Oxley Act of 2002 requires that publicly held companies verify that certain of their service providers have adequate controls in place to protect the information housed with that third party. A SAS 70 Type II Service Auditor's Report provides this verification. SAS 70 is the authoritative guidance that allows service organizations to disclose their control activities and processes to their customers and their customers' auditors in a uniform reporting format. A SAS 70 examination demonstrates that an independent firm has reviewed and examined an organization’s control objectives and activities. At the conclusion of a SAS 70 examination, a formal report, including the auditor’s opinion, is issued to the organization.  Click here to learn more about SAS 70.

Helpline Hotline Handbook (OCEG)

Thu, 24 Apr 2008 00:00:00 GMT

Citing from OCEG's description:

This Helpline/Hotline Handbook (HHH) is designed primarily for chief compliance officers, chief ethics officers, chief information officers, chief legal officers, those responsible for operating the helpline/hotline system and the helpline/hotline program and those responsible for investigating and reviewing allegations of inappropriate behavior. However, the Handbook will also be helpful to directors, executives and senior managers charged with governance responsibilities to better understand the mechanisms and processes involved in handling inquiries and issues and the information conveyed through internal reporting and metrics about the nature of inquiries and issues and their outcomes. Lastly, the HHH will also assist internal auditors in their efforts to plan assessments and establish assessment criteria.

Click to download the Helpline Hotline Handbook from OCEG.

 

Data Breach Notification Laws, State By State

Mon, 18 Feb 2008 00:00:00 GMT

Five years after California's landmark SB 1386, this interactive map shows you which 38 states have passed laws requiring companies to notify consumers whose personal information has been compromised.

Accounting Firm Must Pay $521 Million in Fraud Case

Wed, 15 Aug 2007 00:00:00 GMT

A jury on Tuesday ordered accounting firm BDO Seidman to pay more than $351 million in punitive damages in a negligence case, bringing BDO's potential liability in the case to about $521 million.

Whistleblowing and Good Governance - Policies for Universities, Government Entities, and Nonprofit Organizations

Fri, 01 Jun 2007 00:00:00 GMT

The Sarbanes-Oxley Act of 2002 (SOX) has forever changed corporate governance for publicly held corporations. Recent data suggest that the costs of compliance with the provisions of SOX can be very significant. Because these mandated requirements apply almost exclusively to publicly held corporations, some companies have cited the high costs of SOX compliance as a rationale for going private. After all, SOX was developed in response to high-profile corporate scandals that included Enron, WorldCom, and Tyco, and was not designed to address problems in other sectors. Unfortunately, problems in corporate governance are not unique to public corporations.

Airline Fraud - Survey A report looking at fraud in the airline industry

Mon, 23 Apr 2007 00:00:00 GMT

Airlines around the world are operating in a volatile, complex and ever changing environment. The risk of fraud is at the forefront of airline leaders and internal auditors’ agendas. The impact of fraud, whether perpetrated internally or externally, is significant not only to the bottom line, but also to the operation and the reputation of the airline.

Telecommunications Provider Pays Over $1 Million In EPA Settlement

Tue, 18 Nov 2003 00:00:00 GMT

A Word of Caution! You should develop a plan to report and correct violations before you determine if you are in violation of environmental laws. The Audit Policy requires that you disclose violations within 21 days from the date the violation is "discovered." You must then correct violations within 60 days. Given these deadlines, it is best to develop a plan before you begin to evaluate your company's compliance. EPA is also willing to work with companies before an audit to develop inspection and correction schedules suitable for multi-site audits. Without a plan, you may not meet the Audit Policy deadlines and may be subject to much greater penalties for any violations you discover.

Eight Telecom Companies Issue Code of Conduct with Zero Tolerance Policies for Slamming & Cramming

Tue, 30 Nov 1999 00:00:00 GMT

Attorney General Ken Salazar announced today that his office and eight major telecommunications companies in Colorado have jointly issued a Code of Conduct to Address Slamming and Cramming. Slamming is the unauthorized change of a subscriber's carrier selection without those subscribers' knowledge or authorization. Cramming is the practice of causing unauthorized, misleading, or deceptive charges to be placed on consumer's telephone bills. Slamming and cramming are among the top areas of consumer complaints received by the Colorado Attorney General's office and other consumer protection agencies around the country. The Code is an effort to address to address the problems.

Is Developing an Ethical Business Culture a Matter of Luck?

Mon, 01 Jan 0001 00:00:00 GMT

What is better than the hottest gaming experience in town? When the casino has a compliance system that makes sure everybody is playing by the rules.

The Rezidor Hotel Group Checks in with EthicsPoint to Develop a Global Ethics and Compliance

Mon, 01 Jan 0001 00:00:00 GMT

Rising to the upper echelon of hotel companies in

Europe takes more than just attentive service and crisp

sheets. Operating brands such as Radisson Blu, Regent

and Park Inn, the Rezidor Hotel Group’s commitment to

Responsible Business has helped it become one of the

fastest-growing and most innovative hotel companies

worldwide.

Scripps Gets the Inside Scoop on Potential Misconduct with a Reporting Solution from EthicsPoint

Mon, 01 Jan 0001 00:00:00 GMT

While the E.W. Scripps Company employs many news reporters, the company is trying to encourage a different kind of reporting to help identify and resolve ethics issues in the workplace. If employees have concerns, Scripps makes sure they have every opportunity to report them and have their voices heard.

Jefferson County Public Schools Gets a Best-in-Class Reporting System with EthicsPoint

Mon, 01 Jan 0001 00:00:00 GMT

Back in the spring of 1829, the city of Louisville, Kentucky established its first public school system. Now known as Jefferson County Public Schools, the system currently has more than 99,000 students and 155 schools, many of which have received awards for excellence in education.

Samaritan Health Services Finds the Cure for the Common Compliance System with EthicsPoint

Mon, 01 Jan 0001 00:00:00 GMT

United by a set of core values and consideration for local health care needs, Samaritan Health Services is a regional network of Oregon hospitals, physicians and senior care facilities that serves the needs of people in the mid-Willamette Valley and the Central Oregon Coast.

EthicsPoint Helps Make a Connection Between Disparate Systems at Avaya

Mon, 01 Jan 0001 00:00:00 GMT

Enhancing productivity through communication: Avaya is a leading provider of business communication applications, systems and services. Avaya helps companies of all sizes around the world achieve exceptional results.

Texas Roadhouse and EthicsPoint Cook Up a Hearty Ethical Workplace

Mon, 01 Jan 0001 00:00:00 GMT

Passion, Partnership, Integrity and Fun... all with Purpose are the values that have built Texas Roadhouse’s success in providing guests Legendary Food, Legendary Service. Headquartered in Louisville, Kentucky, the company lays claim to the highest quality food in the industry such as hand-cut steaks, fall-off-the-bone ribs and made-from-scratch sides.

EthicsPoint Helps TELUS Signal a New Approach to Ethics Compliance

Mon, 01 Jan 0001 00:00:00 GMT

As TELUS grew from a merger of four companies into a national organization with a clear growth strategy, the company decided to adopt a structured, centralized approach to ethics compliance.

EthicsPoint Helps Cummins Keep a Consistent Company Culture

Mon, 01 Jan 0001 00:00:00 GMT

Cummins is driven by the idea that the power and

commitment of employees can make people’s lives

better. That vision extends on a global basis through 38,000 employees in 160 countries.

In turn, Cummins serves employees by acting responsibly to improve their lives and their communities.

EthicsPoint Unshackles the Full Potential of GEO’s Business Culture

Mon, 01 Jan 0001 00:00:00 GMT

The GEO Group, Inc (GEO), is a world leader in the delivery of correctional, detention, and residential treatment

services to federal, state, and local government agencies around the globe.

Conn's Looks To Gain New Insight

Mon, 01 Jan 0001 00:00:00 GMT

Conn’s, a Southern specialty electronics and home appliances retailer, is partnering with

EthicsPoint to gain greater transparency over internal communications on governance,

risk and compliance (GRC) issues by implementing a proven EthicsPoint solution that

already assists other major retailers in mitigating risk.



Conn’s sought a solution that would unify the multiple business units and departments in

order to gain a comprehensive, enterprise-wide view of organizational risk. This includes

wanting to improve processes across the company, increase their auditability and more

effectively protect their brand.

EthicsPoint Helps Propel the Risk Management System at Embry-Riddle

Mon, 01 Jan 0001 00:00:00 GMT

Embry-Riddle educates more than 34,000 students each year, and is the world’s largest fully accredited university specializing in aviation and aerospace.

Eggleston Services Significantly Increases Awareness of Adverse Events

Mon, 01 Jan 0001 00:00:00 GMT

Eggleston Services, a work and rehabilitation assistance group for individuals with disabilities, had worked with EthicsPoint since 2006 employing an employee hotline and case management system. And when COO Dave Wilber wanted to better capture and manage reports of critical incidents across all 20 locations that Eggleston manages, he knew he already had parts of the right system in place. What he needed was customization for their purposes, and to be able to quickly gather data and information needed for valuable internal reporting and CARF (Commission on Accreditation of Rehabilitation Facilities) accreditation, a business necessity in their field. Working with EthicsPoint’s Professional Services Team, he was able to create a custom portal that captures the information they need and have lead to measurable changes that have literally saved lives.

EthicsPoint Helps Santa Clara University Reinforce its Culture of Excellence

Mon, 01 Jan 0001 00:00:00 GMT

Founded in 1851, Santa Clara University has been

repeatedly honored and recognized for creating an

environment based on excellence.

Sutter Health Finds the Right Prescription for Hotline and Case Management with EthicsPoint

Mon, 01 Jan 0001 00:00:00 GMT

The Sutter Health network consists of some of the most respected physicians, hospitals and other healthcare providers in Northern California, all working together to provide high-quality health care.

EthicsPoint Helps Rubio’s Take a Fresh Approach to Ethics and Compliance

Mon, 01 Jan 0001 00:00:00 GMT

Not many companies are born as a direct result of a group of friends camping on the beach and basking in the sun at San Felipe.

EthicsPoint and Rock Bottom Restaurants, Inc, Partner to Brew a Positive Workplace

Mon, 01 Jan 0001 00:00:00 GMT

Fun is always on tap when you hit Rock Bottom, (RBR, Inc), the restaurant proudly admits. Built around the theory that friends enjoy gathering in a welcoming, upbeat environment with tasty food and handcrafted beer, RBR, Inc has enjoyed success as one of the country’s leading multi-concept, mid-scale restaurant brewery groups.

Con-way Drives its Ethics and Compliance Program with an Integrated Solution from EthicsPoint

Mon, 01 Jan 0001 00:00:00 GMT

Con-way sets itself apart from competitors by focusing on a commitment to ethics and care for customers. The company’s 29,000 employees are united by the core values of integrity, commitment and excellence. Based in San Mateo, CA, Con-way’s freight transportation and logistics services are used by 400,000 customers.

EthicsPoint Supplies Staples an Efficient Hotline and Case Management System

Mon, 01 Jan 0001 00:00:00 GMT

“Staples Soul” is a concept symbolized by a heart formed out of a paperclip. It stands for a commitment to diversity, the environment, the community, and ethics: the four cornerstones of Staples’ corporate responsibility.

Auburn University Keeps Close Watch on Ethical and Financial Risks with Help from EthicsPoint

Mon, 01 Jan 0001 00:00:00 GMT

The Auburn University creed states, “I believe in honesty and truthfulness... I believe in obedience to law because it protects the rights of all.” In the spirit of that creed, the 10,000 employees of Auburn University and its campuses are part of a university environment that reflects dedication to those values.

Should a Mid-Size Bank Invest in a System that Can Keep Fraud Risks in Check?

Mon, 01 Jan 0001 00:00:00 GMT

As part of the highly-regulated banking industry, Fulton Financial has spent years developing strong financial

controls to identify and resolve potential risks early.

Cataloguing Every Concern Keeps Coldwater Creek Efficient, Consistent and in Control

Mon, 01 Jan 0001 00:00:00 GMT

Coldwater Creek, based in Sandpoint, Idaho, is an integrated triple-sales-channel retailer of women’s apparel, jewelry, gifts and accessories through a growing number of premium

retail stores located across the United States, an e-commerce site at www.coldwatercreek.com, and direct mail catalogs.

EthicsPoint Helps Endesa S.A. Generate Increased Efficiency and Control

Mon, 01 Jan 0001 00:00:00 GMT

European companies adhere to principles of ethical business conduct and transparency, by means of self-regulation or in compliance with legislative reforms.

Texas A&M University System Integrates Scattered Lines of Communication with EthicsPoint

Mon, 01 Jan 0001 00:00:00 GMT

The Texas A&M University System is one of the largest and most complex systems of higher education in the United States, consisting of eleven universities, eight state agencies and a health science center. The Texas A&M University System educates over 109,000 students and reaches more than 15 million people each year through service.

EthicsPoint helps El Pollo Loco’s work culture take flight

Mon, 01 Jan 0001 00:00:00 GMT

Founded in 1975, El Pollo Loco now has 400 locations, operations in 14 states and a reputation for freshness, flavor and tradition.

The company’s commitment to chicken marinated according

to an award-winning, wholesome family recipe of herbs and spices, before cooked slowly over an open grill... is matched only by El Pollo Loco’s commitment to a safe, ethical workplace.

YMCA of Delaware Puts its Principles to Practice with EthicsPoint

Mon, 01 Jan 0001 00:00:00 GMT

The mission to serve its community is central to the YMCA of Delaware - that means efficient, productive operations and a commitment to responsibility and safety.

EthicsPoint Helps Foster Transparency in the Town of North Kingstown

Mon, 01 Jan 0001 00:00:00 GMT

The coastal community of North Kingstown, Rhode Island, is using technology to create an open, transparent local government.

Spirit AeroSystems Assembles a Technologically Advanced Ethics Program with Help from EthicsPoint

Mon, 01 Jan 0001 00:00:00 GMT

A belief in the power of partnerships with customers, suppliers, neighbors and employees is a big part of the philosophy at Spirit AeroSystems. Spirit is the world’s largest independent supplier of commercial aircraft assemblies and components with nearly 14,000 employees on three continents.

EthicsPoint Resources

Practicalities of an Ethics Management Program

Current FCPA Compliance Program Best Practices: Lessons Learned from Recent DPAs

The ROI of GRC: Making the Business Case for an Automated Governance, Risk and Compliance Solution

Whistleblowing 2.0: Upgrading From Compliance to Performance

Whistleblower Claims? Get HR Involved Early

IEM User's Guide

IEM Administrator’s Guide

epIEM Release Notes

IEM Administrator's Quick Reference

Data Privacy Supplemental Guide

Evaluating Your Compliance Program Under FERC's Penalty Guidelines

IEM Product Release 1 2012

FAQ Release 1 2012

Industry Leaders Merge to Form Leading Ethics and Compliance Company

The Impacts of Corporate Culture: Results of the CEB’s Risk Clarity Survey

IEM User's Guide Excerpt (March 2012 Release DRAFT)

Common Factors in Financial Misreporting

The FCPA in 2012: Enforcement Trends and New Best Practices

Hotline Reporting

ACUA Webinar: Understanding and Implementing the New IIA Standards

Last Day at LegalTech 2012 Brings Mergers, Collection Tools

After investing in two businesses in 2011, the firm has quickly exited two investments, including compliance company Global Compliance Services, which it held for roughly eight years.

Riverside Co. Forms GRC Platform with Acquisition Of EthicsPoint

Private Equity Bets On Compliance Market With EthicsPoint Deal

EthicsPoint acquired, to merge with rivals

Lake Oswego-based EthicsPoint sold to private equity firm

ELT, EthicsPoint and Global Compliance to Merge Forming Leading Ethics and Compliance Company

Policies and Investigations: Improve Efficiency Through Organization and Knowledge

Whistleblower Compliance

Ethics Issues In Business

The Culture of Whistleblowing: Two Experts Debate the Impact of Dodd-Frank Bounty Protections on Internal Compliance Programs

The Dodd-Frank Act: A Best Practice Approach to the Ethics & Compliance Implications

Productivity vs. Ethics: Winning at Both

University Compliance Culture

Dodd Frank Act Solutions

Special Breakfast Event - The UK Bribery Act and Beyond: Compliance in a Global Market

Ethics in Higher Education Administration, the Duties and Responsibilities of an Ethics Officer

Understanding Global Fraud in 2011: The Kroll Annual Global Fraud Report

The Bribery Act 2010: The SFO's Approach to Enforcement

EthicsPoint Among Fastest Growing Tech Companies

Is the Sky Falling? Three Things You Need to Know To Respond Effectively to the New Corporate Whistleblower Rules Under Dodd-Frank

ROI of GRC Series: Improving Operational Efficiencies

Leveraging Technology to Improve the Intake and Management of HR Issues: A Conversation with EthicsPoint

EthicsPoint Retools

Health Care Information, HITECH Breach Notification and HIPAA Privacy & Security: Can you Demonstrate a Good Faith Effort?

The Cost of (non) Compliance

Compliance Week Editorial Roundtables

10 Common Misconceptions that Increase the Likelihood of FCPA Violations

Why Ethics are Needed When the Law Governs

Tactics for Defining and Executing Systematic, Risk-Based Third-Party Due Diligence for FCPA Compliance

National Restaurant Assocation Internal Auditors Study Group

2011 ACUA Annual Conference

Effective Reporting to the Board on Compliance and Ethics Issues

Understanding The New Whistleblower Regime And How To Minimize The Risks

Policy Management Compliance

Shop Talk: Executing Enterprise-Wide Policy Management

Creating Organizational Value While Increasing Efficiency

Demonstration of EthicsPoint Benchmarking

Best Practices to Promote Your Code Of Conduct

Hotlines in the European Union

Quick Tips & Tricks That Will Make Your Life Easier - for Professional and Enterprise Clients

Learn About Intake Models and the Value of Web Intake Forms

Tips and Tricks for Using Pivot Grids

A Campus Conversation on Ethics

Expert Panel: HR's Role in Fostering Ethics and Compliance

The Emergence of the Chief Risk Officer

Got Breached? Protect Your Company’s Reputation and Business with Effective Crisis Management Planning

Unraveling the Mysteries Around User Setup in Professional and Enterprise

Risk and Incident Management: Getting the Right Information at the Right Time

Meric Bloch - II - Is Your Organization Adequately Prepared to Fight Today's Workplace Fraud?

Meric Bloch Series Part 2: Fundamentals of a Workplace Investigation

Take Advantage of Valuable GRC Resources Through our OCEG Partnership

Proactive Case Management: Returns on Investment

Feds Put Companies on Notice: Detecting and Responding to “Red Flags” of Identity Theft

Top 10 Frequently Asked Questions for EthicsPoint issue and Event Manager Standard

Gaining Efficiency & Insight by Taking an Enterprise Approach to Issue & Event Manager

Stronger Spotlights, Larger Stages: The Expanding Role of the Chief Compliance Officer

Frequently Asked Questions in 2009

Recent trends in sexual harassment and discrimination in the workplace