Where do conduct, culture, and compliance intersect?

Culture has always been fundamental to determining how an organization operates.  Recently, however, the topic of culture has moved to the top of the agenda for regulators, investors, and consumers. Regulators have come to realize that that without a culture of integrity, organizations are likely to view their ethics and compliance programs as a set of check-the-box activities.

Organizations understand that culture is one of the biggest determinants of how employees behave. Strong cultures have two common elements: there is a high level of agreement about what is valued, and a high level of intensity with regard to those values. Organizations with strong positive cultures create trusting relationships with stakeholders and investors and—in turn—stakeholders and investors trust the organization and the brand.

Continue reading “Where do conduct, culture, and compliance intersect?”

The Buy American Act: New focus on government contract compliance

On April 18, 2017, President Trump issued an Executive Order1 requiring that every government agency “…scrupulously monitor, enforce, and comply with Buy American Laws… and minimize the use of waivers, consistent with applicable law.”

Government agency surveillance of contractor Buy American Act compliance in recent years appears to have been inconsistent2.  Allegations of Buy American Act violations over the last several years appear to be more frequently the result of competitive bid protests of awardee compliance or qui tam (i.e., whistle blower) allegations of non-compliance than agency or prime contractor compliance surveillance activities3.

However, that could change with the President’s Executive Order and increased contracting agency focus on Buy American Act compliance.  This leaves contractors vulnerable if they do not have effective compliance programs in place to ensure their articles, materials, and supplies comply with their contractual obligations.  Findings of non-compliance could lead to a number of compensatory and punitive penalties.

Continue reading “The Buy American Act: New focus on government contract compliance”

Getting started with RegTech

As financial services firms look for ways to harness the power of risk & regulatory technologies (RegTech), one of the first questions that comes to mind is where to start. Different parts of the business present very different challenges and opportunities, and the activity areas you choose to focus on can have a big impact on the results. Here are some tips for getting started:

Continue reading “Getting started with RegTech”

RegTech: Evolution or revolution?

Digital technology is having a big impact on risk management and regulatory compliance in financial services. And it’s not just hype. By harnessing the power of risk & regulatory technologies (RegTech)—which includes innovations such as artificial intelligence, advanced analytics, and robotic process automation—financial services firms are boosting their risk management and compliance capabilities and quality while dramatically reducing the required time, cost, and effort.

RegTech might not sound particularly new or revolutionary – after all, financial services firms have been using technology to automate their processes for decades, right? However, the level of sophistication that is possible today—as well as the resulting impact and benefits—is much greater than in the past.

Continue reading “RegTech: Evolution or revolution?”

What is the role of compliance in battling cyber risk?

Cross-Industry Compliance Leadership Summit eyes the intersection of two disciplines

“It’s called the cloud,” Deloitte & Touche LLP Principal Julie Bernard remarked. “It’s not called the vault. Keep that in mind.”

Bernard and Deloitte & Touche LLP Managing Director Susan Ameel moderated a session at Deloitte Advisory’s recent Cross-Industry Compliance Leadership Summit about the ways compliance and cyber security meet, and how the executives responsible for those areas might benefit by coordinating their efforts.

Many of the industries most subject to cyber attacks are also among the ones that have the most sophisticated regulatory and compliance obligations. Financial services, energy and utility companies, health care organizations, defense and aerospace – they all have to safeguard their own sensitive data, their customers’ information, or both.

Continue reading “What is the role of compliance in battling cyber risk?”

So be good, for goodness’ sake

Predictive technology can help employers find the roots of both personal and corporate noncompliance. Where are the ethical boundaries?

As data-gathering and analytics technologies amass more and more ability to squeeze information out of what may feel like thin air, employers face new questions about using these tools to predict and detect behavior. “Can” vs. “can’t” isn’t the only frontier. There’s also “can” vs. “should.” At least one participant in Deloitte’s Cross-Industry Compliance Leadership Summit described themselves as “slightly aghast” at the possibilities.

In addressing the summit, hosted by the Deloitte Center for Regulatory Strategy Americas, Deloitte & Touche LLP Advisory Principal John Lucker said that whatever the benefits of predictive technology, one thing organizations “shouldn’t” do is allow the perfect to be the enemy of the good.

Continue reading “So be good, for goodness’ sake”

Ethics has a strong business case, but measurement is less certain

Cross-Industry Compliance Leadership Summit explores corporate behavior

Are a “culture of ethics” and a “culture of compliance” the same thing? How does an organization build an ethical culture, and how can it measure the results?

At the recent Cross-Industry Compliance Leadership Summit hosted by the Deloitte Center for Regulatory Strategy Americas, New York University Professor Jonathan Haidt suggested there is a method corporate leaders can use to tackle these questions – and he compared notes with compliance executives who tackle them in real life every day.

Haidt is a social psychologist and author of the New York Times bestseller “The Righteous Mind.” His view is not only that there is a business case for ethics beyond “ethics for ethics’ sake,” but that large organizations can design ethical systems by working from the individual level on up. And he says the practice of measuring ethical culture is evolving.

Continue reading “Ethics has a strong business case, but measurement is less certain”

Compliance to power performance

As demands on the compliance function continue to increase in an era of enhanced regulatory scrutiny, data from the 2016 Deloitte Insurance Ethics and Compliance Survey demonstrate a correlation between financial performance metrics and the maturity levels of insurance and ethics programs.

Continue reading “Compliance to power performance”

A closer look at a new anti-discrimination rule

Putting the ACA’s Section 1557 into perspective

Posted by Tom Delegram, Deloitte Advisory managing director, Deloitte & Touche LLP and Karolyn Woo, Deloitte Advisory principal, Deloitte & Touche LLP on August 17, 2016

A key anti-discrimination section of the Affordable Care Act (ACA) went into full effect this summer, which has potentially significant cultural and operational shift for organizations across the healthcare payment and delivery system.

The portion of the law, Section 1557, prohibits discrimination on the basis of race, color, national origin, sex, age, or disability in any health program or activity that receives federal financial assistance. Section 1557 also applies to any program or activity administered by an executive agency or any entity established under Title I of the ACA or its amendments.

The US Department of Health and Human Services (HHS) finalized the rule for Section 1557 in May 2016, with the rule becoming effective on July 18. For health plans, the regulation will have an impact on benefit design for the upcoming plan year. Continue reading “A closer look at a new anti-discrimination rule”

Impact of updates to the CFPB “Know Before You Owe” mortgage disclosure rule

Posted by John Graetz, Advisory principal, Deloitte & Touche LLP on August 12, 2016

The Consumer Financial Protection Bureau’s (CFPB) “Know Before You Owe” mortgage disclosure rule became effective in October 2015.  During the implementation of the rule, financial institutions encountered scenarios where the path to compliance was complex and resulted in uncertainty on the part of lenders and vendors, as well as additional costs due to revised disclosures.  On July 29, 2016, the CFPB proposed1 updates intended to formalize guidance on the rule and provide greater clarity and certainty in four key areas as follows: Continue reading “Impact of updates to the CFPB “Know Before You Owe” mortgage disclosure rule”