1 / 10

Board Oversight of Compliance & Ethics Programs

Board Oversight of Compliance & Ethics Programs. Jeff Kaplan/Kaplan & Walker / jkaplan@kaplanwalker.com Society of Corporate Secretaries & Governance Professionals 2012 Mid-Atlantic Chapter Fall Meeting . Key legal drivers. US Sentencing Guidelines DOJ Prosecution Standards

aneko
Download Presentation

Board Oversight of Compliance & Ethics Programs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Board Oversight of Compliance & Ethics Programs Jeff Kaplan/Kaplan & Walker /jkaplan@kaplanwalker.com Society of Corporate Secretaries & Governance Professionals 2012 Mid-Atlantic Chapter Fall Meeting

  2. Key legal drivers • US Sentencing Guidelines • DOJ Prosecution Standards • Delaware case law • Caremark, Stone v Ritter • Disney:best practices as a way of minimizing risks and costs • Not a C&E case, but logic is relevant to C&E • S-Ox, NYSE rules • Various official expectations outside the US www.kaplanwalker.com

  3. C&E governance documentation • Types • Audit committee charter • C&E program charter • Job descriptions • CECO • GC or others • Investigation and reporting procedures www.kaplanwalker.com

  4. Reporting to the Board: two types • Sentencing Guidelines: individual with operational responsibility for the program should have express authority to communicate personally to the board or a board committee • Promptly on any matter involving criminal conduct or potential criminal conduct, and • No less than annually on the implementation and effectiveness of the C&E program • Good practice • CECO- multiple reports per year; C&E director (if a different person) – one • Both have authority to report to audit committee chair re: alleged misconduct www.kaplanwalker.com

  5. Independence of CECO • Given board’s reliance on CECO, typically an important consideration • Many criminal/regulatory settlements require CECO not be part of law department • But for many companies CECO can be part of law department if have other indicia of independence • Strong informational reporting relationship with board • Audit committee monitoring of compensation and duties www.kaplanwalker.com

  6. Content of board reports: possible components • These are not mutually exclusive, nor should any board necessarily cover all • Rather, key is to find what is most helpful for a given company/board • First, main elements and attributes of an effective C&E program, but focus on those where directors can really make a difference • Elements: incentives, discipline, senior management involvement • Attributes: authority, independence, reach, resources, organizational culture www.kaplanwalker.com

  7. More on reports to board • Second: particular focus on system for encouraging reports of violations • At the heart of Caremark and S-Ox obligations • Look for weak spots (by business or geography) • Third: other program metrics • Can be helpful, e.g., • Employee survey/focus group results • Audit results • Breaches • Training completions • Many others • But some boards worry too much about this – and there is no magic quantitative approach to C&E metrics www.kaplanwalker.com

  8. Report contents (cont.) • Fourth - risk areas • Stone v Ritter underscores need • Board should have sense of C&E risk assessment methodology (and why you think it works) • For top risk areas (e.g., EHS, FCPA, Antitrust) provide ongoing information about • Risks • Mitigation plans • Adherence to plans • Asking good questions is key to any of these approaches • See http://www.fcpablog.com/blog/2010/6/8/what-boards-should-ask.html www.kaplanwalker.com

  9. C&E training for boards • Going beyond audit committee • Oversight is part – but not all – of what should be covered in training • Individual C&E risks for directors (e.g., COIs, confidential information) should also be addressed because • Director integrity key to market confidence; violations by directors can undermine this • Relevant to oversight of senior management, since many of the risks are the same • Consider cataloging all the C&E information your board gets to see what’s missing, and develop a true curriculum map (of current and planned training/communications) www.kaplanwalker.com

  10. Program assessments • Strong expressions of support for these by • Justice Department • Sentencing Commission • OECD Anti-Bribery Good Practice Guidance • Boards generally encouraged to rely on experts – may be particularly useful for C&E programs • Assessment report can provide framework for ongoing program oversight for years to come • The very act of commissioning an assessment itself helps show that the board is serious about C&E www.kaplanwalker.com

More Related