Posts

Showing posts with the label SCCE

How to sell ethics and compliance to your organization

  As ethics and compliance professionals, we work hard to create robust programs. But is this enough in a trade where we seek everyone’s adherence to our values? How do we communicate about what we do? Are we visible to the broader organization? How do we leverage other functions—particularly leaders—to trickle down our message? In this article, we will provide insight and practical tips on how to effectively invest in our communication and thus sell our critical mission to the broader organization to have a lasting cultural impact. Getting your product, brand, and message right Product The first thing to do will be to identify what you are selling. Are you selling compliance, are you selling ethics, are you selling business integrity? There is no right or wrong answer to this, but it is important to identify what works for you and your organization. To help answer this question, we recommend focusing on outcomes rather than processes, as your product needs to bring value to the ta...

U.S. Department of Justice (DOJ) Evaluation of Corporate Compliance Programs 2024 Update

This information was provided in a Discussion Thread I follow from SCCE (membership was not renewed).    https://www.justice.gov/criminal/criminal-fraud/page/file/937501/dl?inline Source: Society of Corporate Compliance and Ethics > General Compliance Digest > Discussions, October 1, 2024 (I do not have a current membership, but was able to click on the link provided in e-mail.

For better or for worse: Is your (non) compliance contagious?

Image
Wouldn’t you like your compliance program to be as infectious, contagious, and as long-lasting as COVID-19? Forgive the analogy, but every compliance officer aspires to see their diligent efforts in establishing and upholding a compliance program bear fruit in the form of a lasting impact on the company’s culture and noncompliant behavior. Society provides some great examples of how turning a blind eye to compliance can cause others to follow bad trends. Conversely, society also shows us that actions started by a few can have a positive effect. Looking at some of these l essons and underlying societal behaviors may help you make your compliance program contagious. In corporations, noncompliance can become contagious when employees follow in the footsteps of those who have tested the system and got away with it. On the other hand, compliance ambassadors can do a lot to enhance compliance and culture. Here are five lessons I learned from my time trying to make compliance contagious. 1. B...

Comprehensive Privacy Legislation for New Jersey

  New Jersey's state senate passed  S.B. 332  “the Act” on January 8, 2024.  The Act is to take effect 365 days after enactment (signed into law on January 16, 2024).   The Act will apply to controllers that conduct business or produce products or services in New Jersey and, during a calendar year, control or process either (1) the personal data of at least 100,000k consumers , excluding personal data processed for the sole purpose of completing a transaction; or (2) the personal data of at least 25,000 consumers where the business derives revenue, or receives a discount on the price of any goods or services from the sale of personal data.   At this time, the Compliance Department states this law does not apply to our company or the entities for which they are responsible for.  Should this decision change, we will update via the Compliance Digest.   Source:   Covington   (received through SCCE), received on February 2024)

Comprehensive Privacy Legislation for New Hampshire

  On January 18, 2024, New Hampshire legislature passed SB225 “The Act”.  The Act will take effect on January 1, 2025. In New Hampshire, applies to controllers who conduct business in New Hampshire (or) business who provide services that target New Hampshire residents in which they control or process either (1) personal data of at least 35k unique consumers, excluding the data controlled or processed solely to complete a payment transaction, or (2) the personal data of at least 100,000 unique consumers and derive more than 25% of their gross revenue from the sale of personal data.     At this time, the Compliance Department states this law does not apply to our company or the entities for which we are responsible for.  Should this decision change, we will update via the Compliance Digest.     Source:   Covington   (received through SCCE), received on February 2024)