Transparency! The New Anti-Money Laundering Act (AMLA)
On December 11, 2020, the Senate passed the Anti-Money Laundering Act of 2020 (“AMLA” or the “Act”) - DIVISION F of the National Defense Authorization Act for the fiscal year 2021 (the “NDAA”). The House of Representatives had previously passed the measure on December 8, 2020.
2020 Top 10 Articles on Fraud, Compliance, and Risk Management
Happy New Year, and thank you to the more than 100,000 people that visited Board and Fraud in 2020! With everything that happened last year, fraud, compliance, and risk management have arguably become more important than ever.
Internal Audit and Compliance - SEC Awards More Than $300,000 To Whistleblower With Audit Responsibilities
Congress Approves Anti-Money-Laundering (AML) Measure
Money laundering issues have haunted many over the years. To promote greater transparency, the U.S. Senate has approved legislation requiring companies in the U.S. to register their true owners. This change would help combat money laundering and the financing of terrorism.
All in the Family: SEC Charges Corporate Controller and His Brother-In-Law with Insider Trading Ahead of Merger Announcement
Board and Fraud: SEC and Goodwill Impairment
SEC Sends Message about Being Honest and Transparent Regarding the Effects of COVID-19
Chief Compliance Officers (CCOs) and Personal Liability
SEC Punishes Broker-Dealer for Conducting Business over Text Messages or on Personal Devices
The Securities and Exchange Commission (“SEC”) entered an "Order" on September 23, 2020, against JonesTrading Institutional Services LLC ("firm"), a broker-dealer located in California, for failing to retain text messages relating to the firm’s business. The SEC fined JonesTrading $100,000. Read more!
The Properly Designed Exit Interview a Necessary Step in Uncovering Ethical Violations
Board of Directors Oversight
Under the U.S. Federal Sentencing Guidelines, in order to receive credit for having an effective compliance program and thereby reduce the fines imposed on the organization, a Board of Directors must be “knowledgeable about the content and operation of the compliance and ethics program.” It must “exercise reasonable oversight with respect to the implementation and effectiveness of the compliance and ethics program.”
Cyber Attacks and Ransom Payments: Treasury Warns Against Keeping Ransomware Payments Quiet
Herbalife - “Quis Custodiet Ipsos Custodes” - Translated: Who Will Guard the Guards Themselves, or Who will Watch the Watchmen?
Herbalife's business relationship in China was committed to illegal activity, which it knew or should have known violated the FCPA. Specifically, beginning in late 2006, Herbalife China provided improper benefits and payments to government officials to obtain direct selling licenses for two cities. Herbalife paid out millions of dollars in bribes. Fraudulent expense reimbursements were used to fund the bribes, which is is a common tactic for these types of bribes.Specifically, the SEC found that Herbalife China paid bribes through extravagant meals, gifts, and other benefits given to Chinese officials to obtain sales licenses and remove negative media coverage in China. Managers at the subsidiary asked employees to falsify expense report documents, for example, adding names to meal receipts to get below the company's per head spending limit. It also found that the payments and benefits were inaccurately recorded and that Herbalife failed to maintain a sound system of internal controls.
SEC and its New Silent Whistleblower: Risk Based Data Analytics
The SEC just announced its first actions arising from investigations generated by the Enforcement Division's EPS (Earnings Per Share) Initiative, which utilizes risk-based data analytics to uncover potential accounting and disclosure violations caused by, among other things, earnings management practices.
Donut Holes! Dunkin’ Data Breach Settlement
Dunkin’ was repeatedly alerted to attackers’ ongoing attempts to log in to customer accounts by a third-party app developer. The app developer even provided Dunkin’ with a list of nearly 20,000 accounts that had been compromised by attackers over just a sample five-day period. "Yet, Dunkin’ failed to investigate the attacks to identify other customer accounts that had been compromised, determine what customer information had been acquired, or whether customer funds had been stolen. Dunkin agreed to pay $650,000 as penalty settlement costs for the lawsuit over its failure to respond to credential stuffing attacks.
Tipsters - SEC Adds Clarity, Efficiency and Transparency to Its Whistleblower Award Program
On Wednesday, September 23. 2020, the SEC voted to adopt amendments to the rules governing its whistleblower program. According to the SEC, the amendments are meant to “provide greater transparency, efficiency and clarity, and to strengthen and bolster the program.”The amendments were proposed for public comment in June 2018 and have been adopted with some changes.
New Corporate Compliance Guidance by the Commodity Futures Trading Commission (CFTC) is Coming Soon!
FCPA - Mergers & Acquisition Due Diligence
When a company acquires another company, the successor company can be liable for the acquired company’s activities before acquisition. The U.S. Department of Justice (“DOJ”) and the Securities and Exchange Commission (“SEC”) have administered Foreign Corrupt Practices Act (“FCPA”) enforcement actions against successor companies in cases involving egregious and sustained violations, where the successor company directly participated in the violations, or where the successor company failed to stop the misconduct from continuing after the acquisition.This writing explores some key steps that should be taken pre and post acquisition.
DOJ Unravels a Decade-Old Scheme that involved Kickbacks, Money Laundering, Sham Shell Companies, and Fake Invoices
According to evidence presented at trial, Aleksandr Pikus, 45, of Brooklyn, New York, and his co-conspirators perpetrated a scheme through a series of medical clinics in Brooklyn and Queens over nearly a decade. The clinics employed doctors, physical and occupational therapists, and other medical professionals who were enrolled in the Medicare and Medicaid programs. In return for illegal kickbacks, Pikus referred beneficiaries to these health care providers, who submitted claims to the Medicare and Medicaid programs.Pikus and his co-conspirators then laundered a substantial portion of the proceeds of these claims through companies he controlled, including by cashing checks at several New York City check-cashing businesses. Pikus then failed to report that cash income to the IRS. Instead, Pikus used the cash to enrich himself and others and to pay kickbacks to patient recruiters, who, in turn, paid beneficiaries to receive treatment at the medical clinics. The evidence further established that Pikus and his co-conspirators used sham shell companies and fake invoices to conceal their illegal activities.
Are you ready? New EU Whistleblower Protection Law!
Soon all public and private organizations in the EU with more than fifty (50) employees will soon be required to comply with a new EU Whistleblower Protection law. The new law highlights the importance of responsive, transparent, and timely whistleblowing case management. So just implementing a hotline is not enough. Organizations must consider confidentiality, acknowledgment of the tip or compliant, response times, the competence of persons receiving the reports, communication with the whistleblower, and feedback on how the case is being processed. The new law also includes the right to report concerns externally while remaining legally protected. That's a risk organizations must avoid. With the December 2021 deadline fast approaching, there is no better time for management and boards to act. Read more!