This document discusses leveraging existing compliance resources to increase efficiency and reduce costs while ensuring legal and regulatory compliance. It addresses benchmarking processes against other organizations, determining when to outsource functions, and leveraging information across departments. Specific issues covered include the intersection of anti-money laundering (AML), sanctions, foreign corrupt practices act (FCPA), and data privacy laws. Controls and oversight of third parties are also discussed, including potential red flags for FCPA violations related to foreign agents, payments, and high-risk countries or industries.
RESTRUCTURING, INSOLVENCY & TROUBLED COMPANIES 2022: Bad Debtor Owes Me Money!
Leveraging Resources to Reduce Costs and Ensure Compliance
1. Leveraging Existing Resources to Increase Efficiency
and Reduce Costs While Ensuring Compliance
Brian C. Loutrel, Vice President, Chief Privacy Officer, New York Life Insurance Co.
Cari N. Stinebower. Crowell & Moring, LLP
Noreen M. Fierro. Vice President, Corporate Counsel, Prudential Financial
2. Alphabet Soup
AML, OFAC & FCPA- Offense of one could be offense of
all
Leveraging the similarities/acknowledging the
differences
The value (or not) of Benchmarking
When structural differences make all the difference
When to consider “outsourcing”
Appropriateness of function
Ability to actively oversee outsourced work
“Internal” vs. “External” “outsourcing”
2
3. Leverage, Leverage, Leverage
How to rely on information from other
departments to streamline your own processes
International Privacy laws- their impact on
multi-nationals and how they influence
outsourcing decisions
Specific FCPA Risks for insurers and reinsurers
3
4. Basic controls may not be sufficient
Benefits to sharing information/developing
complimentary processes
Consider this:
Your company is attempting to expand its insurance business in Mexico
Many government approvals are required before a license to sell insurance
is granted
Your company has hired a local law firm to assist in procuring the necessary
approvals - an engagement letter is executed outlining the law firm’s fees
The Senior Vice President in charge of opening the Mexico operations
approves a payment to the law firm that includes not only billable attorney
time but some “miscellaneous” charges
Your company wires the fees to the identified bank account in the name of
the law firm 4
5. You find out after the fact that some of the
“miscellaneous fees” included in the law
firm’s invoice were to cover “payments”
made to local government officials in an
effort to procure the necessary licenses to sell
insurance
You also determine that one of the local
government officials receiving the payments
is on the SDN for alleged ties to drug
trafficking
5
6. PLACEMENT OF MONEY
FUNDS LAUNDERING
CONCERNS-
Beyond PATRIOT
Payment
LAYERING OF Act applicability
sent to Law FUNDS 18 USC § 1956,
et al
Firm
Payment placed in INTEGRATION
Law Firm’s bank
account
Funds distributed from Law
firm’s bank account to
government official for
deposit or use elsewhere,
integrating them into the
financial system
6
8. Law Department
Terms of law firm engagement
▪ Backup documentation for expenses
Lawyer review of invoice
Identification of red flags
Internal Approval Processes
Are managers being trained to ask the right questions before approving invoices?
More than monetary approval authority
Accounts Payable
Necessary documentary backup
Copy of law firm engagement or access to ask questions regarding appropriateness
of fees
General AML/OFAC/FCPA Compliance program may not have
identified these issues
Payment to law firm not likely to hit AML surveillance reports
OFAC issue not transparent
FCPA issue not immediately transparent
8
9. Generalities can sometimes be misleading
Risk assess differences
Resource differences
Operational differences
Jurisdictional Exposure differences
Speak to people who are in charge of process
Do not rely on information learned through basic
business channels
When it really can be helpful
Learning from others experiences
9
10. Confirm executive support
Critical for success of process and your ability to
insure appropriate oversight
Consider current processes
Are there functions that naturally lend themselves
to outsourcing?
▪ OFAC screening
▪ Initial CIP vetting
Internal vs. External- Does “outsourcing” have
to automatically imply hiring an unrelated
third party?
10
11. Build business case
Conduct cost-benefit analysis
Proper utilization of current resources
Outsourcing does not have to mean
“downsizing”
Consider regulatory risk/expectations
FINRA 3190 requirements
Value of Benchmarking- Leverage lessons
learned from colleagues
11
12. Look for redundancies
Review processes
▪ Are there multiple touch points reviewing the same data?
▪ Could one touch point review the data for multiple purposes?
Sometimes less is more
Insure consistency in approach
Integrity of data/consistent view of issue or vendor
Maintaining active oversight
Third party vs. other internal departments or divisions
12
13. Acknowledge the difference
Purposes are usually very distinct
Consider what those differences are and/or look
for overlap with general compliance controls
If overlap is identified, consider ways to redirect
control or audit resources to enhance overall
control/testing environment
Look to develop a complimentary overall
program
Context is key
13
14. Considerations when outsourcing
Location of data storage
Cross-border sharing of information
Local law implications/limitations
Security of Data
Encryption
Vendor commitment
Inside/outside firewall solutions
14
15. Review the basic elements of each program
Policy/Procedures
Risk Assessments
Frequency/focus
▪ FCPA/OFAC/AML risk profiles while similar are not always
equally weighted
Macro level and micro level
▪ Business Unit process
▪ Hiring – employees, vendors
▪ Use of third parties
▪ Role of third parties
▪ Payment/Approval processes
FOLLOW THE MONEY
15
16. Current Screening
Processes(OFAC/PEP/Sanctioned
Countries/Sanctioned Governments)
What information is screened?
▪ Customer/Vendor/Accounts Payable
Do you get enough information to adequately screen?
▪ Screening for those owned or controlled by the above
Compliance Testing
Training
Avoid the siloed approach
Audit Function/Periodic Review
16
17. Foreign Agents: Must perform thorough background checks
and examine qualifications; be cautious of an agent’s efforts to use
front companies to make improper payments
Guarantees: An agent’s refusal to sign a contract confirming
that no improper payments were or will be made should prompt
close scrutiny
Middlemen: Be wary of any situation where multiple
middlemen seem to be performing the same task
Government Relationships: Carefully examine agents who
have held government positions or have an ongoing
relationship with a government official. Employing an agent
solely because of his/her connection to the government risks
running afoul of the FCPA
Third Parties: The payment of an agent’s fees to a foreign
bank account or to an entity other than the agent is a
warning sign of possible FCPA problems
17
18. High Risk Country: Take extra care in countries where the
standard costs of doing business are perceived to include bribes,
pay-offs, and “gifts” to officials
Business: Certain industries present historically higher risks of
FCPA violations; note, however, that the DOJ and SEC have
increasingly targeted a variety of industries
Commissions: Unreasonably high commissions increase the
probability that money will be diverted to pay government
officials
Cash Payments: One of the most obvious FCPA warning signs is
the transfer of large amounts of cash
Bonuses, Reimbursements, and other Payments: Large bonus
payments or reimbursements for unusually high entertainment,
advertising, or other administrative expenses may be used as a
device to mask illegal payments
18
19. Payroll Fraud: The presence on a company’s payroll of
persons who are relatives or associates of foreign
government officials raises serious FCPA compliance
concerns
Secrecy: Be wary of any situation in which a potential agent
seems reluctant to fully explain the nature of the proposed
activity or to provide clear answers to routine questions
Research: Publicly reported cases of bribery and public
corruption should prompt careful review of the company’s
operations in that country
Competitor Violations: If the company learns of competitor
violations, it should conduct a careful investigation of its
operations; in a difficult competitive environment,
employees may learn of a competitor’s tactics and be
tempted to follow suit
19