About Software Updates Compliance Week 2019
Daniel
Each week we scour the major news sources and summarize the top corporate compliance related news to keep you informed and save you the effort of searching. All news stories contain a link to its source. This news service is not available anywhere else!
The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
Objective: To determine compliance with the contraceptive patch (Ortho Evra/Evra) overall and by age among women in North America and to compare rates of perfect use with those of an established oral contraceptive.
Main outcome measure(s): Perfect use for the patch or oral contraceptive, defined as 21 consecutive days of drug-taking followed by a 7-day drug-free period; for contraceptive patch users, no patch could be worn for more than 7 days. Oral contraceptives were used according to package labeling.
Conclusion(s): Age did not affect compliance with the patch among all North American women studied. In a comparative study of women at North American centers, compliance with the weekly contraceptive patch was significantly better than with an established oral contraceptive. The contraceptive patch is uniformly easy to use across all ages.
I also will take a few moments to tell you about how we in the Criminal Division are trying to hold ourselves accountable and provide increased transparency by explaining our decision making when we can and setting forth our expectations with respect to corporate cooperation in our investigations.
For the past year, it has been my privilege to lead the Criminal Division of the U.S. Department of Justice and the nearly 1,000 dedicated prosecutors and support staff who work every day to investigate and prosecute federal criminal cases, to develop criminal law and sentencing policies and to promote the rule of law around the world.
For example, to comply with the Foreign Corrupt Practices Act (FCPA), businesses that tend to be exposed to corruption must employ different internal controls than businesses that have less exposure to corruption.
Similarly, in the anti-money laundering context, a financial institution must ensure that its compliance policies and practices are tailored to identify and mitigate the risks posed by its specific portfolio of customers, and that those customers are providing complete and accurate information.
A company must ensure that its senior leaders provide strong, explicit and visible support for its corporate compliance policies.Corporate management must enforce compliance policies, not tacitly encourage or pressure employees to engage in misconduct to achieve business objectives.
We look not just at the written policies, but to other messages otherwise conveyed to employees, including through in-person meetings, emails, telephone calls, incentives/bonuses, etc.; and will make a determination regarding whether the company meaningfully stressed compliance or, when faced with a conflict between compliance and profits, encouraged employees to choose profits.
A company periodically should review its compliance policies and practices to keep it up to date with evolving risks and circumstances, including when the company merges with or acquires another company.In particular, if a U.S.-based entity merges with, acquires or is acquired by a foreign entity, all compliance policies should be reviewed and revised accordingly.
Corporations also must ensure compliance with the laws of all the countries in which they operate. We appreciate that this may present a major compliance challenge, as international corporations often must bridge cultural, as well as geographic, divides. But such challenges do not justify non-compliance.
For example, if a foreign bank that operates in the United States identifies suspicious activity related to a foreign account held by a customer that also maintains an account in the United States, compliance personnel in the United States should be alerted to the suspicious activity.
As all of you know, the adequacy of a compliance program is a factor when we decide how and whether to prosecute a company. The lack or insufficiency of a compliance program can have real consequences for a company when a violation of law is discovered.
For example, this past December, Alstom S.A., the French power company, pleaded guilty to violating the FCPA by falsifying its books and records and failing to implement adequate internal controls. Alstom admitted to its criminal conduct and agreed to pay a penalty of over $772 million.
The scheme involved the payment of bribes to various government officials and the falsification of books and records in connection with power, grid and transportation projects for state-owned entities around the world, including Indonesia, Egypt, Saudi Arabia, the Bahamas and Taiwan. Alstom attempted to conceal that it was the source of the corrupt payments to government officials by funneling the bribes through third-party consultants.
For example, if a multi-national corporation discovers an FCPA violation in one country, and has no basis to suspect that the misconduct is occurring elsewhere, the Criminal Division would not expect that the internal investigation would extend beyond the country in which the violation was discovered. By contrast, if the known offenders operated in multiple countries, we would expect that the internal investigation would extend into those locations as well.
Under these circumstances, cooperation includes helping to circumvent barriers to the investigation by making knowledgeable personnel available for interviews or testimony, and by producing documents and other evidence that otherwise may not be readily accessible to the government.
Given the financial, reputational, privacy-related and other harms that a data breach may cause, it is essential that corporations establish and maintain policies and practices designed to prevent and detect data breaches, and to mitigate the attendant damage.
To consolidate and focus our expertise and resources, during this past year, the Criminal Division created a Cybersecurity Unit within the Computer Crime and Intellectual Property Section (CCIPS). While the unit in particular and CCIPS as a whole are committed to identifying and prosecuting the hackers that commit the breaches, the unit also is dedicated to partnering with both the private sector and the public to combat cybercrime.
To that end, we have engaged in targeted cybersecurity consultations with members of the private bar, computer security specialists, industry groups and trade associations, financial institutions and others.
Corporate accountability through compliance, investigations and protections against breaches is a good practice for all of your companies. And in the Criminal Division, I am emphasizing accountability on our side as well, particularly through our work with regulators and other law enforcement agencies, and through increased transparency about our decision-making where possible.
Many of the cases handled by the Criminal Division also involve parallel investigations or civil or enforcement actions by civil or regulatory authorities. Even if certain misconduct could be pursued civilly or through regulatory action, criminal investigation and prosecution often is appropriate.
Different law enforcement authorities have distinct and important functions. Companies know who their regulators are, and they know that they are subjecting themselves to those regulatory schemes and the laws of the countries in which they operate. But we are trying to address this concern and are mindful of making sure that companies are not punished unfairly.
Since becoming Assistant Attorney General, one of my priorities has been to ensure that the Criminal Division is as transparent as possible about its decision making. While we are limited in the information we can disclose to the public about matters in which we decline to prosecute, when we file charges, secure a guilty plea or enter into a deferred prosecution or non-prosecution agreement, the Criminal Division will place in the public record detailed information explaining the rationale for the particular resolution whenever possible.
Whether we secure a guilty plea or enter into an NPA or DPA, these resolutions generally have the same key components: admissions, a detailed statement of facts, remediation and/or enhanced compliance requirements and penalties. Depending on the facts and circumstances of a particular case, the Criminal Division also may require the imposition of a compliance monitor.
In addition, transparency takes a significant amount of the guess work out of assessing the likely benefits of cooperation, as well as the costs of refusing to cooperate or offering limited or partial assistance.
Regardless of the form of resolution, the Criminal Division is committed to enforcing compliance with its terms. In particular, when a company that is subject to the terms of an NPA or a DPA violates the terms of the agreement, if proportional to the breach, the Criminal Division will not hesitate to tear up the agreement and prosecute the offending entity based on the admitted statement of facts.
In addition to statements contained in public filings in cases investigated or prosecuted by the Criminal Division, our commitment to transparency also is effectuated by the participation of Criminal Division personnel in conferences such as this one.
We have had a compliance doc request for our offers and the offers were immediately taken down last week even though we'd previously already submitted approved compliance docs. We sent in new compliance docs the very next day and it has been sitting without any updates since then. I have tried opening a case for assistance but seller support keeps telling me "the ASIN is not restricted", despite me specifically mentioning in the case that the ASIN is fine and only my listings against the asin are Inactive pending compliance docs review. Can any mods assist her? I don't know what else to do but having offers killed without warning for a week despite doing exactly what Amazon requested seems a bit odd to me. Thanks all for any assist that may be available!
7fc3f7cf58