Guidance

now browsing by tag

 
 

DOJ Emphasizes Adequate Funding in Updated Compliance Guidance | Health Care Compliance Association (HCCA) | #employeefraud | #recruitment | #corporatesecurity | #businesssecurity | #

Source: National Cyber Security – Produced By Gregory Evans

Report on Medicare Compliance 29, no. 21 (June 8, 2020)

Whether an organization shows its commitment to compliance with dollars is a new focus of the second update to guidance on evaluating compliance programs from the Department of Justice (DOJ). In its updated Evaluation of Corporate Compliance Programs,[1] released June 1, DOJ indicates that adequate funding of the program and its people helps distinguish between a paper and an active program.

The guidance is used by white-collar prosecutors who evaluate compliance programs when deciding whether to file fraud charges and what the charges should be. Compliance officers also use the guidance to benchmark their organization’s compliance program. DOJ published the first version in 2017 and revised it in April 2019. The Evaluation of Corporate Compliance Programs modifies the Principles of Federal Prosecution of Business Organizations in the Justice Manual.[2]

There are detailed questions about compliance programs in the guidance, which is organized around three “fundamental questions” that prosecutors try to answer when evaluating effectiveness. The 2020 version modified the second question to refocus on resources:

  1. “Is the corporation’s compliance program well designed?“

  2. “Is the program being applied earnestly and in good faith?” In other words, is the program adequately resourced and empowered to function effectively?

  3. “Does the corporation’s compliance program work” in practice?

In elaborating on resources, DOJ explained that “prosecutors are instructed to probe specifically whether a compliance program is a ‘paper program’ or one ‘implemented, reviewed, and revised, as appropriate, in an effective manner.’ [Justice Manual § 9-28.800]. In addition, prosecutors should determine ‘whether the corporation has provided for a staff sufficient to audit, document, analyze, and utilize the results of the corporation’s compliance efforts.’ [Justice Manual § 9-28.800].”

The emphasis on funding doesn’t come as a shock. “You would have to have adequate resources before you get to adequate or better effectiveness,” said attorney Gabriel Imperato, with Nelson Mullins Broad and Cassel in Fort Lauderdale, Florida.

Prosecutors have always factored in the funding of compliance programs, although it’s significant to see this in writing, said Kirk Ogrosky, former deputy chief of DOJ’s fraud section. “You can have compliance officers who are making a fraction of what other senior executives are making,” he said.

The guidance also encourages organizations to advance compliance at all times, even during an investigation, said former federal prosecutor Robert Trusiak, an attorney in Buffalo, New York. As DOJ states, “In answering each of these three ‘fundamental questions,’ prosecutors may evaluate the company’s performance on various topics that the Criminal Division has frequently found relevant in evaluating a corporate compliance program both at the time of the offense and at the time of the charging decision and resolution.” DOJ reinforces this point when it talks about the risk assessment. “Prosecutors should endeavor to understand why the company has chosen to set up the compliance program the way that it has, and why and how the company’s compliance program has evolved over time.”

In other words, Trusiak said, “effective compliance is not set it and forget it. Compliance is an iterative process.”

DOJ Revises Other Questions

DOJ’s revisions ripple through the rest of the document, which is loaded with specific questions about commitment by senior and middle management, risk assessments, due diligence, communication with employees, oversight of third parties and other hot topics.

For example, the 2019 guidance asked whether the organization’s risk assessment was “current and subject to periodic review? Have there been any updates to policies and procedures in light of lessons learned? Do these updates account for risks discovered through misconduct or other problems with the compliance program?”

The 2020 guidance drills down. “Is the periodic review limited to a ‘snapshot’ in time or based upon continuous access to operational data and information across functions? Has the periodic review led to updates in policies, procedures, and controls?”

There are also more questions about how organizations ensure that policies get in the hands of employees and vendors. For example, “have the policies and procedures been published in a searchable format for easy reference? Does the company track access to various policies and procedures to understand what policies are attracting more attention from relevant employees?” The stakes also are raised on employee awareness of the hotline. “Does the company take measures to test whether employees are aware of the hotline and feel comfortable using it?”

Imperato noted that DOJ “dwells a fair amount on third-party due diligence” and whether it continues after the deal is done. For example, DOJ asks, “What has been the company’s process for tracking and remediating misconduct or misconduct risks identified during the due diligence process? What has been the company’s process for implementing compliance policies and procedures, and conducting post acquisition audits, at newly acquired entities?”

Questions on learning from mistakes were also tweaked. “Does the company review and adapt its compliance program based upon lessons learned from its own misconduct and/or that of other companies facing similar risks?” There are other changes to questions, including, for example, about training and “monitoring investigations and resulting discipline.”

Imperato said he will attach the updated guidance to his board training, along with other documents. “This automatically becomes the benchmark…for setting up a compliance program and determining its effectiveness.”

Ogrosky noted, however, that even well-funded, effective compliance programs may fail to detect bad actors. “Fraud is a non-self-revealing offense,” he said. “The people who commit fraud at large corporations are doing it to avoid the compliance folks.” He’s referring to flat-out fraud, not a debate about whether an arrangement fits within a safe harbor, for example.

Whether fraudsters inside corporations are unmasked depends more on whether executives ask the right questions vs. looking the other way, Ogrosky said. For example, if a salesperson outperforms his or her peers 50 times over, managers should dig into it. “If a contractor is able to do what no one has been able to do, ask why, because the fraud is not self-revealing.” DOJ will expect the corporation to accept some responsibility for bad actors, even when they have good compliance programs, he said.

1 U.S. Dep’t of Justice, Criminal Div., Evaluation of Corporate Compliance Programs (Updated June 2020), http://bit.ly/2Z2Dp8R.
2 U.S. Dep’t of Justice, Justice Manual, Principles of Federal Prosecution of Business Organizations, § 9-28.000 (2020), http://bit.ly/2GtxXFt.

[View source.]

Source link

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post DOJ Emphasizes Adequate Funding in Updated Compliance Guidance | Health Care Compliance Association (HCCA) | #employeefraud | #recruitment | #corporatesecurity | #businesssecurity | # appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | IRS Publishes Guidance to Help Taxpayers Fight Identity Theft

Source: National Cyber Security – Produced By Gregory Evans

Security Summit partners including the Internal Revenue Service (IRS), the US tax industry, and several state tax agencies published security guidance and updated content to highlight identity theft precautions to be taken during the incoming holiday shopping season.

Individual and business taxpayers, as well as tax professionals, are advised to boost their security defenses against potential identity theft attempts that will soon surface during the holidays.

“While people are shopping online, identity thieves are trying to shoplift their sensitive information. As the holiday season and tax season approach, everyone should remember to take basic steps to protect themselves,” IRS Commissioner Chuck Rettig said. 

“The Security Summit has made progress in fighting back against tax-related identity theft, but we need people to watch out for common scams that can put their financial and tax data at risk.”

Identity theft safeguards and protection measures

The US tax collection agency provides businesses with an updated ‘Security Awareness For Taxpayers’ PDF document during this month’s National Tax Security Awareness Week, ready to share with employees, clients, and customers

The Security Summit members also recommend taking the following measures to protect personal and financial information online:

• Use security software for computers and mobile phones – and keep it updated.
• Protect personal information; don’t hand it out to just anyone.
• Use strong and unique passwords for all accounts.
• Use two-factor authentication whenever possible.
• Shop only secure websites; Look for the “https” in web addresses; avoid shopping on unsecured and public WiFi in places like shopping malls.
• Routinely back up files on computers and mobile phones.

As part of the Tax Security Awareness Week, the IRS will also provide basic steps for easily recognizing email and phone scams, detecting identity theft attempts, and creating strong passwords for online accounts.

Videos with Easy Steps to Protect Your Computer and Phone and on how to Avoid Phishing Emails are also provided by the IRS and its Summit partners with additional information for taxpayers on how to augment their security.

Security plans and malware warnings

In July, the IRS issued a joint news release with the Security Summit partners to remind professional tax preparers of their obligation to have a data security plan in place with appropriate safeguards to protect sensitive taxpayer information from data theft attacks.

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) also provides a Safeguarding Your Data Security Tip issued through the National Cyber Awareness System.

One month later, an IRS warning alerted taxpayers and tax professionals of an active IRS impersonation scam campaign that used spam emails to deliver malicious payloads.

The security guidance the IRS will share during the National Tax Security Awareness Week is designed to help both taxpayers and tax pros to defend against attacks such as those that are targeting the tax season with realistic phishing emails bundling malicious attachments.

Attackers are also known to use phone scams as observed in 2016 when they posed as IRS representants and asked their targets to extinguish outstanding debts of thousands of dollars via gift card payments.

Source link

The post #nationalcybersecuritymonth | IRS Publishes Guidance to Help Taxpayers Fight Identity Theft appeared first on National Cyber Security.

View full post on National Cyber Security

Central Bank publishes guidance on IT and Cybersecurity Risks

download

Source: National Cyber Security – Produced By Gregory Evans

Central Bank publishes guidance on IT and Cybersecurity Risks

The Central Bank of Ireland (the “Central Bank”) has published a guidance note in respect of IT and Cybersecurity Risks which highlights the Central Bank’s increased focus on risks in this area. The guidance note highlights that the IT and

The post Central Bank publishes guidance on IT and Cybersecurity Risks appeared first on National Cyber Security.

View full post on National Cyber Security

ESSA Guidance Issued on ‘Evidence Based’ School Improvement – Politics K-12 – Education Week

The Education Department is outlining how states, districts, and schools can use interventions with a strong record of making a difference with the types of students or schools that need help.

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post ESSA Guidance Issued on ‘Evidence Based’ School Improvement – Politics K-12 – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Michigan education board approves LGBT guidance for schools – Education Week

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Michigan education board approves LGBT guidance for schools – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Michigan board approves approve LGBT guidance to schools – Education Week

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Michigan board approves approve LGBT guidance to schools – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Ruling Backs Ed. Department Guidance on Transgender Bathroom Choice

A federal appeals court says deference must be given to federal guidance that schools must treat transgender students in conformity with the students’ gender identity.

View full post on The School Law Blog – Education Week







#pso #htcs #b4inc

Read More

The post Ruling Backs Ed. Department Guidance on Transgender Bathroom Choice appeared first on Parent Security Online.

View full post on Parent Security Online

ESSA Guidance Continues to Roll Out – Education Week

Testing issues and states without NCLB waivers are among the topics discussed in some recent the Education Department guidance on transition to the Every Student Succeeds Act.

View full post on Education Week: NCLB







#pso #htcs #b4inc

Read More

The post ESSA Guidance Continues to Roll Out – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Parental guidance: Don’t forget to say sorry even to kids

Here’s one very important lesson in raising your child the right way. Apologies are important even to children who are six or seven years old — an age when they build social skill foundations that last a lifetime, suggests a new research.

Saying sorry for any minor transgression may not help the children feel better but the quick apology can help you mend relations with them, the findings show. “What was surprising was that children who experienced a minor transgression and heard an apology felt just as bad as those who did not hear an apology,” said the study’s lead author Marissa Drell from University of Virginia in the US.

Read More

The post Parental guidance: Don’t forget to say sorry even to kids appeared first on Parent Security Online.

View full post on Parent Security Online

IRS Offers Tax Guidance On Free Identity Theft Protection Services

Source: National Cyber Security – Produced By Gregory Evans

There’s no question that identity theft is a problem in the United States. A 2015 study released by Javelin Strategy & Research found that there were 12.7 million victims of identity theft in the U.S. 2014. That works out to a new identity fraud victim every two seconds. Identity theft has topped the list of consumer complaints made to the Federal Trade Commission for the last 15 years. And, of course, identity theft has claimed the top spot on the Internal Revenue Service’s (IRS) Dirty Dozen list for several years running. It should be no surprise, then, that businesses and other organizations have ramped up their efforts to keep personal information secure, including offering complimentary identity protection services to customers and employees. This includes credit reporting and monitoring services – the same kinds of services that IRS offered to affected taxpayers earlier this year after taxpayer accounts were improperly accessed using the “Get Transcript” app. These services cost money. Services can range from one time fees to monthly fees upwards of $30 per month. According to Consumer Reports, about 50 million U.S. consumers spent $3.5 billion in 2010 on various identity protection products, a number that has likely grown over […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post IRS Offers Tax Guidance On Free Identity Theft Protection Services appeared first on National Cyber Security.

View full post on National Cyber Security