Employee Training Is Key To Successful Compliance
Canadian Counsel Discuss Navigating A Highly Regulated Environment
November 30, 2005 at 07:00 PM
17 minute read
Several years ago Toronto-based insurance company Foresters found itself in a difficult situation. The Office of the Superintendent of Financial Institutions (OSFI), a government body that regulates federally incorporated financial institutions in Canada, had recently mandated that insurance companies comply with any Canadian legislation applicable to their businesses.
“OSFI didn't say insurance legislation,” said Stephen Cheeseman, assistant vice president and associate general counsel at Foresters. “It said any legislation that might impact your business.”
Facing the daunting task of sifting through thousands of pieces of legislation, Foresters' executives jumped into action. In the end, the company established a compliance program that was efficient and met OSFI's standards. Although the task was grueling and time consuming, for a Canadian company such as Foresters, it was all in a day's work.
“It's important to remember that the regulations in Canada are not the same as regulations in the U.S.,” said John Clifford, a partner at McMillan Binch Mendelsohn in Toronto. “We have different laws that often have more onerous compliance requirements that have to meet national and local needs of the company.”
In general, Canadian companies have to comply with far more regulations than their U.S. counterparts. As a result, Canadian companies are well versed in creating, structuring and implementing compliance programs. At a recent Martindale-Hubbell Counsel to Counsel session in Toronto titled “Corporate Counsel Best Practices: Models for Managing the Compliance Workload,” Foresters and a number of other Canadian companies shared their best practices for dealing with sweeping government regulations and what makes for good corporate governance.
“We are now in a world where it's just not enough for a company to make a lot of money,” said Francine Swanson, Q.C., senior legal counsel at BP Canada Energy Co. in Calgary, Alberta, president of the Canadian Corporate Counsel Association and a co-chair in the session. “Companies have to make a lot of money the right way.”
A Solid Foundation
For Foresters, creating a program that complied with OSFI's strict requirements relied heavily on structure. To accomplish its goal, senior management first had to determine which laws were relevant to Foresters' business.
“Rather than going through thousands of pieces of legislation, we took a broader look at each piece as it related to important aspects of the business,” said Cheeseman, a participant at the forum. “Then, from a risk matrix point of view, we had to figure out how to prioritize the compliance.”
For each piece of legislation the company determined was applicable to its business, senior management assigned someone within the organization to ensure compliance.
In the end, Foresters assigned 14 people, most at the senior management level, to oversee the compliance with various pieces of legislation. Those people report to the chief compliance officer, who reports to the board.
“While people knew there were laws around our business before we went through this, I don't think they were truly aware of the importance of compliance and the risks involved,” Cheeseman explained. “This has been an incredible exercise in awareness. It has really brought the compliance process into perspective for us.”
Experts at the session warned, however, that implementing a compliance program doesn't mean your work is over. Corporate behaviors are constantly coming under government investigators' microscope, and regulations are constantly in a state of flux. To safeguard their companies from investigation, senior managers must constantly test their internal controls and adjust their programs accordingly.
For example, Citibank recently restructured its compliance program to accommodate regulatory changes by focusing on risk aversion and ethics.
“Ethics is a new standard for which everyone in the organization is being held accountable,” said Charles Alexander, general counsel for Citibank Canada and a participant at the forum.
As part of its risk-aversion effort, Citibank implemented a policy it calls Risk Control Self Assessment (RCSA), a report in which business-group managers measure themselves against Citibank's corporate policies and any laws that are applicable to their businesses.
“That means when internal audit comes in, which they can do at anytime, the first thing they will ask to see is the RCSA,” Alexander explained. “If they find gaps or other problems with it, the manager responsible will be held accountable.”
Finally, Citibank's compliance team scheduled meetings at least once a week for at least one hour to compare notes and ensure everyone stays in the know about regulatory changes.
“Citigroup is no longer stamped with that Wild Wild West mentality anymore,” Alexander said. “It's an organization that is adhering to ethical standards, and we are pushing that through to all the employees.”
Training Days
For companies with a global reach, compliance is often tricky. Understanding the vast range of regulations that dictate the way a company conducts business on a global scale and ensuring it's in compliance with all of them is a cumbersome task. But many participants agreed that a companywide understanding of internal policies is the key to making it work.
One participant suggested global companies–especially those in regulated industries–create consistent training throughout the organization on all the varying compliance issues.
“Whether the company is in the Canadian market or anywhere else in the world, make it clear if they want to work for you, they have to abide by certain rules,” said the participant, who wished to remain anonymous.
Some global companies, for example, distribute handbooks throughout their organizations that outline appropriate behavior for everything from harassment polices and health and safety guidelines to media inquiries and gifts and entertainment. Oftentimes companies will have employees sign forms certifying they read and understand the policies. And most importantly, companies will continue to train and educate their employees on these compliance issues.
“When you educate your employees, they become part of the process,” said Amita Kent, vice president of legal affairs at Schering Canada, a division of Schering-Plough Corp., in Toronto and co-chair of the forum. “At the end of the day, we developed an action plan that really works for Schering-Plough worldwide.”
Swanson agreed.
BP Canada Energy makes its code of conduct easily accessible to its employees on its Web site. The code outlines the standards under which BP expects its employees to follow.
“We want them to be able to access it any time they need to,” Swanson explained. “The code of conduct is designed to help employees by providing clear guidance on what to do in particular situations, and examples are given. Everyone at BP is accountable for upholding the code's requirements. Failure to do so may be cause for disciplinary action or dismissal.”
Like Schering-Plough, BP requires employees to sign a form verifying they have read and understand the code. The company also provides extensive training to ensure employees fully understand the company's policies.
“If employees can't make or miss their scheduled training session, we will ensure they get to another training session being offered,” she said. “They may have to fly to another BP office for training. That's how important it is to us.”
A Smaller Scale
While companies in all industries are still struggling to implement effective corporate compliance programs, participants agreed there is no one-size-fits-all program. What works for Schering-Plough and BP may not work for smaller companies.
For example, Robert Kay, senior vice president and general counsel at KaralCo Corp., an Internet wholesale company, suggests small companies place the compliance onus on outside counsel.
“We empower outside counsel in various countries to be de facto compliance officers,” he said. “It's basically their responsibility to alert the head office about anything going on in their areas of compliance.”
Jennifer Babe, a partner in the Toronto office of Miller Thomson, agreed that this is a highly effective way for companies lacking a compliance officer to stay on the straight and narrow.
“A couple of my American clients who have no in-house counsel in Canada rely on me to provide them with the regulatory issues they need to know about,” she said. “It is very much a part of my job to make sure an in-house counsel is never embarrassed and to be totally aware of what is changing in the legal and regulatory environment. And it works well.”
In the end, participants agreed that each company requires its own unique compliance program. But they all believe there is one common thread among every successful corporate compliance program–support from the top.
“The moral compass of a company resides in the captain's cabin,” said Andrew Roman, partner at Miller Thomson in Toronto. “If you lose that moral compass, it's very easy to get lost, and it takes a lot of hard work to find your way back.”
Several years ago Toronto-based insurance company Foresters found itself in a difficult situation. The Office of the Superintendent of Financial Institutions (OSFI), a government body that regulates federally incorporated financial institutions in Canada, had recently mandated that insurance companies comply with any Canadian legislation applicable to their businesses.
“OSFI didn't say insurance legislation,” said Stephen Cheeseman, assistant vice president and associate general counsel at Foresters. “It said any legislation that might impact your business.”
Facing the daunting task of sifting through thousands of pieces of legislation, Foresters' executives jumped into action. In the end, the company established a compliance program that was efficient and met OSFI's standards. Although the task was grueling and time consuming, for a Canadian company such as Foresters, it was all in a day's work.
“It's important to remember that the regulations in Canada are not the same as regulations in the U.S.,” said John Clifford, a partner at McMillan Binch Mendelsohn in Toronto. “We have different laws that often have more onerous compliance requirements that have to meet national and local needs of the company.”
In general, Canadian companies have to comply with far more regulations than their U.S. counterparts. As a result, Canadian companies are well versed in creating, structuring and implementing compliance programs. At a recent Martindale-Hubbell Counsel to Counsel session in Toronto titled “Corporate Counsel Best Practices: Models for Managing the Compliance Workload,” Foresters and a number of other Canadian companies shared their best practices for dealing with sweeping government regulations and what makes for good corporate governance.
“We are now in a world where it's just not enough for a company to make a lot of money,” said Francine Swanson, Q.C., senior legal counsel at BP Canada Energy Co. in Calgary, Alberta, president of the Canadian Corporate Counsel Association and a co-chair in the session. “Companies have to make a lot of money the right way.”
A Solid Foundation
For Foresters, creating a program that complied with OSFI's strict requirements relied heavily on structure. To accomplish its goal, senior management first had to determine which laws were relevant to Foresters' business.
“Rather than going through thousands of pieces of legislation, we took a broader look at each piece as it related to important aspects of the business,” said Cheeseman, a participant at the forum. “Then, from a risk matrix point of view, we had to figure out how to prioritize the compliance.”
For each piece of legislation the company determined was applicable to its business, senior management assigned someone within the organization to ensure compliance.
In the end, Foresters assigned 14 people, most at the senior management level, to oversee the compliance with various pieces of legislation. Those people report to the chief compliance officer, who reports to the board.
“While people knew there were laws around our business before we went through this, I don't think they were truly aware of the importance of compliance and the risks involved,” Cheeseman explained. “This has been an incredible exercise in awareness. It has really brought the compliance process into perspective for us.”
Experts at the session warned, however, that implementing a compliance program doesn't mean your work is over. Corporate behaviors are constantly coming under government investigators' microscope, and regulations are constantly in a state of flux. To safeguard their companies from investigation, senior managers must constantly test their internal controls and adjust their programs accordingly.
For example, Citibank recently restructured its compliance program to accommodate regulatory changes by focusing on risk aversion and ethics.
“Ethics is a new standard for which everyone in the organization is being held accountable,” said Charles Alexander, general counsel for Citibank Canada and a participant at the forum.
As part of its risk-aversion effort, Citibank implemented a policy it calls Risk Control Self Assessment (RCSA), a report in which business-group managers measure themselves against Citibank's corporate policies and any laws that are applicable to their businesses.
“That means when internal audit comes in, which they can do at anytime, the first thing they will ask to see is the RCSA,” Alexander explained. “If they find gaps or other problems with it, the manager responsible will be held accountable.”
Finally, Citibank's compliance team scheduled meetings at least once a week for at least one hour to compare notes and ensure everyone stays in the know about regulatory changes.
“
Training Days
For companies with a global reach, compliance is often tricky. Understanding the vast range of regulations that dictate the way a company conducts business on a global scale and ensuring it's in compliance with all of them is a cumbersome task. But many participants agreed that a companywide understanding of internal policies is the key to making it work.
One participant suggested global companies–especially those in regulated industries–create consistent training throughout the organization on all the varying compliance issues.
“Whether the company is in the Canadian market or anywhere else in the world, make it clear if they want to work for you, they have to abide by certain rules,” said the participant, who wished to remain anonymous.
Some global companies, for example, distribute handbooks throughout their organizations that outline appropriate behavior for everything from harassment polices and health and safety guidelines to media inquiries and gifts and entertainment. Oftentimes companies will have employees sign forms certifying they read and understand the policies. And most importantly, companies will continue to train and educate their employees on these compliance issues.
“When you educate your employees, they become part of the process,” said Amita Kent, vice president of legal affairs at Schering Canada, a division of
Swanson agreed.
BP Canada Energy makes its code of conduct easily accessible to its employees on its Web site. The code outlines the standards under which BP expects its employees to follow.
“We want them to be able to access it any time they need to,” Swanson explained. “The code of conduct is designed to help employees by providing clear guidance on what to do in particular situations, and examples are given. Everyone at BP is accountable for upholding the code's requirements. Failure to do so may be cause for disciplinary action or dismissal.”
Like Schering-Plough, BP requires employees to sign a form verifying they have read and understand the code. The company also provides extensive training to ensure employees fully understand the company's policies.
“If employees can't make or miss their scheduled training session, we will ensure they get to another training session being offered,” she said. “They may have to fly to another BP office for training. That's how important it is to us.”
A Smaller Scale
While companies in all industries are still struggling to implement effective corporate compliance programs, participants agreed there is no one-size-fits-all program. What works for Schering-Plough and BP may not work for smaller companies.
For example, Robert Kay, senior vice president and general counsel at KaralCo Corp., an Internet wholesale company, suggests small companies place the compliance onus on outside counsel.
“We empower outside counsel in various countries to be de facto compliance officers,” he said. “It's basically their responsibility to alert the head office about anything going on in their areas of compliance.”
Jennifer Babe, a partner in the Toronto office of
“A couple of my American clients who have no in-house counsel in Canada rely on me to provide them with the regulatory issues they need to know about,” she said. “It is very much a part of my job to make sure an in-house counsel is never embarrassed and to be totally aware of what is changing in the legal and regulatory environment. And it works well.”
In the end, participants agreed that each company requires its own unique compliance program. But they all believe there is one common thread among every successful corporate compliance program–support from the top.
“The moral compass of a company resides in the captain's cabin,” said Andrew Roman, partner at
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllCoinbase Hit With Antitrust Suit That Seeks to Change How Crypto Exchanges Operate
3 minute readBaker Botts' Biopharma Client Sues Former In-House Attorney, Others Alleging Extortion Scheme
Trending Stories
- 1Call for Nominations: Elite Trial Lawyers 2025
- 2Senate Judiciary Dems Release Report on Supreme Court Ethics
- 3Senate Confirms Last 2 of Biden's California Judicial Nominees
- 4Morrison & Foerster Doles Out Year-End and Special Bonuses, Raises Base Compensation for Associates
- 5Tom Girardi to Surrender to Federal Authorities on Jan. 7
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250