Compliance, Risk Management, and Enforcement Image
Principles of the Law,

Compliance, Risk Management, and Enforcement

This project will address the need for a set of recommended standards and best practices on the law of compliance and risk management.
Shop individual parts
 

 

  •  
    Tentative Draft No. 1
    Tentative Draft No. 1
    274 pages, 2019, #1PLCERTD1

    TABLE OF CONTENTS

     

    Project Status at a Glance             xiii

    Foreword            xv

    Reporters’ Memorandum              xxi

    CHAPTER 1

    DEFINITIONS

    § 1.01. Definitions            1

    CHAPTER 2

    SUBJECT MATTER, OBJECTIVES, AND INTERPRETATION

    § 2.01. Subject Matter     5

    § 2.02. Objectives             8

    § 2.03. Characteristics of the Organization             10

    § 2.04. Interpretation      14

    § 2.05. Nonliability           15

     

    CHAPTER 3

    GOVERNANCE

    TOPIC 1. GOVERNANCE IN COMPLIANCE AND

    RISK MANAGEMENT – GENERAL

    § 3.01. Governance in Compliance and Risk Management 17

    § 3.02. Governance Actors            18

    § 3.03. Governance Map for Compliance and Risk Management     20

    § 3.04. Coordination of Compliance and Risk Management in Affiliated Organizations          20

    § 3.05. Governance Accommodations for Organizational Circumstances     22

    § 3.06. Qualifications of Primary Governance Actors for Compliance and

                      Risk Management         23

    § 3.07. The Role of the Board of Directors and Executive Management in

                      Promoting an Organizational Culture of Compliance and Risk Management           29

     

    TOPIC 2. THE BOARD OF DIRECTORS – GENERAL

    § 3.08. Board of Directors’ Oversight of Compliance, Risk Management, and Internal Audit 36

    TOPIC 3. THE BOARD OF DIRECTORS – COMMITTEES

    § 3.09. Delegation of Oversight Responsibilities by the Board of Directors to a

                     Committee or Group of its Members       52

    § 3.10. Compliance and Ethics Committee              58

    § 3.11. Risk Committee   68

    § 3.12. Role of the Audit Committee in Compliance and Risk Management 76

    § 3.13. The Role of the Compensation Committee in Compliance and Risk Management      84

    TOPIC 4. EXECUTIVE MANAGEMENT

    § 3.14. Executive Management of Compliance and Risk Management          88

    TOPIC 5. INTERNAL-CONTROL OFFICERS

    § 3.15. Chief Compliance Officer                101

    § 3.16. Chief Risk Officer               116

    § 3.17. Chief Audit Officer             129

    § 3.18. Compliance and Risk-Management Responsibilities of Chief Legal Officer    140

    § 3.19. Compliance and Risk-Management Responsibilities of the

                    Human-Resources Officer            147

    § 3.20. Multiple Responsibilities of Internal-Control Officers            151

    § 3.21. Outsourcing, Use of Technology, and Engagement of Third-Party

                   Service Providers              154

     

    CHAPTER 5. COMPLIANCE

    TOPIC 1. THE COMPLIANCE FUNCTION

    § 5.01. Nature of the Compliance Function             161

    § 5.02. Goals of the Compliance Function               162

    § 5.03. General Compliance Activities of Organizations      166

    § 5.04. Enterprise Compliance      169

    TOPIC 2. EFFECTIVE COMPLIANCE

    § 5.05. Elements of an Effective Compliance Function        171

    § 5.06. Compliance Program        178

    TOPIC 3. SPECIFIC COMPLIANCE ACTIVITIES

    § 5.07. Compliance Risk Assessment          188

    § 5.08. Compliance Advice            192

    § 5.09. Compliance Monitoring [Reserved]             194

    § 5.10. Training and Education     194

    § 5.11. Red Flags              196

    § 5.12. Escalation Within the Organization             199

    § 5.13. Compliance Under Legal Uncertainty          201

    TOPIC 4. EMPLOYEES, AGENTS, AND COUNTERPARTIES

    § 5.14. Hiring of Employees, Retention of Agents, and Selection of Counterparties 202

    § 5.15. Background Checks           203

    § 5.16. Compensation     205

    § 5.17. Discipline              207

    TOPIC 5. INTERNAL REPORTING

    § 5.18. Procedures for Internal Reporting [Reserved]          211

    § 5.19. Protecting Confidentiality of Internal Reporting [Reserved]               211

    § 5.20. Nonretaliation [Reserved]              211

    TOPIC 6. THIRD-PARTY SERVICE PROVIDERS

    § 5.21. The Role of Third-Party Service Providers [Reserved]            211

    § 5.22. Attorneys [Reserved]        211

    § 5.23. External Auditors [Reserved]          211

    TOPIC 7. INVESTIGATIONS

    § 5.24. The Decision to Investigate [Reserved]      211

    § 5.25. Scope of Internal Investigations [Reserved]             211

    § 5.26. The Investigator [Reserved]           211

    § 5.27. Privilege in Investigations [Reserved]          211

    § 5.28. Responding to Government Investigations [Reserved]         211

    § 5.29. Fairness to Employees During Investigations [Reserved]      211

    § 5.30. Responding to the Investigator’s Report [Reserved]             211

    § 5.31. Lessons Learned [Reserved]           211

    TOPIC 8. COMPLIANCE BEYOND THE ORGANIZATION

    § 5.32. Responsibility of Parent Companies for Compliance in Subsidiaries [Reserved]           211

    § 5.33. Supply-Chain Due Diligence [Reserved]      211

    § 5.34. Vendor and Business-Partner Due Diligence [Reserved]       211

    § 5.35. Customer Due Diligence [Reserved]            211

    TOPIC 9. ETHICS AND SOCIAL RESPONSIBILITY

    § 5.36. Commitment to Ethical Behavior [Reserved]           211

    § 5.37. Codes of Ethics [Reserved]             211

    TOPIC 10. SPECIAL CONSIDERATIONS FOR NONPROFITS AND INTERNATIONAL FIRMS

    § 5.38. Special Considerations for International Firms [Reserved]   211

    § 5.39. Special Considerations for Nonprofit Organizations [Reserved]        211

     

    Appendix. Black Letter of Tentative Draft No. 1     213

    Tentative Draft No. 1 contains Chapter 1, Definitions (excluding reserved definitions); Chapter 2, Subject Matter, Objectives, and Interpretation; Chapter 3, Governance; and §§5.01-5.08 and 5.10-5.17 of Chapter 5, Compliance. The draft was approved by the membership at the 2019 Annual Meeting, subject to the discussion at the Meeting and to the usual editorial prerogative. This material may be cited as representing the Institute’s position until the official text of the entire project is published.

    274 pages, 2019, #1PLCERTD1E

    TABLE OF CONTENTS

     

    Project Status at a Glance             xiii

    Foreword            xv

    Reporters’ Memorandum              xxi

    CHAPTER 1

    DEFINITIONS

    § 1.01. Definitions            1

    CHAPTER 2

    SUBJECT MATTER, OBJECTIVES, AND INTERPRETATION

    § 2.01. Subject Matter     5

    § 2.02. Objectives             8

    § 2.03. Characteristics of the Organization             10

    § 2.04. Interpretation      14

    § 2.05. Nonliability           15

     

    CHAPTER 3

    GOVERNANCE

    TOPIC 1. GOVERNANCE IN COMPLIANCE AND

    RISK MANAGEMENT – GENERAL

    § 3.01. Governance in Compliance and Risk Management 17

    § 3.02. Governance Actors            18

    § 3.03. Governance Map for Compliance and Risk Management     20

    § 3.04. Coordination of Compliance and Risk Management in Affiliated Organizations          20

    § 3.05. Governance Accommodations for Organizational Circumstances     22

    § 3.06. Qualifications of Primary Governance Actors for Compliance and

                      Risk Management         23

    § 3.07. The Role of the Board of Directors and Executive Management in

                      Promoting an Organizational Culture of Compliance and Risk Management           29

     

    TOPIC 2. THE BOARD OF DIRECTORS – GENERAL

    § 3.08. Board of Directors’ Oversight of Compliance, Risk Management, and Internal Audit 36

    TOPIC 3. THE BOARD OF DIRECTORS – COMMITTEES

    § 3.09. Delegation of Oversight Responsibilities by the Board of Directors to a

                     Committee or Group of its Members       52

    § 3.10. Compliance and Ethics Committee              58

    § 3.11. Risk Committee   68

    § 3.12. Role of the Audit Committee in Compliance and Risk Management 76

    § 3.13. The Role of the Compensation Committee in Compliance and Risk Management      84

    TOPIC 4. EXECUTIVE MANAGEMENT

    § 3.14. Executive Management of Compliance and Risk Management          88

    TOPIC 5. INTERNAL-CONTROL OFFICERS

    § 3.15. Chief Compliance Officer                101

    § 3.16. Chief Risk Officer               116

    § 3.17. Chief Audit Officer             129

    § 3.18. Compliance and Risk-Management Responsibilities of Chief Legal Officer    140

    § 3.19. Compliance and Risk-Management Responsibilities of the

                    Human-Resources Officer            147

    § 3.20. Multiple Responsibilities of Internal-Control Officers            151

    § 3.21. Outsourcing, Use of Technology, and Engagement of Third-Party

                   Service Providers              154

     

    CHAPTER 5. COMPLIANCE

    TOPIC 1. THE COMPLIANCE FUNCTION

    § 5.01. Nature of the Compliance Function             161

    § 5.02. Goals of the Compliance Function               162

    § 5.03. General Compliance Activities of Organizations      166

    § 5.04. Enterprise Compliance      169

    TOPIC 2. EFFECTIVE COMPLIANCE

    § 5.05. Elements of an Effective Compliance Function        171

    § 5.06. Compliance Program        178

    TOPIC 3. SPECIFIC COMPLIANCE ACTIVITIES

    § 5.07. Compliance Risk Assessment          188

    § 5.08. Compliance Advice            192

    § 5.09. Compliance Monitoring [Reserved]             194

    § 5.10. Training and Education     194

    § 5.11. Red Flags              196

    § 5.12. Escalation Within the Organization             199

    § 5.13. Compliance Under Legal Uncertainty          201

    TOPIC 4. EMPLOYEES, AGENTS, AND COUNTERPARTIES

    § 5.14. Hiring of Employees, Retention of Agents, and Selection of Counterparties 202

    § 5.15. Background Checks           203

    § 5.16. Compensation     205

    § 5.17. Discipline              207

    TOPIC 5. INTERNAL REPORTING

    § 5.18. Procedures for Internal Reporting [Reserved]          211

    § 5.19. Protecting Confidentiality of Internal Reporting [Reserved]               211

    § 5.20. Nonretaliation [Reserved]              211

    TOPIC 6. THIRD-PARTY SERVICE PROVIDERS

    § 5.21. The Role of Third-Party Service Providers [Reserved]            211

    § 5.22. Attorneys [Reserved]        211

    § 5.23. External Auditors [Reserved]          211

    TOPIC 7. INVESTIGATIONS

    § 5.24. The Decision to Investigate [Reserved]      211

    § 5.25. Scope of Internal Investigations [Reserved]             211

    § 5.26. The Investigator [Reserved]           211

    § 5.27. Privilege in Investigations [Reserved]          211

    § 5.28. Responding to Government Investigations [Reserved]         211

    § 5.29. Fairness to Employees During Investigations [Reserved]      211

    § 5.30. Responding to the Investigator’s Report [Reserved]             211

    § 5.31. Lessons Learned [Reserved]           211

    TOPIC 8. COMPLIANCE BEYOND THE ORGANIZATION

    § 5.32. Responsibility of Parent Companies for Compliance in Subsidiaries [Reserved]           211

    § 5.33. Supply-Chain Due Diligence [Reserved]      211

    § 5.34. Vendor and Business-Partner Due Diligence [Reserved]       211

    § 5.35. Customer Due Diligence [Reserved]            211

    TOPIC 9. ETHICS AND SOCIAL RESPONSIBILITY

    § 5.36. Commitment to Ethical Behavior [Reserved]           211

    § 5.37. Codes of Ethics [Reserved]             211

    TOPIC 10. SPECIAL CONSIDERATIONS FOR NONPROFITS AND INTERNATIONAL FIRMS

    § 5.38. Special Considerations for International Firms [Reserved]   211

    § 5.39. Special Considerations for Nonprofit Organizations [Reserved]        211

     

    Appendix. Black Letter of Tentative Draft No. 1     213

    Tentative Draft No. 1 contains Chapter 1, Definitions (excluding reserved definitions); Chapter 2, Subject Matter, Objectives, and Interpretation; Chapter 3, Governance; and §§5.01-5.08 and 5.10-5.17 of Chapter 5, Compliance. The draft was approved by the membership at the 2019 Annual Meeting, subject to the discussion at the Meeting and to the usual editorial prerogative. This material may be cited as representing the Institute’s position until the official text of the entire project is published.