by Juan Manuel González | Dec 27, 2024 | Noticias-en, Opinions
Starting from the premise that a compliance program must be implemented according to the size and characteristics of the organization, we will now make some recommendations for its implementation in a large company, which, due to its focus and complexity, varies significantly from that of a small company.
Firstly, and considering that large companies usually have greater resources available, we recommend that, in addition to dedicating financial, technological and human resources, through the participation of specialized teams during its implementation, the governing body and senior management demonstrate a commitment to the culture of compliance, sufficiently visible to generate awareness at all levels of the organization, through awareness-raising, sensitization and training programs.
Likewise, considering that a large company could have a higher degree of exposure to risk, as a consequence of the volume or complexity of its operations, it is recommended that, as a starting point, and prior to the identification of the activities, operations and/or processes exposed to risk, the following methodologies be developed ad hoc for the organization:
- Risk assessment: which takes into account the risks inherent to the organization’s activities, and the criteria for determining the level of impact and probability consider the nature of the business, its economic environment and the influence on the fulfillment of strategic objectives.
- Control evaluation: which measures the level of control strength, considering, for example, the degree of automation (manual or automatic), the nature of the control (preventive or detective), the ability to circumvent the control (vulnerability) and the frequency of execution of the control.
- Review of controls: to ensure an adequate control environment, through guidelines that allow the development of control monitoring plans that contain specific actions and lines of defense aimed at properly managing the supervision of previously identified controls.
As you can see, large companies will not only have a higher degree of sophistication during the implementation stage of a compliance program , but also during its operation, since, compared to a small company:
- The frequency of review of risks and controls will be less spaced.
- Higher levels of reporting of the results of the different model reviews will be established.
- More frequent and more specialized communication programs will be required.
- Codes, policies, procedures, action guides, manuals, protocols and/or instructions will be developed for specific risk areas.
- Increased internal controls will be implemented.
- The use of technologies for monitoring the program and access to the reporting channel will be assessed.
- Compliance programs will be integrated into the organization’s various processes.
- The model will be flexible enough to grow with the organization (scalable).
- The appointment of an internal auditor will be evaluated.
- The governing body or senior management, as appropriate, will need to appoint a compliance program officer with autonomy, authority and independence .
In conclusion, the implementation of a compliance program in large companies must be adapted to the specific characteristics and dimensions of the organization, considering aspects such as operational volume, exposure to risks and complexity of its structure.
For this, the involvement of corporate governance is key, since it must lead and promote the implementation and supervision of the compliance program, in addition to ensuring compliance by acting in an ethical and responsible manner.
In addition, it is essential to create customized methodologies to evaluate risks, controls and their constant review, thus ensuring a solid control environment.
By Jorge Luis Hurtado, Deputy Manager of Legal and Regulatory Management at Redinter.
by Juan Manuel González | Dec 16, 2024 | Noticias-en, Opinions
In the pharmaceutical industry, compliance has become a fundamental pillar to ensure that all operations are carried out with integrity, ethics and transparency in order to position itself solidly in the market.
As this is such a relevant sector for public health, ensuring that all activities are carried out in accordance with the highest legal and ethical standards not only protects companies, but also strengthens the trust of patients, institutions, physicians and society in general.
In recent years, compliance in the pharmaceutical industry has led to a transformation in the organizational cultures of the companies that lead the industry. The Chief Compliance Officer and the Ethics Committees have become indispensable figures within organizations that prioritize compliance, ensuring that all business activities are carried out in compliance with ethical principles and the law.
A few years ago, the inclusion of compliance clauses in contracts, such as data protection, codes of ethics and anti-corruption regulations, generated numerous discussions between the parties involved. However, today, this is no longer a topic of debate. Compliance has become global and it is indisputable that these types of clauses must be present to ensure regulatory and ethical compliance at an international level.
Looking ahead to 2025 and beyond, the industry will continue to work on developing effective compliance programs that will enable them to be in line with international regulations.
When it comes to personal data, the adoption of the General Data Protection Regulation (GDPR) in Latin American countries has increased. Pharmaceutical companies must redouble their efforts to ensure the protection of patients’ personal data and comply with international standards. The increasing digitalization and use of big data in research and development makes rigorous management of personal data mandatory to avoid sanctions and maintain public trust.
The fight against corruption will continue to be a priority in the industry. Companies must implement and constantly update their compliance programs to prevent corrupt practices, always keeping in mind the internationally referenced provisions, such as the FCPA and the UK Bribery Act.
A gradual recovery in M&A activity is expected next year, driven by the improvement in financial markets and the strategic need for companies to transform and expand. Compliance will continue to play a fundamental role in these types of transactions, mitigating risks and ensuring that they are carried out efficiently and in accordance with the law.
There is no doubt that support from new technologies will be key to achieving effective compliance programs. Specifically, in regards to:
Risk detection and prevention: AI and machine learning enable the analysis of big data to identify unusual patterns that could signal compliance risks. This effectively prevents fraud and illicit activities.
Process Automation : Repetitive and administrative tasks, such as document review and compliance verification, can be automated, increasing efficiency and helping to reduce the margin for human error.
Informed Decisions: AI systems offer detailed analysis in real-time, facilitating decisions based on accurate and up-to-date data. This is vital for regulatory compliance in a dynamic business environment.
The implementation of AI will not only generate help for companies, but also significant challenges. It is essential to ensure transparency in this type of automated processes and to comply with the regulations and standards in this area, which will be constantly changing due to the dynamics involved.
In 2025, compliance in the pharmaceutical industry will continue to evolve to meet new challenges and comply with stricter regulations. A strong compliance program will not only avoid sanctions, but will also improve the reputation of companies and strengthen stakeholder trust.
It is crucial for pharmaceutical companies to maintain a proactive and continuous approach to regulatory compliance, adapting to changing regulations and leveraging new technologies to detect and prevent risks. By doing so, they will not only contribute to a more ethical and transparent business environment, but will also ensure equitable access to medicines, reaching more patients and reducing costs.
By Vanessa Malcolm, Head of Legal Department at Megalabs.
by Juan Manuel González | Dec 10, 2024 | Noticias-en, Opinions
Over the past decade, we have witnessed significant transformations in the legal field, where the inclusion of new generations has proven to be a key factor in energizing organizations. As a young lawyer with a solid track record in the energy sector, especially in hydrocarbons, oil and petrochemicals, and with recent experience as a legal and compliance director, I have been able to observe closely how our active participation is transforming the way companies face legal and regulatory challenges.
Generational change is not limited to a mere change of leadership; it represents a valuable opportunity to challenge paradigms and bring fresh perspectives. As young lawyers, we have the ability to adapt quickly to new technologies and social demands. However, in order for our potential to materialize, it is essential that we are given the confidence and support necessary to grow and assume leadership roles.
The growing importance of compliance in the business world is an area where our generation can make a difference. With a focus on ethics and integrity as fundamental pillars, young lawyers can help organizations build robust and resilient compliance cultures. This is not just about complying with regulations, but about fostering an environment in which transparency and accountability are the norm, thus contributing to the sustainability and reputation of companies.
In my experience, investing in young talent has been crucial to addressing complex challenges. We are often able to see innovative solutions from different angles. In the context of compliance, this translates into the implementation of technological tools and agile methodologies that facilitate risk monitoring and regulatory compliance. Our generation’s familiarity with digitalization and data analysis allows us to proactively address the challenges that organizations face in this field.
However, it is also important to recognize and value the role of experienced lawyers, who bring their wisdom and accumulated knowledge to the teams. This balance between the energy of our generation and the experience of more established professionals enriches our organizations and fosters an environment of mutual learning. Together, we can build compliance strategies that not only adhere to regulations, but are also an integral part of the organizational culture.
I have witnessed how, with the right support, new professionals can achieve exceptional goals. This process requires a collective commitment to create environments conducive to our professional growth, based on trust, meritocracy and inclusion. Promoting a collaborative approach to compliance, where voices from all levels are heard, can lead to early identification of risks and the creation of effective solutions tailored to the needs of the organization.
The path is not easy, and the challenges we face as young lawyers are significant. However, our motivation and desire to excel are engines that can drive positive changes in the industry and in the companies where we work. Fostering inclusive leadership that gives voice to our generation is essential to building a more dynamic and competitive future, while learning from those who have walked this path before us.
Trust is fundamental to the success of any organization. Giving space to new professionals not only boosts our personal growth, but also enriches companies. My experience has taught me that leadership is not just a matter of experience, but also of vision and adaptability to a constantly evolving environment.
It is time for more organizations to recognize the value of promoting this generational change. By trusting the new generations and valuing experienced professionals, we are building a solid present and a promising future. Furthermore, by integrating this new perspective into the field of compliance, it is possible to ensure not only legal compliance, but also an ethical commitment that boosts the reputation and sustainability of companies in the long term.
By Daniel Cheang, Chief Legal and Compliance Officer at Energas | Compliance Latam Collaborator
by Juan Manuel González | Oct 14, 2024 | Noticias-en, Opinions
In the context of a large multinational corporation, implementing a compliance ambassador program is essential to ensure integrity, ethics and compliance across all of its global operations. This article explores the importance of this program, highlighting the need for capillarity and the main tasks that ambassadors perform.
Involving employees in a voluntary participation process, with the approval of leaders, brings them closer and makes them feel part of the Compliance area.
In addition, ambassadors know the best way to communicate with their areas and contribute significant improvements to the Compliance processes, whether by resolving more specific queries and referrals from their colleagues, or by proposing personalized training or even changes to Guidelines and Procedures.
Compliance Ambassadors play a crucial role in promoting an environment of ethics and integrity. Their main tasks include:
1. Education and Training: Propose training sessions on compliance policies, code of conduct and best practices, ensuring that all employees understand their responsibilities.
2. Support for inquiries and requests: Serve as points of contact for compliance issues, promoting open dialogue and disseminating relevant information on ethical practices.
3. Disclosure and Engagement: Monitor and disseminate compliance activities in their areas, involving their colleagues and providing feedback and opportunities for improvement to the Compliance area.
Importance of capillarity
In large corporations, cultural diversity and the variety of local regulations require an approach adapted to regional realities. Therefore, capillarity in a compliance program is extremely important to map the needs and different forms of communication with all areas and levels of the organization, from headquarters to operational areas.
The presence of Compliance Ambassadors in various areas and levels of the company helps to:
1. Reinforce everyone’s responsibility: With ambassadors in different regions, we reinforce daily that the responsibility of maintaining an ethical and safe environment must be shared among all employees.
2. Bring Compliance closer to the business: A compliance ambassador program acts as a link between the Compliance area and the Company’s employees, promoting a culture of ethics and compliance.
3. Employee commitment: The presence of ambassadors in different areas creates an environment where employees feel more comfortable discussing concerns and reporting irregularities.
Conclusion
A compliance ambassador program is vital to the success of large multinational corporations. Through the proactive actions and reach of ambassadors, it is possible to create an organizational culture that values ethics and compliance. This not only minimizes legal and reputational risks, but also strengthens trust between employees, customers and stakeholders, positioning the company as a leader in corporate responsibility at a global level.
By Victor Alota I. Pereira, Compliance Specialist at Braskem.
by Juan Manuel González | Oct 3, 2024 | Noticias-en, Opinions
On September 26, the regulations governing the supervision of legal entities , in accordance with the provisions of the Law on Economic Crimes , were published in the Official Journal .
Among the most relevant modifications, the figure of supervision of the legal entity was incorporated , which can be ordered by a court as a penalty, precautionary measure or condition of a conditional suspension of the procedure.
In addition, it seeks to ensure that companies that are part of the proceedings establish an effective system for preventing economic crimes.
Among the most relevant aspects for the application of this regulation, there are several elements that are key to the effective functioning of the supervision system for legal entities.
Below we mention the following:
- Definition of supervision of legal person: According to the regulation, supervision of the legal person consists of “ subject to a supervisor, appointed by the court, responsible for ensuring that the legal person effectively develops, implements or improves a crime prevention system within a minimum period of six months and a maximum of two years . ”
- General requirements for the application of the legal entity: The court will appoint a supervisor in those cases where it is determined that the legal entity does not have a crime prevention system , or said system is insufficient to prevent crimes.
- Obligations: The legal entity shall be obliged to make available to the supervisor all the information necessary for the performance of the assignment, including allowing access to its facilities and premises.
In addition, he/she shall be obliged to comply with the instructions given by the supervisor in the development, implementation, improvement or control of the operation of the crime prevention system.
Regarding the role of the supervisor , several key aspects stand out that are fundamental to understanding his role and responsibility within the supervision system of legal entities, among which the following stand out:
- Qualifying requirements to hold the position: The supervisor must be a natural person who meets certain requirements such as:
- Have a relevant professional qualification (professional degree of at least ten semesters in duration).
- At least five years of verifiable experience.
- Knowledge of risk management and crime prevention, and experience in the applicable legal framework.
- In addition, the director must ensure that there are no conflicts of interest or prohibitions or disqualifications that affect the exercise of his or her duties.
- Powers and duties of the supervisor:
- It may issue instructions and set conditions on the legal entity’s crime prevention system, as determined by the court.
- You have the right to access information, facilities and interview personnel necessary to perform your duties.
- Its actions are limited to the prevention of crimes, and it must maintain confidentiality regarding the information obtained, except in public reports.
- In addition, he is considered a public employee for the purposes of his responsibilities.
- Supervisor’s remuneration: The supervisor’s remuneration will be determined by the court according to market criteria and will be the responsibility of the company.
This remuneration will cover all expenses and fees related to supervision, including those of his team.
Candidates will propose their compensation at the appointment hearing, taking into account factors such as the size and complexity of the legal entity, as well as the compensation of similar supervisors and other relevant positions.
For more information on the application of this regulation, we recommend consulting our Compliance group :
Rodrigo Albagli | Partner | ralbagli@az.cl
Yoab Bitran | Compliance group director | ybitran@az.cl
Caterina Ravera | Senior Associate | cravera@az.cl
Sebastian Achondo | Associate | sachondo@az.cl
Loreto Osorio | Associate | losorio@az.cl
by Juan Manuel González | Sep 27, 2024 | Noticias-en, Opinions
SBS Resolution No. 02648-2024, a crucial regulation for the prevention of money laundering and terrorist financing (LAFT) applicable to Virtual Asset Service Providers (PSAV), was published.
Importance
This resolution is especially relevant for those operating in the virtual assets (cryptocurrencies) market, ensuring that their activities are carried out within a regulatory framework that minimizes risks and promotes transparency.
Scope and Reach
As of July 2023, PSAVs were incorporated as subjects required to report to the UIF-Peru through DS No. 006-2023-JUS.
Now, with this resolution, specific rules are established that will regulate the LAFT Prevention System for all PSAVs domiciled or incorporated in Peru.
What are PSAVs and what activities do they perform?
Virtual Asset Service Providers (VASPs) are entities that facilitate transactions and services related to virtual assets, such as cryptocurrencies (Bitcoin, Ethereum, and others). According to Article 2 of the resolution, VASPs can carry out activities such as:
- Exchange between virtual assets and fiat or legal tender currency.
- Exchange between one or more forms of virtual assets.
- Transfer of virtual assets.
- Custody and/or administration of virtual assets or instruments that allow control over them.
- Participation and provision of financial services related to an issuer’s offering and/or sale of a virtual asset
Obligations of the PSAV
- The PSAV must implement a system for the prevention of money laundering and tax evasion (SPLAFT) by managing the risks to which it is exposed. This includes appropriate policies and procedures for knowing its customers, identifying unusual transactions and ensuring employee training.
- PSAVs must register with the Financial Intelligence Unit (UIF-Peru) as SO and keep their status as obligated subjects up to date.
- In the event of ceasing their activities or modifying their regulations, PSAVs must notify the UIF-Peru within 30 days.
- PSAVs must comply with specific due diligence requirements to know their customers and report suspicious transactions.
Validity:
- The regulation came into force on August 2, 2024.
- Chapter VIII, called “Travel Rules”, which includes specific provisions on the transfer of information in virtual asset transactions, comes into force in two years, in August 2026 .
Adaptation period:
PSAVs have a period of 120 days to adapt to the new provisions. This period is essential to implement the systems and procedures necessary to comply with the standard.
For more details or how to adapt the standard, you can contact us: compliance@cpb-abogados.com.pe