If you read the article (and others) it can be read either way. The blog's purpose is to give Compliance Officers tools, reference information and background as to what is going on. That the SEC is getting involved in Compliance investigations indicates to me increased scrutiny of companies' compliance issues. As a technical issue, this appears to me to be bureaucratic overreach at the least, since SEC and DOJ aren't safety organizations like OSHA. I think out-of-compliance issues should be (1) safety based and (2) customer sourced. SEC or DOJ get involved when there's a user-related problem or clear malfeasance (altering of documentation, unsubstantiated claims, etc.), which are covered under existing laws. As I see IEC regulations leaning more towards risk management/aversion, I get the feeling that standards organizations are also contributing to this overreach by trying to solve problems, via regulation/standardization that haven't been proven yet to be problems in the actual marketplace of people, customers and products. If you've been involved in any STP's, it's hard to avoid the feeling that there are some making hay out of increased regulatory oversight, including many ways that help consultants more than end users. Colorado Brian
---------- Original Message ---------- From: "gdstuyvenb...@yahoo.com" <0000058ee1229c70-dmarc-requ...@ieee.org> To: EMC-PSTC@LISTSERV.IEEE.ORG Subject: Re: [PSES] Is your company doing enough to ensure adequate EMC compliance? Date: Fri, 15 Jan 2016 13:29:10 +0000 Ken, wasn't suggesting increased government regulation, rather useful tips for our own consideration. Gary StuyvenbergThompson Consulting From: Ken Javor <ken.ja...@emccompliance.com> To: EMC-PSTC@LISTSERV.IEEE.ORG Sent: Thursday, January 14, 2016 10:59 PM Subject: Re: [PSES] Is your company doing enough to ensure adequate EMC compliance? “Last week was a good one for the compliance profession. “ Could not disagree more. This is big brother, or socialism, call it what you will. A product either meets requirements, or it doesn't. The gov’t instructing the private sector on how to get there is worse than superfluous, it’s damaging. Ken Javor Phone: (256) 650-5261 From: "gdstuyvenb...@yahoo.com" <0000058ee1229c70-dmarc-requ...@ieee.org> Reply-To: "gdstuyvenb...@yahoo.com" <gdstuyvenb...@yahoo.com> Date: Fri, 15 Jan 2016 03:33:42 +0000 To: <EMC-PSTC@LISTSERV.IEEE.ORG> Subject: [PSES] Is your company doing enough to ensure adequate EMC compliance? As this is a board that deals primarily with regulatory/compliance issues, I thought the following article was pertinent to our cause and deserving of consideration. FEDS AS THOUGHT LEADERS: A BACK-DOOR COMPLIANCE DEFENSE TAKES SHAPE <http://www.fcpablog.com/blog/2015/11/11/feds-as-thought-leaders-a-back-door-compliance-defense-takes.html> By Richard L. Cassin <http://www.fcpablog.com/blog/author/fcpablog> | Wednesday, November 11, 2015 at 7:53AM Assistant Attorney General Leslie Caldwell said last week the DOJ's hiring of a compliance counsel doesn't mean the agency is "moving toward recognizing or instituting a 'compliance defense.'" What then will the compliance counsel do? "She will help us evaluate each compliance program on a case-by-case basis -- just as the department always has -- but with a more expert eye," AAG Caldwell told a gethering <http://www.justice.gov/opa/speech/assistant-attorney-general-leslie-r-caldwell-speaks-sifma-compliance-and-legal-society> of compliance officers in New York. Caldwell, pictured above, then set out the factors the DOJ compliance counsel will assess: Does the institution ensure that its directors and senior managers provide strong, explicit and visible support for its corporate compliance policies? Do the people who are responsible for compliance have stature within the company? Do compliance teams get adequate funding and access to necessary resources? Of course, we won’t expect that a smaller company has the same compliance resources as a Fortune-50 company. Are the institution’s compliance policies clear and in writing? Are they easily understood by employees? Are the policies translated into languages spoken by the company’s employees? Does the institution ensure that its compliance policies are effectively communicated to all employees? Are its written policies easy for employees to find? Do employees have repeated training, which should include direction regarding what to do or with whom to consult when issues arise? Does the institution review its policies and practices to keep them up to date with evolving risks and circumstances? This is especially important if a U.S.-based entity acquires or merges with another business, especially a foreign one. Are there mechanisms to enforce compliance policies? Those include both incentivizing good compliance and disciplining violations. Is discipline even handed? The department does not look favorably on situations in which low-level employees who may have engaged in misconduct are terminated, but the more senior people who either directed or deliberately turned a blind eye to the conduct suffer no consequences. Such action sends the wrong message -- to other employees, to the market and to the government -- about the institution’s commitment to compliance. Does the institution sensitize third parties like vendors, agents or consultants to the company’s expectation that its partners are also serious about compliance? This means more than including boilerplate language in a contract. It means taking action -- including termination of a business relationship -- if a partner demonstrates a lack of respect for laws and policies. And that attitude toward partner compliance must exist regardless of geographic location. Two days after AAG Caldwell's talk in New York, Andrew Ceresney, head of the SEC's enforcement division, spoke to <http://www.fcpablog.com/blog/2015/11/9/sec-we-protect-compliance-officers-except-when-we-prosecute.html> the National Society of Compliance Professionals at the group's annual event in DC. He started with a disclaimer: "[T]he views I express here today are my own and do not necessarily represent the views of the Commission or its staff." Then he said something every compliance officer and corporate director and C-suiter should hear and remember: "I have found that you can predict a lot about the likelihood of an enforcement action by asking a few simple questions about the role of the company’s compliance department in the firm." Here are those "simple" questions: Are compliance personnel included in critical meetings? Are their views typically sought and followed? Do compliance officers report to the CEO and have significant visibility with the board? Is the compliance department viewed as an important partner in the business and not simply as a support function or a cost center? Is compliance given the personnel and resources necessary to fully cover the entity’s needs? "Far too often," Ceresney said, "the answer to these questions is no, and the absence of real compliance involvement in company deliberations can lead to compliance lapses, which, in turn, result in enforcement issues." (our emphasis) What Caldwell and Ceresney said last week doesn't equal a compliance defense for the FCPA. Congress hasn't changed the law, and courts haven't reinterpreted it. There's still no formal way for a defendant to plead a compliance defense under the FCPA, and respondeat superior (in all its unfairness <http://www.fcpablog.com/blog/2008/11/24/in-the-masters-defense.html> ) is still alive and well. Yet what the enforcement top guns said last week will have an impact. They spoke publicly. They used plain English. They were specific in describing what the DOJ and SEC expect to see or not see when evaluating whether to bring an enforcement action. In house lawyers and outside counsel can measure the company's behavior against those words, and argue why an enforcement action isn't warranted. Public accountability of the DOJ and SEC and how they make decisions to bring FCPA enforcement actions just increased. Beyond that, Caldwell and Ceresney last week gave companies more reasons to have strong compliance programs. And they gave compliance officers more tools to work with, and more authority. Those are the same objectives of a compliance defense. Last week was a good one for the compliance profession. - See more at: http://www.fcpablog.com/blog/2015/11/11/feds-as-thought-leaders-a-back-door-compliance-defense-takes.html#sthash.vw9uPoS1.dpuf - ---------------------------------------------------------------- This message is from the IEEE Product Safety Engineering Society emc-pstc discussion list. To post a message to the list, send your e-mail to <emc-p...@ieee.org> All emc-pstc postings are archived and searchable on the web at: http://www.ieee-pses.org/emc-pstc.html Attachments are not permitted but the IEEE PSES Online Communities site at http://product-compliance.oc.ieee.org/ can be used for graphics (in well-used formats), large files, etc. Website: http://www.ieee-pses.org/ Instructions: http://www.ieee-pses.org/list.html (including how to unsubscribe) <http://www.ieee-pses.org/list.html> List rules: http://www.ieee-pses.org/listrules.html For help, send mail to the list administrators: Scott Douglas <sdoug...@ieee.org> Mike Cantwell <mcantw...@ieee.org> For policy questions, send mail to: Jim Bacher <j.bac...@ieee.org> David Heald <dhe...@gmail.com> - ----------------------------------------------------------------This message is from the IEEE Product Safety Engineering Society emc-pstc discussion list. To post a message to the list, send your e-mail to <emc-p...@ieee.org>All emc-pstc postings are archived and searchable on the web at: http://www.ieee-pses.org/emc-pstc.htmlAttachments are not permitted but the IEEE PSES Online Communities site at http://product-compliance.oc.ieee.org/ can be used for graphics (in well-used formats), large files, etc.Website: http://www.ieee-pses.org/ Instructions: http://www.ieee-pses.org/list.html (including how to unsubscribe) List rules: http://www.ieee-pses.org/listrules.htmlFor help, send mail to the list administrators: Scott Douglas <sdoug...@ieee.org> Mike Cantwell <mcantw...@ieee.org>For policy questions, send mail to: Jim Bacher <j.bac...@ieee.org> David Heald <dhe...@gmail.com> - ---------------------------------------------------------------- This message is from the IEEE Product Safety Engineering Society emc-pstc discussion list. To post a message to the list, send your e-mail to <emc-p...@ieee.org> All emc-pstc postings are archived and searchable on the web at: http://www.ieee-pses.org/emc-pstc.html Attachments are not permitted but the IEEE PSES Online Communities site at http://product-compliance.oc.ieee.org/ can be used for graphics (in well-used formats), large files, etc. Website: http://www.ieee-pses.org/ Instructions: http://www.ieee-pses.org/list.html (including how to unsubscribe) List rules: http://www.ieee-pses.org/listrules.html For help, send mail to the list administrators: Scott Douglas <sdoug...@ieee.org> Mike Cantwell <mcantw...@ieee.org> For policy questions, send mail to: Jim Bacher <j.bac...@ieee.org> David Heald <dhe...@gmail.com> - ---------------------------------------------------------------- This message is from the IEEE Product Safety Engineering Society emc-pstc discussion list. To post a message to the list, send your e-mail to <emc-p...@ieee.org> All emc-pstc postings are archived and searchable on the web at: http://www.ieee-pses.org/emc-pstc.html Attachments are not permitted but the IEEE PSES Online Communities site at http://product-compliance.oc.ieee.org/ can be used for graphics (in well-used formats), large files, etc. Website: http://www.ieee-pses.org/ Instructions: http://www.ieee-pses.org/list.html (including how to unsubscribe) List rules: http://www.ieee-pses.org/listrules.html For help, send mail to the list administrators: Scott Douglas <sdoug...@ieee.org> Mike Cantwell <mcantw...@ieee.org> For policy questions, send mail to: Jim Bacher: <j.bac...@ieee.org> David Heald: <dhe...@gmail.com>
