Mitigating the risk of corporate fraud
Alexandra Padurariu, Head of Legal Affairs & Compliance, Samsung Electronics

As corporate fraud is a growing risk for companies, organisations are taking a proactive approach to risk management, allocating resources and increased focus on the anti-fraud compliance programs. Which Lawyer in Romania spoke to Alexandra Padurariu, Head of Legal Affairs & Compliance at Samsung Electronics to outline recent trends in the fight against corporate fraud and regulatory developments that would help mitigate the risk.

How will the Whistleblowing law influence the management of fraud in companies?

 For the companies that already have a solid fraud management system, the law will have only a formal influence, meaning, the company would only have to adjust its fraud management system to the specific formal requirements of the law. On the other hand, this is a rather rare situation in Romania, therefore, the companies need to use this opportunity to review their fraud management system, with the help of specialists, if needed, to make sure that they will comply with the upcoming legal provisions, on one hand, and that they have a functional fraud management system that prevents the risk exposure caused by internal fraud, on the other hand.

In Samsung we have several channels that support the compliance efforts: two internal systems that hold comprehensive compliance materials and have reporting sections, and a dedicated email address for whistleblowing.

In order to support the company’s overall compliance efforts, we also grant a quarterly Compliance Champion Internal Award, as a way to stress the importance of compliance and as a token of appreciation for those employees showing extra-commitment in observing laws and regulations and setting an example of integrity and acquiescence to company rules.

What are the most frequent reports that you think will be made after the entry into force of the law?

The reports that companies can generally receive will refer mainly to the most prominent areas of compliance risk, such as: conflict of interest, corruption, embezzlement, competition but also discrimination, harassment and bullying.

What are the main things that a company facing a suspicion of fraud must consider in order to become or remain compliant?

We believe in risk prevention as being the better option, instead of simply mitigating or reducing a crisis. We recommend companies to analize pro-actively their most sensitive risk areas, as well as to train employees preventively, to avoid the risk from materialising in the first place.

Once the risk is materialised, aside the formal obligations arising from the Whistleblowing law, a company should concentrate on the subsequent measures, mentioned by the law, and immediately begin a thorough internal investigation in order to be able to assess the risks it faces. 

What should be the company's reaction to the employees and managers involved in the fraud? What can you recommend to companies in this regard?

After conducting an internal investigation and getting an overview, a company should concentrate on: reestablishing compliance, diminishing and mitigating the various categories of risks, and, last but not least, minimising or fully recovering the damage suffered as a consequence of the fraud. In a nutshell, the company needs to proceed according to internal procedures and the applicable law. 

We recommend companies to keep abreast of any potential risks preemptively and encourage employees to communicate closely with the management an raise flags early on about any suspicion they might have.

What are the challenges that a compliance officer faces during this period and what is your opinion about the need for compliance monitoring within companies.

One of the challenges that we expect during the next period is to receive vague, potentially unfounded whistleblow reports, that may not actually represent violations. We have faced this upon the dawn of the GDPR reports and we are preparing for it by training personnel to raise awareness on the content of the law, rights and obligations of employees that will submit cases or publicly disclose information according to the law and the measures of their protection. 

Also, compliance officers may use the new Whistleblowing Law to revise their compliance system and put it in line with the provisions of the law. They need to concentrate on an efficient system to handle the subsequent measures that the company needs to perform, following a whistleblowing report.

How can the effectiveness of the compliance culture in the company be measured? What are the KPIs that matter in a CMS Compliance Management System program.

An effective compliance system must be monitored, adjusted and improved on a constant basis. Unfortunately, it cannot always be measured by specific KPIs, since compliance breaches often tend to be revealed after the damage was already done. Therefore the most important things in order to secure the highest performance of a compliance system are prevention and constant adaptation.

In our company we also keep an eye on training attendance and training content acknowledgement, through customised tests.

November 14, 2024 11:44
Article written by Mihaela Nyerges, Managing Partner and Paraschiv Sandu, Asso...more »
August 30, 2024 15:49
 Article by Adela Nuță, Baciu Partners Romania stands on the verge of ...more »
 
July 29, 2024 09:53
Article by Flavius Florea, Counsel, TMT, IP & Data Protection practic...more »
July 18, 2024 17:23
article by Andrada Popescu, Noerr During this heatwave, you might think that ...more »
*
Govnet Next Events