No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Q&A with James Cesarano

by Corporate Compliance Insights
January 18, 2018
in Featured, Leadership and Career
Q&A with James Cesarano

Q&A with James Cesarano, VP, Ethics and Compliance at Kroll

Maurice Gilbert: How did you get started on a career in compliance?

James Cesarano: After college, I began working in compliance as a Trade Analyst with the New York Mercantile Exchange. Those were early days for the compliance profession, and I immediately found the work interesting and exciting.  I was drawn to law school and spent ten years as a prosecutor with the District Attorney’s Office in Manhattan.  From there, I worked as a Vice President in Corporate Investigations at Morgan Stanley, where my team was responsible for conducting reputational due diligence for the Firm.  I consider my work at both the Manhattan DA’s Office and Morgan Stanley to have provided great experience and laid a solid foundation for my full-circle return to the compliance world when I joined Kroll a few years ago.  I now serve as the global head of Kroll’s Ethics & Compliance Department.

MG: How do you stay current on ethics & compliance issues?

JC: As with many companies, the compliance function at Kroll works very closely with and is part of the in-house legal team. Our legal and compliance teams monitor and review laws, rules, and regulations relevant to Kroll’s business, and as they relate to client matters.  We also provide regular training and guidance to our global teams.

Members of the legal and compliance team are provided with subscriptions to various newsletters and periodicals which help us keep abreast of the latest rules, regulations, and developments pertaining to our industry.  With specific regard to ethics and compliance issues, I am also a member of various compliance organizations, including the Society of Corporate Compliance and Ethics (SCCE) and Compliance Week.

Additionally, we gain a unique perspective on emerging risk from Kroll’s work assisting clients with their compliance-related challenges.  As an integral member of the business leadership team, I see what cases are coming in and what issues are being raised.  Hearing these risks articulated in real-time adds another dimension to our understanding of today’s global ethics and compliance issues.

MG: Can you please provide an overview of your role as Vice President of Ethics and Compliance at Kroll? What are your responsibilities?

JC: As the head of Kroll’s Ethics & Compliance Department, I am responsible for the implementation and management of Kroll’s compliance program consistent with the Company’s commitment to maintaining an ethical culture and conducting business ethically and in accordance with all applicable laws and regulations. Along with policy implementation and management, the compliance team:

  • ensures that all employees are properly trained under the Company’s Code of Conduct and Business Ethics;
  • oversees the vetting and approval process for all independent contractors hired by the Company;
  • evaluates risk vis-à-vis overseeing the Risk Committee process and ensuring potential engagements with a high level of risk are brought before the Committee for evaluation and evaluating potential business conflicts of interest on new opportunities; and
  • ensures staff are properly licensed and that Kroll is abiding by the various rules and regulations of the jurisdictions in which it does business.

MG: What are some of the significant issues you face, and how are they similar to those faced at other companies? How are they different?

JC: As the compliance profession continues to evolve, I think we have to be careful about painting compliance practitioners with too broad a brush. My experience has shown me that every compliance job is different and the issues that compliance professionals face depend on a wide variety of factors, including the industry of their business and whether it is regulated, the size of the business, whether the business is in the public or private sector, and more.

Working at a mid-size professional services firm, I’m sure there are several aspects about my job which I share with other CCOs in similar sized businesses.  Policy management and implementation, training, and ensuring your organization is following the laws, rules, and regulations in which it operates are the crux of a compliance professional’s role, and a critical role in any company.

However, there are many other issues we face as a company, and which I face as the Vice President of Ethics and Compliance, which are unique to my role and Kroll:

  1. Enterprise-wide responsibilities. Unlike compliance officers at other firms, whose work may solely focus on one or two narrow compliance issues (e.g. AML, FCPA), I am charged with addressing compliance risk enterprise-wide. This means that on a daily basis, I must be prepared to deal with any compliance risks that might arise at the operational level, business level, administrative level, etc.
  2. Conflicts of interest. The potential for conflicts of interest is particularly sensitive at a company like Kroll due to the nature of our work and the spectrum of our clients, which includes law firms and financial services companies.  We’ve developed a robust system for identifying these potential conflicts and strict policies and procedures for addressing them.  We do this both for our business and to ensure we are always working in the best interest of our clients.
  3. Third parties, like independent contractors. These are individuals that we trust to work on behalf of our clients and represent Kroll, and that is not a position we would allow anyone to take without conducting thorough due diligence and ongoing monitoring.  Again, this is something we take seriously for the protection of our business and to ensure the work we do is always in the best interest of our clients.
  4. Client engagements. We’ve implemented a Risk Committee, which I oversee and participate in, to identify and manage the risks of specific engagements. Members of the Risk Committee include senior business practitioners, legal and compliance representatives, and other senior members of management.

CCOs who work in an industry that is directly regulated may have to shape their team and educate their business based on the requirements of those regulations.  At Kroll, our industry is not regulated directly, but certain regulations (e.g., privacy, sanctions) apply to our activities either directly or when agreed to contractually with our clients.  Much of Kroll’s client base is regulated, such as financial services companies or the health care industry, and many of the regulations that impact clients directly may “flow down” to us.  It is important for me to stay up to speed with significant issues which other organizations and specific industries may face, even if those issues don’t directly impact Kroll.

MG: How does your company approach ethics and compliance internally? How does this approach align with your advisement to clients on ethics and compliance issues?

JC: I’ve always felt that I hold a unique position in that I am the head of compliance at a company which offers compliance solutions and services to its clients. As mentioned above, every company is different and the needs of each company, from a compliance perspective, are often quite varied.  That being said, we ensure we “practice what we preach” with respect to compliance.  Many of the protocols we have in place internally are shared with our clients as a best practices approach to handling compliance issues.

Essentially, compliance efforts can never be a check-the-box exercise for management, staff, vendors, or clients.  Employee training, the availability for employees to report compliance-related concerns, tone from the top, and the use of risk-based criteria to drive better-informed decisions on engagements, transactions, and managing third parties are best practices that we employ ourselves and recommend to clients.

MG: How does your company help its clients mitigate risk?

JC: At Kroll, our goal is to provide clients with the knowledge and intelligence edge they need to make confident choices on how to best anticipate, mitigate, detect, and respond to risk. And we know from our 45 years in business that surface-level information alone doesn’t lead to informed and sound decisions.  So, we leverage our expertise, global reach, and technology to go deeper to give clients more refined and more contextual information.  Our services are also aligned to the greatest challenges that clients are facing today and organized under four broad areas: Cyber Security, Due Diligence and Compliance, Business Intelligence and Investigations, and Security Risk Management.  Each service line offers proactive planning and preemptive strategies to incident response and mitigation solutions.

MG: How do you see the role of compliance department leaders evolving within the next 3 years?

JC: Compliance is about managing risk. Regardless of the regulatory environment, new risks continue to emerge for each and every business, and compliance professionals are trained to be at the forefront of the issues and well equipped to handle them.  I believe we will continue to see compliance leaders being placed at the executive levels of their companies, tasked with managing the ever-changing, increasingly varied, and complex world of risks associated with their business.

MG: What do you see as the greatest business risks facing companies today?

JC: Cyber is a major area of risk due to the evolving nature of the issue. We also see third parties as an area to be aware of, and, according to our 2017 Anti-Bribery and Corruption Benchmarking Report (“2017 ABC Report”), this is a view shared by 40% of other compliance officers, executives, and boards.  We recently concluded our survey of companies for our 2018 ABC Report, and are looking forward to seeing how executives are thinking about the risks they flagged last year.

MG: How might Chief Compliance Officers, Chief Audit Officers and Chief Risk Officers prepare to face cyber and third party risks?

JC: As far as managing cyber risks, a company has to be willing to make an investment in a strong IT and information security infrastructure. Professionals like those on Kroll’s Cyber Security team will evaluate companies’ current environments and provide guidance as to what they may need.  If, in the unfortunate circumstance, a company becomes the victim of a breach or data loss of some kind, you then have a relationship with a company that is familiar with your business and your situation, and can assist in responding immediately.

With respect to third party risk, it’s more important than ever to know who you’re doing business with.  Every day, information is becoming more easily accessible and more widely available.  Transparency is key and the days of “We didn’t know about…” are getting further and further away.  Due diligence is now a must-have, and a company like Kroll can help your business manage this risk by arming you with information about any third party your business works with.

It comes down to proactive risk management.  Investing time and resources upfront will mitigate risks down the line and can reduce your response and resolution time in the event of an incident.

MG: What are some of Kroll’s unique services offerings?

JC: Compliance is an issue that is constantly evolving, and Kroll has the experience and global resources to provide clients with end-to-end services, from high-volume screening programs to complex investigative due diligence. To be sure we are supporting clients in the ways they need most, it is likewise important to Kroll to offer innovative technologies and platforms that make managing compliance as comprehensive and efficient as possible.

  • We offer clients – and use ourselves – the Kroll Compliance Portal, which is a web-based due diligence, governance, and compliance platform to manage third party risk. Acting as an extension of a firm’s compliance team, the Kroll Compliance Portal allows users to take a holistic approach to third party compliance management, bringing together the four major components needed to help our clients comply with global anti-corruption laws — advice, technology, data, and diligence.  The portal is configurable and scalable, supporting a company’s specific, internal business structures.  It can also be customized to facilitate unique decision-making processes.
  • Most recently, we rolled out a new monitoring functionality that allows clients to monitor counterparties on an ongoing and automated basis. Its features include the ability for clients to:
    • Customize their desired monitoring interval: daily, weekly, or monthly
    • Receive alerts when a new risk event is identified
    • Assess a customer’s risk profile on an automated basis against global sanctions and enforcements, political exposure, state-owned enterprises, and adverse media
    • Systematically maintain third party records for regulatory reporting

MG: Compliance departments are often asked to accomplish their work with limited resources….do you see this situation changing anytime soon?

JC: Again, I think the answer to this question depends on the industry one is in and the size of the company. If you work for a large financial services company, for example, there may be plenty of resources devoted to compliance.  Compliance jobs at those companies tend to be very “silo’d.”  At a smaller company, however, while you might not have as many resources, you will typically get to experience all sides of compliance.  Compliance professionals at these companies will typically work closely with other functions within the company – HR, Legal, Finance, etc.  It is incumbent upon compliance practitioners in smaller companies to maintain a good dialogue and good working relationships with these other departments as they will often be “dotted-line” resources, integral to helping the compliance function.

I have no doubt that the compliance profession will continue to grow and evolve.  As it does, more and more resources will become available as companies realize the critical role compliance and compliance professionals play in their company.  As long as there is risk, there will be a need for compliance.

 

James Cesarano serves as Vice President, Ethics & Compliance for Kroll. James is responsible for the implementation and management of Kroll’s compliance program consistent with the company’s commitment to maintaining an ethical culture and a high standard of compliance.


Previous Post

TRACE: Dirty Entanglements: Corruption, Crime and Terrorism

Next Post

3 Ways GDPR Will Help Privacy Executives

Corporate Compliance Insights

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

NAVEX Top 10 Risk and Compliance Trends 2023 ebook

Top 10 Trends in Risk & Compliance for 2023

by Corporate Compliance Insights
March 29, 2023

Industry experts predict the risk and compliance trends we're likely to see in 2023 eBook Top 10 Trends in Risk...

parliament

Coming Soon to the UK: Sweeping Corporate Criminal Liability Reforms?

by Peters and Peters
March 28, 2023

UK legislators have proposed major amendments to the Economic Crime and Corporate Transparency Bill currently passing through Parliament. If adopted,...

wind turbines

What Companies Around the Globe Need to Know About EU Sustainability Reporting

by John Peiserich
March 28, 2023

By the beginning of next year, large companies in the EU or that do a substantive amount of business in...

amsterdam

At a Gathering of Compliance Practitioners, No Shortage of Food for Thought

by Mary Shirley
March 28, 2023

Last week, about 300 ethics and compliance professionals descended upon Amsterdam’s Hotel Okura to participate in SCCE’s European Compliance &...

Next Post
strategy board

3 Ways GDPR Will Help Privacy Executives

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT