Past ECS Events 2024
ECS Working Group Events
Data Protection: How to ensure compliance with the new Swiss Data Protection Act / 10 September 2024
Lessons learned from getting SMEs ready for the new Swiss DPA.
The new Swiss Data Protection Act has been in force since 1 September 2023. Although it had long before been announced, many Swiss companies, in particular small and medium enterprises (SMEs), have been struggling to ensure compliance.
In our online meeting of 10 September 2024, Dr. Amir Ameri (Privacy, Cyber Security and Risk Management Advisor at Swisscom) presented the key learnings from getting small and medium size enterprises up to speed for compliance with the new Swiss Data Protection Act. Based on an assessment Swisscom conducted from March to December 2023, 143 control questions have been identified and grouped into eight themes. For Swiss SMEs 12 key measures have been identified to ensure compliance with the revised Swiss Data Protection Act. Purpose, transparency and consent are at the core of all processing activities throughout any data life cycle. Common weaknesses observed relate to the following three areas: (1) lack of data governance models and/or data processing & data protection frameworks, (2) lack of some fundamental processes and (3) technological impact. To address these weaknesses adequate policies (e.g. a data classification policy), frameworks (e.g. a risk assessment) and processes (e.g. a privacy impact assessment) should be established and supported by appropriate technology. Overall, ISO 27001: 2022 regarding Information Security Management Systems (ISMS) should be considered as a global best-practice standard when planning and operating an ISMS Management System.
Amir’s very interesting presentation and sharing of insights was followed by a lively discussion among the 16 participants regarding hands-on examples on how to set up necessary policies and procedures in a risk-based and pragmatic approach.
Compliance Training: How to become a Legend. A concrete example of an engaging and effective compliance online training / 20 June 2024
Whereas we all know that compliance training is considered both a key requirement and a success factor of every compliance management system, we often struggle in getting training delivered in a way which is truly meaningful and makes an impact. Few companies only succeed in designing and delivering trainings which change behaviour. Not only content matters, also the training format should be tailored to the audience. And in the best case, training comes with a fun factor. In any event, compliance messages stick better if the audience buys in to the training. How can we overcome training fatigue, which today is considered one of the key reasons for training programs to fail? In other words, how can training be designed and delivered to be engaging?
In our online meeting of 20 June, Barbara Lustenberger (Senior Director Compliance at Infront Sports & Media AG) and Kevin Ruff (Associate Director at Infront Sports & Media AG) shared insights into how Infront successfully maximises engagement in compliance training by triggering both the competitive nature of people in a sports-related work environment and the playfulness inherent in most of us. Their inspiring presentation was followed by a lively discussion among the 14 participants regarding hands-on examples on how to overcome training fatigue and make compliance messages stick.
Data Analytics and automation / 28 May 2024
On May 28 the working group life science organized a virtual event with the CEO, Chief analytics officer and VP of Sales from Lextegrity who provided us insight on data analytics and automation can be used.
They explained that traditionally in many organization numerous stand-alone applications with workflows have been built, but many of these applications might not be connected to master data , contract management data or financial data. Given the statement by the Head of Criminal Division of US Department of Justice “ has your employee “been informed, trained , and empowered to choose right over wrong. Or if he make the wrong choice, do you have a system that immediately detects, remediates, disciplines and then adapts to ensure that others do not follow suit”? the presenters are making the argument that therefore the traditional compliance (monitoring) systems are no longer up to par with the expectations of regulators.
They explained that their product/application has automatic interfaces with ERP systems like SAP/Oracle, Travel and Expense systems like Concur, contract management system. By defining certain risk parameters for various risks, the application would then allow to bring those transactions with the highest risk in real time to the attention of (workflow approval) compliance officers.
Implementation of the EU Foreign Subsidies Regulation in a global organisation / 23 May 2024
On 23 May 2024, the Working Group held an event at headquarters of Holcim in Zug (Grafenauweg 10, 6300 Zug).
Our speakers Lenka Abelovska, Group Head of Competition Law at Holcim and Marco Lo Bue, Senior Legal Counsel Competition Law at Holcim presented the following topic: Implementation of the EU Foreign Subsidies Regulation in a global organisation.
Corruption in International Business: Does a Creaking Door Hang Longest? / 15 May 2024
On 15 May 2024, ECS had the pleasure to have Prof. Dr. Christian Hauser, University of Applied Sciences of the Grisons, and Dr. Martin Hilti, Executive Director of Transparency Switzerland present the results on a recently published study on the incidence of corruption in the foreign business activities of Swiss companies. The study, based on a survey of more than 500 Swiss companies of all sizes and sectors operating abroad, showed that 52 percent of the Swiss companies surveyed are confronted with requests for informal payments in other countries. Of these companies, 63 percent make such payments.
The results are remarkably giving that the overwhelming majority of large and multinational companies have compliance management and anti-corruption programs in place. Dr. Hilti from Transparency Switzerland believes that the results can be explained by the following factors:
- Excessive risk appetite : short-term profits are strategically prioritized over long term legal and reputational risks
- Inadequate enforcement of corporate criminal law: Perceived (and objective) risk of successful prosecution and conviction is low
- Insufficient risk awareness : Low awareness of the risks of corruption (and of its consequences),especially among small and medium sized companies
- Gaps in preventive measures (as well as in their adaptation and implementation): Preventive measures after often introduced only after an actual case of corruption has occurred
After the presentation the 35 participants entered into a lively discussion. Q&A was moderated by Patrick Wellens.
ECS Visit to Swiss Federal Audit Office / 17 April 2024
On April 17, 2024 various Ethics and Compliance Switzerland members visited the Swiss Federal Audit Office n Bern. Many thanks to Eric-Serge Jeannet Prisca Freiburghaus Brigitte Schnyder and Olivier Schaller for the organization and hosting us.
ECS could learn first hand how Eidgenössische Finanzkontrolle is organized, how the risk based audit planning is conducted, what kind of audits they perform, how they ensure quality assurance of their work product, the standards they follow, peer reviews they conduct and how they ensure their independence. We were also given insight on the results of some “special” audits like funding of political campaigns and price audits.
Compared to the 10th anniversary of ECS, the Swiss Federal audit office is in existence since 1877. They have a wealth of experience and hence there is a lot we can learn from them on governance, integrity, culture and of course auditing/monitoring to prevent/detect ethical misconduct. We hope this will be the first step in a longer collaboration and cooperation.
AI-Enhanced Investigations: ‘Revolutionizing Corruption Investigations’ / 3 April 2024
The working group Anti-bribery and anti-corruption convened on April 3 in the offices of Bar & Karrer to listen to Adrian Ott, Chief Artificial Intelligence Officer of EY. After an introduction by Claudia Götz Staehelin, Partner at Bär & Karrer, the audience were shown various used cases were AI could apply.
Some of the key learnings are:
👉 State-of-the-art large language models such as GPT-4.0 are able to thoroughly analyze extensive emails and documents, create summaries or make critical assessments with remarkable accuracy.
👉 By creating a well-structured and logically formulated prompt that serves as a guide for the AI, it can search through the content of thousands of emails and track down relevant information within minutes. This capability proves to be particularly helpful in complex investigations that are flooded with extensive data and provides significant support by quickly identifying relevant findings.
Thinking Like a Scientist: Building a Modern Ethics and Compliance Program / 14 March 2024
On March 14 around 30 practitioners convened in the Zurich offices of E&Y.
Andreas Buscher introduces both speakers Zach Coseglia (co-founder and managing principal of R&G Insights Lab. Zach is an experienced litigator, investigator, and former compliance executive; he is also a thought leader on compliance analytics and organizational culture. Before founding the Lab, Zach held senior legal and compliance positions at Pfizer, including as Vice President and Global Head of Monitoring, Analytics and Digital Compliance; and as Assistant General Counsel and Chief Investigations Counsel for Asia Pacific, based in Beijing) and Hui Chen (Senior Advisor within R&G Insights Lab and an international leader and expert in organizational integrity. She was the first Compliance Expert at the U.S. Department of Justice, and authored the “Evaluation of Corporate Compliance Programs” document that redefined compliance expectations. She began her career as a federal prosecutor in the Department of Justice in Washington, D.C. and the Eastern District of New York. Hui has extensive in-house experience as a senior legal and compliance leader at Microsoft Corporation, Pfizer Inc., and Standard Chartered Bank, in locations across the globe).
The audience listened passionately to stories, studies and real-life examples where compliance did (not) have the desired effect. The speakers stressed the importance of a “human-centered” and “data-driven” approach when it comes to the compliance program and showed how data can be used across all elements of a compliance management program.
Decision Making in Health Care Compliance / 5 March 2024
Approx 20 participants met on March 5 in the Bayer offices in Zurich. Alex Fuchs (regional compliance officer at Seagen-Pfizer) and Patrick Wellens (co-chair of WG life sciences) presented to the audience some of the factors that determine the compliance philosophy of a company.
Not all companies have the same culture and philosophy with regards to compliance risks. Some companies believe in training the employees and trust that employees will make the right decision; other companies believe in a shared responsibility between Compliance and the business (“compliance as an advisor”) and in other companies certain business transactions can’t be executed unless approved by Compliance.
Both speakers created some polling questions which triggered an interactive discussion with the participants why in their organization with regards to healthcare compliance (i.e. interactions with healthcare professionals, healthcare organizations and patient organizations such as sponsoring, congress, advisory boards, donations, patient assistance programs etc.) a particular compliance philosophy was chosen.
The benefit for the participants is to hear what healthcare compliance philosophies are chosen by other companies and why thereby reflecting on their own choices.
Competition Law Compliance and ISO 37301 – How Integrating Competition Law in a Compliance Management System can look like”/ 18 January 2024,
On 18 January 2024, the ECS Working Group on Competition Law held its first event in Zurich.
Our first speaker was Dr. Karin Amberg, M.A., Senior Legal Counsel, Compliance Officer Competition Law at SBB and the topic of discussion was “Competition Law Compliance and ISO 37301 – How Integrating Competition Law in a Compliance Management System can look like”.
The event was followed by a drinks reception to celebrate the launch of the ECS Working Group on Competition Law.
EU Sustainability Due Diligence Directive / 26 February 2024
On February 26 members of the Working Group on Life Sciences came together in the Basel offices of Deloitte to listen to Sandra Klemm, partner at Amatin Law firm who gave an overview on the background and scope of the upcoming EU Directive, what are the obligations of companies, what are the expectations on companies with regards to due diligence and what are civil liabilities if companies do not follow the EU Directive.
The participants then actively discussed what companies can do and how to best integrate this environmental and human rights due diligence in their existing third party due diligence framework.