Download CCEP CERIFICATION EXAM 2025 NEWEST COMPLIANCE AND ETHICS PROFESSIONAL EXAM 100% VERIFIED and more Exams Ethics in PDF only on Docsity!
CCEP CERIFICATION EXAM 2025 NEWEST
COMPLIANCE AND ETHICS PROFESSIONAL
EXAM 100% VERIFIED EXAM PART 2
What are the 7 elements of a Compliance Program?
- Standards of Conduct/Policies and Procedures, 2. Compliance Officer and Compliance Committee, 3. Education/Training, 4. Monitoring/Auditing, 5. Reporting and Investigating, 6. Enforcement and Discipline, 7. Response and Prevention A CFO discovers the CEO is using company funds for personal expenses. The CFO buried this information in the company's financial reports. The compliance and ethics professional learns of the situation through the company's hotline. Which of the following should be the compliance and ethics professional's FIRST response? Investigate to verify the allegation Which of the following is the MOST effective way a compliance and ethics professional can evaluate compliance and ethics audit findings?
Conduct trend analysis on identified risk areas and benchmark results against industry standards Which of the following BEST describes the primary role of people of a compliance and ethics professional? Promotes a culture of compliance and ethics throughout the organization A US-based retail company has 250 stores in 30 states. Past compliance efforts have included a silo-based approach with minimal oversight and the CEO acting as the Compliance and Ethics Officer. One person in each state posted compliance- related information sent from corporate, but there were no actual educational sessions. Policies and procedures were developed by corporate and reviewed 5 years ago. The organization has decided that a more dedicated approach is needed and hires a Compliance and Ethics Officer. Which of the following actions should the new Compliance and Ethics Officer take FIRST? A.) Conduct a compliance and ethics risk assessment B.) Review organization-wide compliance policies
A compliance and ethics professional receives an anonymous complaint that an employee is receiving gifts from a vendor. An investigation finds the employee is not in violation of the current gift policy and the policy has not been reviewed in five years. Which of the following is the compliance and ethics professional's MOST appropriate action? Benchmark for vendor relation best practices A problem was found in a routine accounting audit. Corrective action was taken and the policies and procedures were updated. Which of the following is the next step in the audit process? A) Report findings to the board of directors B) Prepare the final summary and storage of the audit results C) Review the process after a period of time to determine if the problem is resolved D) Conduct a risk assessment to identify other possible issues. Review the process after a period of time to determine if the problem is resolved. What is the first step in the audit process? Identify a problem
What is the second step in the audit process? Take corrective action What is the third step in the audit process? Update policies & procedures What is the fourth step in the audit process? Communicate changes(s) to affected parties What is the last step in the audit process? Review process and documentation after a period of time to ensure success.
Do not agree to unreasonable limits that would interfere with your professional ethical and legal responsibilities (e.g. lack of resources, lack of access) Principle III - Obligations to the Profession Do not disclose without consent or compulsory legal process confidential information about the business affairs or technical processes of any present or former employing organization. Principle III - Obligations to the Public Whistleblower Protection Act Dodd-Frank Wall Street Reform Act - 1989 law that protects federal employees from being punished for reporting government/agency misconduct. Sarbanes-Oxley Act (SOX) Requires companies to review internal control and take responsibility for the accuracy and completeness of their financial reports.
Foreign Corrupt Practices Act (FCPA) legislation passed to prevent companies from bribing foreign officials to obtain business; also requires all publicly owned corporations maintain a system of internal accounting controls Anti-Bribery The US's SEC and Department of Justice bring about hefty fines to corporations for bribery, including acts such as bribes to win contracts. Anti-Corruption Businesses should work against corruption in all its forms, including extortion and bribery. GDPR (General Data Protection Regulation) Provisions and requirements protecting the personal data of European Union (EU) citizens. Transfers of personal data outside the EU Single Market are restricted unless protected by like-for- like regulations, such as the US's Privacy Shield requirements.
rules designed to restrict the use of money obtained from illegal activities so the funds are not transferred into legitimate activities so as to disguise the origins of the funds USA Patriot Act (2001) Strengthens the federal government's power to conduct surveillance, perform searches, and detain individuals in order to combat terrorism. False Claims Act (FCA) A federal law that prohibits submitting a fraudulent claim or making a false statement or representation in connection with a claim. Sherman Antitrust Act (1890) Outlawed monopolies and practices that restrained trade, such as price fixing
Yates Memo DOJ memo released in September 2015 titled "Individual Accountability for Corporate Wrongdoing". The memo prioritizes the manner in which government civil and criminal law enforcement investigations are conducted, widely seen as calling for a substantially increased focus on individual accountability for corporate wrongdoing. The Yates Memo outlines 3 key areas of focus: Individuals, limited release of individuals when resolving corporate cases, and relevance of individual ability to pay. Monaco Memo significantly revised the DOJ's corporate criminal enforcement policies and procedures, including by putting a renewed focus on individual accountability and placing stricter requirements on corporate cooperation credit (focusing on the importance of prompt self-disclosure) Benczkowski Memo
Equal Employment Opportunity Commission (EEOC) Agency of the Department of Justice charged with enforcing Title VII of the Civil Rights Act of 1964 and other anti-discrimination laws Office for Civil Rights (OCR) Federal office established to uphold the rights of individuals, regarding rights to privacy and standards of care. Enforces HIPAA regulations. CFPB (Consumer Financial Protection Bureau) Regulatory agency charged with overseeing financial products and services offered to consumers Office of the Inspector General (OIG) investigates abuse, fraud, waste, and mismanagement within a government organization
EPA (Environmental Protection Agency) an independent federal agency established to coordinate programs aimed at reducing pollution and protecting the environment (1970) DPA (Data Protection Act 1998) Legislation which protects individuals from unreasonable use of their store personal data. EU Data Protection Directive The EU Directive was adopted in 1995 and became effective in 1998 and protects individuals' privacy and personal data use. The Directive recognizes the European view that privacy is a fundamental human right, and establishes a general comprehensive legal framework that is aimed at protecting individuals and promoting individual choice regarding the processing of personal data.
A compliance and ethics professional is evaluating an organization's employee handbook. A conflict exists between the Code of Conduct and the employee handbook. HR is responsible for the employee handbook. The documents have been approved by the board of directors. Which of the following actions should the compliance and ethics professional take FIRST? Contact HR to determine if the inconsistencies between the documents can be resolved What is the FIRST step for compliance issues? Try to resolve the issue OR investigate further before escalating it or overreacting A compliance and ethics professional has developed a policy intended to prohibit employees from paying, offering or promising to pay officials of other countries for the purposes of obtaining or maintaining business. This policy will help the organization comply with Foreign Corrupt Practices Act (FCPA)
Under In re Caremark Int'l., the basic fiduciary duty of care principle is characterized as acting in good faith with: A.) Reasonable care of management under similar circumstances B.) Reasonable care of an organization under similar circumstances C.) The care of an ordinary prudent person under similar circumstances D.) The care of another compliance and ethics professional under similar circumstances C.) The care of an ordinary prudent person under similar circumstances A company's Code of Conduct has not been reviewed for over 2 years. HR recommended adding content that would double its size. The compliance committee members expressed concern that adding a significant amount of content could negatively impact its effectiveness. Which of the following is the compliance and ethics professional's NEXT step before consolidating revisions? Compare the content outline with other organizations
A compliance structural policy differs from a substantive policy in that a structural policy should: A.) Describe the risk areas to the organization B.) Describe how to operate within the regulations C.) Define the regulations that apply to the organization D.) Define the framework the program should operate within D.) Define the framework the program should operate within A compliance and ethics professional in auditing the organization's compliance with Sarbanes-Oxley Act. Which of the following findings indicates a violation? The public accounting firm providing audit services has had the same audit partner reviewing the audits for the past 6 years. SOX Section 203 - Audit Partner Rotation The lead audit or coordinating partner and the reviewing partner must rotate off of the audit every 5 years.
Compliance policies and procedures that must exist Non-retaliation, Record Management, Conflict of Interest, Privacy, Security, and Confidentiality During investigations what should the compliance professional do? Consult with the appropriate subject matter resources (e.g. Legal, HR, finance) Role of a CEP is to ensure alignment of what? Organizations mission, vision, values, and the code of conduct The compliance and ethics strategic plan should be consistent and align with? The overall business objectives
