Episode 39: The Next Great Transformation of the CCO

Marie Patterson:

Welcome to Archive360's Information Management Podcast. My name's Marie Patterson and I'm the chief marketing officer here at Archive360. Today's podcast is titled: The next great transformation in chief compliance officer responsibilities and prominence. And joining me today is Jay Cohen, senior advisor with Compliance Systems Legal Group. Hi, Jay.

Jay Cohen:

Marie, thanks for giving me the opportunity to talk to you and your audience about this subject. I really appreciate it.

Marie Patterson:

Not at all. Welcome. So Jay, why don't we start with the introduction? So I think it would be helpful to our listeners if they knew a little bit about your background.

Jay Cohen:

Sure. So I spent the first part of my legal career in New York City and state government, including 10 years as a prosecutor in Brooklyn. And then I have over two decades of compliance experience, including service as a chief compliance officer, primarily in the insurance and financial services industries, and also as a compliance consultant. And as you mentioned, I'm now a senior advisor to Compliance Systems Legal Group and also of counsel to the New Jersey Law Firm of Giordano, Halleran & Ciesla, continuing to try and help companies identify and address their legal and regulatory issues and risks.

Marie Patterson:

That's great, thank you. So Jay, we've known each other for, I would say close to two decades. As you mentioned, you've been working in compliance and at the time were working as a compliance officer. And I think that that's going to become very relevant to our discussion today. So a couple of weeks ago, you had posted an article on LinkedIn in which you were suggesting that the role of the compliance officer is going to change radically. And I think before we dive into the specific details that are causing you to make those statements, it might be helpful for the audience to have a little bit of history of the evolution of compliance officers to kind of set the stage as to what's going on today.

Jay Cohen:

That makes a lot of sense. So the modern era of compliance officers is often traced to 1991 and the development of enhanced federal sentencing guidelines for organizations in which the US Justice Department said that when prosecutors were considering whether to charge companies or how to dispose of cases or when companies were facing sentencing after conviction for a federal crime, the existence of an effective compliance program should be taken into consideration. And those sentencing guidelines listed a series of elements that were part of the definition of an effective compliance program. And while the purpose of those guidelines was to address matters that came up in the federal criminal justice system, the application of the guidelines became much broader and much wider. And companies well before they ever got into trouble started to adopt this definition of an effective compliance program and among other things to appoint someone with the responsibility for overseeing that program. And the guidelines have been amended a couple of times since. And each time there's an amendment, companies are given new guidance and new imperatives to improve and strengthen their programs.

And the second big development, which we're going to talk about as you mentioned in a minute, is the Caremark case from Delaware. And that came just a few years later and we'll talk about that in more detail. But over time, over the last couple of decades, regulators and courts have provided additional guidance to compliance programs. The US Justice Department in particular has issued a series of papers and expectations around compliance programs that have driven companies to amend and strengthen their programs and have put more weight on the role of the chief compliance officer. And so this is an evolution, as you mentioned, Marie, but I think that the two things that have happened recently have the potential to take this evolution to another level.

Marie Patterson:

So why don't we dig into what the courts are saying, and this is to do as I understand with Caremark. So maybe if you can drill into what the details are and maybe for our non-compliance listeners, if you can put into sort of normal everyday terms what Caremark is about for folks that maybe don't know.

Jay Cohen:

Sure. Caremark was an influential Delaware case from 1996, influential in part because many companies are headquartered in Delaware and subject to Delaware state law, but also influential because like the federal sentencing guidelines, which we talked about a few minutes ago, the Delaware courts have influence well beyond just their jurisdiction. So the Caremark case in essence said that directors of companies have a duty to oversee not just the company's business and financial performance, but also how well or how poorly it's managing its central compliance risks. And Caremark went on to say that the management, the oversight of how well the company is handling its compliance risks from the board's perspective involves two things. The first, boards have to make sure that their companies have an information system, a process in place that provides the board on a regular basis with information about the company's compliance with laws and regulations. So the first thing is information systems.

The second thing is what's called red flags. And that is boards have a duty to see that companies are effectively responding to indications that the laws and regulations that apply are not being followed. Now, it's important to recognize this doesn't mean that companies under Caremark must never have a compliance problem or that their response to that compliance problem has to be perfect. But Caremark does say that if companies and their directors want to avoid liability for failing to properly oversee the management of the company, they have to make sure they have compliance systems in place that provide them with information and they cannot ignore problems that come up.

Marie Patterson:

Got it. But that really puts the onus as you are presenting it primarily on the board. So what's changed today then?

Jay Cohen:

That is a terrific question and that's what makes this most recent Caremark case so significant. The court in this case, which involved a very prominent company's response to indications that senior executives may have been involved in instances of sexual harassment. The court in this recent case did two things. First, it went exactly at the question you just asked Marie and said that the Caremark duties apply not just to directors, but to corporate officers. So corporate officers have the same responsibility, more or less as directors, to make sure that there are information systems in place around the company's compliance with legal and regulatory obligations. And two, that there is an effective response by the organization, not just by the board of directors, but by the corporate officers to red flags indicating that there are legal and regulatory compliance problems. So the first thing is corporate officers have essentially a Caremark duty of their own.

The second thing, and what makes this significant to our conversation is the court talked about how the officer's job when it comes to these information systems and red flags is to address them within their area of responsibility. So they don't expect someone who runs the sales organization to be responsible for information systems and compliance red flags that don't involve the sales organization. But here's what the court said, the court said, "Although the CEO and the chief compliance officer likely will have company-wide oversight responsibilities, other officers generally have a more constrained authority."

If we take this court literally at its word, this means the chief compliance officer, just like the CEO, has to have information systems in place and address red flags involving potential violations of laws, regulations, and company policy across the entire organization. So as far as this court was concerned, the two officers that have company-wide compliance responsibility are the CEO and the chief compliance officer. And to me that is extremely significant because despite this sort of evolution and the growth and development of the compliance function and the chief compliance officer that we were talking about a few minutes ago, in many companies today, the CEO does not yet have the authority, the access, the visibility, the information and the stature to meet these duties, which means there's a potentially huge gap between what Caremark expects and what companies are doing today.

Marie Patterson:

So just to be clear, the chief compliance officer in an organization today, in most cases you feel does not have a seat at the table with the CEO and the rest of the key executives?

Jay Cohen:

Yes, I think that's right. Now there's been this long-running debate in the compliance community for a long time about whether the chief compliance officer must report directly to the CEO in order for a compliance program to be effective. In many organizations, the chief compliance officer reports to the general counsel. And in fact, when I served as a chief compliance officer, I always in every instance reported to the general counsel. So there's two things in that regard as far as this case and your question, Marie.

The first is, I think this case as people begin to absorb and understand it is going to drive this great debate toward the direction of the chief compliance officer reporting to the CEO. But I'll say this, even if that's not the case, and I certainly think I ran an effective compliance program when I reported to the general counsel, there are things that companies can and should do and we're going to talk about them in a few minutes to make sure that the chief compliance officer has everything that he or she needs to meet this obligation even if they don't report to the CEO.

Marie Patterson:

Got it. Okay. So just to recap, the outcome of the Delaware case has the potential impact to change the role of chief compliance officers within organizations. It's as dramatic as that.

Jay Cohen:

I think that's the case. And there's one other thing I'll add before we finish the discussion of this Caremark development. And that is this case takes place in the context of a series of cases in which the Delaware courts have increasingly been applying Caremark more broadly, applying it in a wider range of circumstances, and while continuing to give companies the benefit of the doubt, giving them a little less benefit of the doubt than they used to. It used to be that Caremark cases, and they still are, were extremely difficult for companies to lose. But the courts in Delaware have been increasingly imposing a higher bar on companies when it comes to meeting their Caremark responsibilities and applying Caremark in a wider range of cases, not just to big companies, not even just to public companies, but private companies that are incorporated in Delaware. So your chances of running a foul of Caremark had already been growing even before this case was decided.

Marie Patterson:

Okay, got it. All right, so let's move on to the second piece of evidence that you introduced into your article and that's regarding the US Departments of Justice. Can you tell us a little bit about that, Jay?

Jay Cohen:

Yes. So this development again comes in the context of something that I mentioned a few minutes ago and that we talked about. And that is the Justice Department has been very influential in shaping expectations for organizational compliance programs. There've been a series of compliance program guidance from the Justice Department. And again, while that guidance is directed at federal prosecutors as they evaluate programs, the elements of those guidance documents have come to represent compliance best practices well outside the federal courtroom. And more recently, the Justice Department has focused on the role of the chief compliance officer and in promoting compliance culture. And let me give you a couple of examples before I get to the specific point that we want to make here. And that is Justice Department officials have said that they want to help companies cultivate cultures that promote compliance, including having employees feel empowered to raise issues and including seeing that management prioritizes ethics over profit when those two things collide.

And the Justice Department has also said that they want to help empower the compliance program and ensure that business is taking ownership of its role in compliance and that the head of compliance receives all relevant compliance-related information and has the ability to voice any concerns. Is not afraid to, and in fact is expected to step up and say, "We need to think about what we're doing here because it may not be right."

Marie Patterson:

Given that companies have had whistleblower programs and that's been a requirement for... Oh goodness, how long is it now? 15 years more? What's the difference between those programs which have been a requirement now for some time and what you are talking about here?

Jay Cohen:

I think the difference is an effort on the part of the Justice Department to give compliance officers the tools and the stature to take things that they learn from whistleblowers and really do something with them. So it's not just that you get a call to your helpline, but what happens after you do. And also the compliance officers have all of the tools that they need in order to prevent and identify problems before it gets to the whistleblower stage.

Marie Patterson:

So again, going back to what we discussed with the state of Delaware case, which seems to be saying that in their view the chief compliance officer now has equal authority in these cases or equal responsibility as the CEO and expects chief compliance officers to be given that authority. Are you suggesting that the DOJ is reaching a similar conclusion at more or less the same time? Because I think... When was this particular, the document that came out of the DOJ, I believe it was the end of last year, is that correct?

Jay Cohen:

Yes, you're absolutely right, Marie. These two developments are both happening at the same time. And to your question, yes, I think they are reaching a similar conclusion. It's funny, I grew up in Pittsburgh and in Pittsburgh, everything in Pittsburgh revolves around what we call the confluence. The confluence of two rivers, the Allegheny and the Monongahela. They come together at the point in downtown Pittsburgh to form the Ohio. And I think there's a confluence here, these two developments both coming around the same time to your point.

So here's what the DOJ did with this certification. They're now going to require, in connection with the resolution of corporate prosecutions, that both the CEO and the chief compliance officer certify in writing that going forward, the company's compliance program is reasonably designed to detect and prevent violation of relevant laws. Again, to the same point as the Caremark case we were talking about, the CEO and the chief compliance officer. And here's what the Justice Department said in explaining this new requirement. "One might look at this as a punitive measure and some in the compliance community have raised that issue. That's not how we look at it," said the Justice Department. "This is our effort to again, empower the gatekeepers, to empower the compliance officers and those who report to him and her in the different business lines."

So to your question, like the Caremark case we were talking about, the certification puts the chief compliance officer right there alongside the CEO and puts his or her personal stamp and arguably reputation at risk in certifying that they've got a compliance program that's going to meet this expectation. And while the certification is not as broad as the Sarbanes-Oxley certification where they put CFOs on the line to certify about the company's financial accounting and financial reporting, I think again, there's a potential for this to grow into something like that. These two, one from the court and one from the Justice Department. Two ideas that chief compliance officers have a critical role right up there with the C-suite and that they and the organizations they work for are going to be expected to give them what it takes to fulfill that role.

Marie Patterson:

So clearly this has a massive potential impact on the role and the responsibility of the compliance officer. But as I'm listening to what you say, and I've been reading some of the background into your LinkedIn post, I'm immediately jumping to the conclusion that it's also going to have a potential massive impact on compliance programs in general within organizations. And I don't know if you think that's a fair assumption or if I'm putting two and two together and coming up with a very different number.

Jay Cohen:

No, I think Marie that is absolutely right. I mean, I think it's going to drive companies to do a few things. One we talked about already, and that is where does the chief compliance officer sit in the organization? And I think that conversation is going to take on new energy. But I also think it's going to do a few other things, some of which, to your point, Marie, involve the CCO and some of which involve the compliance program itself. So when it comes to the chief compliance officer, I think it may cause companies regardless of where the CCO sits to think about who's in that job. And we not only need someone who's a legal and regulatory subject matter expert, but we need to think about whether our chief compliance officer has the leadership skills to sit up there with the C-suite or to deal on a regular basis with the C-Suite to have influence and impact across the organization and to navigate all the hurdles and all the skeptics.

The other thing I think that's going to happen in terms of personnel is, and this was something that I think was already starting to take place, and that is companies are going to think about who do I need in my compliance program? Again, I need legal and regulatory subject matter experts, but do I need communicators? Do I need data scientists and data analytics people? So I think that the compliance team itself is going to change. And then I think, and this is something I've sort of seen happen over the course of my career, but I think it's going to accelerate. And that is when it comes to the compliance program, to your point, which I think is very well taken, I think companies are increasingly going to look at their compliance programs in the context of two things. First, impact versus activities.

A lot of what was in the federal sentencing guidelines and the elements that were in there for an effective compliance program talked about what you're going to do. I mean, we've already talked about you're going to have a whistleblower helpline, you're going to have policies and procedures, you're going to have training programs. But the real question now is going to be what difference does all this make? How do we know whether this is driving the right compliance behaviors across the organization? So that's the first thing.

And the second thing, I think in order to do that right, companies are going to have to identify and address their most important legal and regulatory risks. There's a lot of rules that apply to most organizations these days, and so it's going to have to be a matter of priority.

One of the Caremark cases recently talked about companies better make sure they've covered their mission-critical compliance risks. In that case, it was a food manufacturer that better cover food safety, for example. So I think companies are going to increasingly build their programs around impact and around risk.

I had this experience at a company where I was the CCO. This was a global insurance company. And with the prodding of the chair of our audit committee, we organized our entire compliance program from top to bottom, including what we reported to the audit committee around risk. We asked ourselves and answered these four questions: What are our biggest compliance risks? What are the key drivers of those risks? How are we going to manage them and how are we going to know how well or how poorly we're doing at that? And so for each of those compliance risks, we applied a consistent approach. This is the risk, this is what the company is going to do about it. And here I'm going to make what I think is really critical.

It's not just what compliance is doing about it, it's what's the organization as a whole doing about it. What are people in the sales organization doing to manage the risk in the sales process? What are people in the IT organization doing to identify and address data privacy and security requirements? So what are the controls across the organization? How are we going to classify and record those risks and controls? What are the key risk indicators that'll tell us for each of those risks and controls how well or how poorly we're doing? And again, those indicators are not just compliance indicators, it's not just calls to the helpline. It's business information that tells us how well or how poorly we're doing. How are we going to analyze those indicators and how are we going to report about them?

Marie Patterson:

So Jay, I think that's a great segue. This is really great information as it relates to the evolution and the impacts of chief compliance officers. Clearly at Archive360, we spend a lot of time working with chief compliance officers and compliance teams as it relates to the management of information across their organization. And to your point, managing the potential risks as it relates to compliant retention and disposition. What do you see as the potential impact on information and information governance requirements as a result of these two developments? Do you think that there are any specific things that we're going to see or that we should be considering as we talk to our customers?

Jay Cohen:

Yes, I do. I think there's two ways to look at this. First, data privacy and security laws and regulations increasingly are a part of every company's compliance risk. Regardless of size, industry, location, the rules are multiplying and they're applying in a much wider range. So this newly elevated and empowered chief compliance officer is going to need and want to understand and impact what the information management professionals in their organizations are doing. So that's the first way.

The second way is more directly, regulators specifically want to see effective information management as part of a company's compliance program. And let me give you two examples. The first is there have been a series of actions by the SEC, the Securities and Exchange Commission against investment advisor firms for failing to supervise their employees use of messaging apps and other forms of electronic communications in dealing with prospects and customers. Companies have already, and your audience certainly understands this very well, have had responsibilities for supervising and retaining email communications between financial services employees and customers. And now that responsibility has moved to other forms of electronic communication. Companies have to [inaudible] WhatsApp and other text messaging companies have to supervise and where necessary retain and in the course of an inquiry investigation produce those. So there's a whole host of activities going on in that regard.

But the second thing I think is even more significant because it's not limited to the financial services world, and that is in this Department of Justice guidance that we were talking about, the latest guidance to federal prosecutors has an entire section devoted to the use of personal devices and third-party applications. And in that guidance, the Justice Department says, and I'm going to quote here, "As a general rule, all corporations with robust compliance programs should have effective policies governing the use of personal devices and third-party messaging platforms for corporate communications should provide clear training to employees about such policies and should enforce such policies when violations are identified." So this issue of communication is so important to the Justice Department that they have called it out as one of the few specific subjects that they believe a compliance program ought to have within it in order to be effective.

Marie Patterson:

So let's just be clear, this relates to all corporations. It's no longer the more narrow purview of the SEC with dealer brokers. Is that correct?

Jay Cohen:

That's absolutely correct.

Marie Patterson:

Let's think about that a minute. If the DOJ is suggesting that all corporations need to be expanding the scope of their compliance programs to include the management of communication, back in the day we used to talk about compliance and the impact of compliance as IT needing to go to law school to get a crash course in legal matters and corporate counsel needing to understand IT. It's as if, based on what you are saying, compliance officers and compliance teams now need to do a similar thing, need to have a far better understanding of IT, and vice versa. IT needs to understand the needs of compliance assuming they don't already do so.

Jay Cohen:

I think that is right on the money. I think that's more true today than even in the time that we talked about it as you referenced. And I say that because on the one hand, the volume of information continues to grow dramatically. Secondly, as we've just been talking about, the means of communication have dramatically multiplied. When I started in compliance in 1996, I was given responsibility for a document retention during a massive class action and multi-state insurance investigation. And almost all of the information that I was responsible for helping the company retain was in paper, paper files. And then the next big step was, well, we've got to get our email under control and make sure that if conversations are relevant to inquiries or investigations or lawsuits, we've got them retained and managed and all that. And then now as we've seen, communications are going beyond email into other forms. So that's the second.

And the third thing is that regulators and regulations are increasingly focused on how companies protect and retain and when they should dispose of personal information that they have. So there's a lot more information. It's in a lot more different places and forms, and the regulators are a lot more focused on this as a compliance issue than ever before. So if I was thinking of the short list of mission-critical legal and regulatory compliance issues for compliance officers in a wide range of industries, data privacy and security would have to be at least given some pretty serious consideration to be on that list.

Marie Patterson:

So let's expand on that a little bit. Data privacy and security. Everyone listening to this I'm sure has been inundated with information in the past months regarding the explosion of AI and the potential benefits of AI to the organization's ability to drill into data. But we've also been talking about the risks of it. It sounds as if on top of everything else, compliance officers need to be thinking about data and as you say, data privacy and data security as it relates to if and how their organization will be adopting or expanding AI. Would that be a correct assumption, do you think?

Jay Cohen:

That's absolutely a correct assumption and like a lot of issues here, we're seeing the regulations coming first from the more highly regulated industry. I spend a lot of my time in the insurance and financial services world, and there already are bubbling up regulations around the use of AI in those industries. And those regulations get at how it's used, what it's used for, what underlying data is being analyzed with these AI tools, what if anything, companies say to their customers how transparent they are about the use of AI. So the regulations are starting to already be developed in highly regulated industries, but as we've seen over and over again, those regulations will start to expand beyond just those industries. Those may be the first to face specific regulations around AI, but they will not be the last.

Marie Patterson:

Got it. So as we bring this to a close, Jay, I know that you spend a lot of your time working with organizations and working with their compliance teams, advising them on how to build, expand, and make more robust their compliance programs. If you were talking with a team today and advising them on some specific things they need to do as a result of both Caremark and the DOJ ruling, what would your recommendations be?

Jay Cohen:

I would probably work with them to ask and answer these six questions.

First is, what are the mission-critical rules that apply to this company based on what we do for a living? What are the rules we better make sure we follow, and how do we identify, how do we know what they are? That's the first question.

The second question is, what are the processes, resources, and tools we have in place to comply with those rules?

The third thing is, how will we know if those processes, resources, and tools are working? What data will tell us? And again, I strongly encourage companies not to limit their consideration of data to data that the compliance program itself generates. When I went through the exercise I described a little while ago at the insurance company, we looked at business data, we called it the three Cs, claims, cancellations and complaints. That data, which the business generated on a regular basis in order to know how well it was doing, also had very significant compliance relevance. So what tells us how we're doing? That's the third question.

Fourth is, if we've identified gaps between what we need to do and what we're doing based on this information, what are we going to do to close those gaps?

The fifth question, and I think this sort of overlays everything is every company says it's committed to doing business the right way. So we have to ask ourselves this question: When we say we're doing business with ethics and integrity, when we say we're doing business the right way, how can we be sure? And that gets to the sixth question, and in essence, the subject of this conversation. Do we have a chief compliance officer and a compliance function in this organization that has all of the responsibility, the authority, the influence, and the tools it needs in order to help us answer the other five questions that I just asked? I think that's what it takes.

Marie Patterson:

Got it. I think that's really helpful, but let's pivot that question to a slightly different audience. Again, many of our listeners for this podcast are potentially in IT or legal or records management or line of business. Particularly for IT and legal, would you be having any recommendations for them as to things that they can do to be supporting or planning to do given that these changes are happening within their compliance team? Because it seems to me the relationship between compliance and each of these different stakeholders not only is changing, but has the potential to continue changing more rapidly than before.

Jay Cohen:

I think you're absolutely right, Marie. So let's take legal first. If I was in the legal department, I would make sure that my general counsel covers two things. First, I'd want to make sure that my senior executives and my board of directors understand the significance of what you and I were just talking about. The potential for these two factors to dramatically change what courts and regulators and prosecutors are going to expect compliance programs to be and do. So the first thing is I'd want to make sure that my board and my senior executives understood what we were just talking about.

Marie Patterson:

Got it.

Jay Cohen:

The second in terms of legal is, again, if I'm responsible for the compliance function because the CCO reports to me, or if my senior executives don't want to separate it out, make sure that I as the GC, get my chief compliance officer everything he or she needs in order to do the job that I think is coming to them.

When it comes to IT, I think it's critical that they do what you talked about earlier in this conversation, and that is that they understand the critical importance of their role in a company's legal and regulatory compliance and work together as closely and effectively as they can with the chief compliance officer. This reminds me of conversation that we used to have around data privacy and security in the companies that I work for or with. And the question would be, does compliance own data privacy and particularly does compliance own cybersecurity? I would give the same answer to that question as I would give if somebody asked me, does compliance own sales practices? And my answer to each is no. In each case, somebody else in that organization is responsible for doing that day-to-day. If I run the sales organization, it's my job to make sure that my salesforce isn't treating its customers unfairly. If I run the IT organization, among my responsibilities is to make sure that the cybersecurity requirements that apply to my company are being met.

What I think compliance owns in both of those circumstances is what I reduce to what I call the pre and post way of looking at compliance. The pre is, have I given the IT folks and the sales folks information that they need about the rules and regulations that apply to their part of our company? Do they know what the legal and regulatory expectations are around cybersecurity, for example? And the post is, am I working together with them to give us a view as to whether or not we are following those rules? Again, whether it comes to securing personal information or treating our customers fairly. I think that's how compliance and IT and every other part of an organization can best work together.

Marie Patterson:

Got it. Okay. So Jay, before we wrap up here, do you think there's anything else that we haven't covered that we probably should?

Jay Cohen:

Let me end by saying this. Like a lot of developments in the evolution of compliance that we talked about earlier, I think these two developments will take some time to percolate, will take some time for people to understand and evaluate and assess, but I have no doubt that when we have this similar conversation a year from now, we'll look back and say, these really did drive the next transformation in compliance. And the best thing that companies could do today from my perspective, is to expect that to happen and get ahead of it rather than wait for it to happen.

Marie Patterson:

Jay, thank you for bringing these important topics as they relate to not just compliance, but from what I can see, the entire organization. To our listeners, if anyone wants to get in touch with you and follow up directly on this, what's the best way to do so, Jay?

Jay Cohen:

The best email for me would be the letter jcohen@ghclaw.com, jcohen@ghclaw.com. And please do not hesitate to reach out if you just have a question, if you weren't sure of something that I said, if you want to challenge something that I said, if you want to weigh in on this conversation. I would welcome the opportunity to continue this dialogue with you and the folks who are listening and the rest of the Archive360 audience. So please do not hesitate to reach out.

Marie Patterson:

Well, Jay, thank you very much for what I think has been a really interesting and very poignant discussion on the continuing evolution of the role of chief compliance officers. And if anyone has questions on the topic or would like to follow up with one of our subject matter experts within Archive360, please send an email mentioning this podcast to info@archive360.com, or you can email me directly at marie.patterson@archive360.com. So that's M-A-R-I-E dot P-A-T-T-E-R-S-O-N @archive360.com, and we'll get in touch with you as soon as possible. As ever, please visit our resource page for information on new podcasts and other materials. But with that, thank you everybody for downloading and tuning in. Especially Jay, thank you for a really great conversation today.

Jay Cohen:

Well, thank you Marie for giving me the opportunity. I really appreciate.

Marie Patterson:

And with that, we hope everyone has a great day.