 Welcome to TechSoup Talks. My name is Kami Griffiths, and today's webinar is Staying Legal with Checking Best Practices, our presenters are Cindy Comple, Emily Chesson, and Francia Fajardo. Before we do introductions, I'd like to tell you a little bit about TechSoup Global. We are working towards a time when every nonprofit and social benefit organization on the planet has the technology, resources, and knowledge they need to operate at their full potential. Here's a screen grab of our homepage. There's quite a bit going on. We have a learning center full of articles, donated products from companies like Microsoft, Adobe, Symantec that you can request for a large discount. There's a community forums where you can post questions and have them answered by volunteers. We've got a blog where daily new messages are being posted and information about technology-related topics for nonprofits and libraries, and a special program just for libraries. Much more going on, so if you have a chance to go to our website and check out more about TechSoup. Now I'd like to introduce our speakers and have them say a little bit about themselves. We really appreciate the time that they put into making this presentation possible. I'd like to start with Cindy. Can you tell us a little bit about yourself and the Mott Foundation? Yes. My name is Cindy Comple. I'm a CPA, and my background is Audit and Compliance Work. I've been with the Mott Foundation for 12 years. I work in the Grants Administration Department, and I'm responsible for equivalency determinations and compliance reviews for all of our international grants. Approximately 30% of Mott Foundation's grants are international. The Charles Stort Mott Foundation is a private grant-making foundation based in Flint, Michigan. We have four program areas, civil society, environment, Flint area, and pathways out of poverty. In addition to our home base being in Flint, Michigan, we have two offices, one in London and the other in South Africa. Some of the areas that we grant in are, of course, the United States, the Great Lakes, the international arena would be Central Eastern Europe and Russia, the Western Balkans, Western former Soviet Union, the EU member states, Latin America, and South Africa. The mission of the Mott Foundation is to support efforts that promote a just, equitable, and sustainable society. And that's all I have. Great. Thank you, Cindy. And now I'd like to introduce Emily Chesson. Can you please introduce yourself a little bit about what you do at World Resources Institute? Sure. So I work at the World Resources Institute. We're an environmental think tank. We're located in Washington, D.C. Our mission is to move human society to live in ways that protect the Earth's environment and also its capacity to provide for the needs of future and current generations. We have four different programs within the Institute. We have one that focuses on climate change and energy policy, another program that focuses on trying to shift kind of Fortune 500 companies in large banks to be more environmentally and socially sustainable. So they focus on kind of markets and enterprises. We have another program called the People and Ecosystems Program that focuses on improving the management of different types of ecosystems to be more sustainable. And then we have the program which I work in, which is our Institutions and Governance Program, which tries to improve the governance of different types of institutions, whether government institutions or financial institutions around the world. So we work all over the world, mostly in developing countries, in trying to improve opportunities for public participation within decision-making processes, increased transparency and accountability within those decision-making processes. So I focus on a project that deals with international financial institutions. It's called the International Financial Flows and Environment Project, and we work to try to shift their investments to be more environmentally and socially sustainable. We focus a lot of our effort on banks like the World Bank and the Asian Development Bank, so mostly public financial institutions. We've been a MOT grantee for about 10 years, and I'm the program coordinator in our project. So I'm responsible for the majority of the administration and management processes and responsibilities within the project. So that includes list checking, which we'll be discussing today. Great. Thank you so much, Emily. And now I'd like to introduce Francia Fajardo, who works with me here at TechSoup Global. So Francia, tell us a little bit about what you do. Hi. My name is Francia Fajardo, and I am one of the Cisco Program Administrator at TechSoup Global. What I do is I review Cisco grant applications and determine if the charity is eligible for the program. And I also assist on selecting which Cisco products can be offered through TechSoup. That's it. Thank you. Excellent. Excellent. So now I'm just going to quickly run through our agenda today. And this will last for 50 more minutes, so we should wrap up at the top of the hour. We're going to start, we've already heard a little bit about the MOT Foundation, but we're going to go in deeper into talking about the Patriot Act and the compliance that is the reason why we're here today, and what MOT has asked their grantees to do for list checking to make sure that the money that's being re-granted is not going to terrorist organizations. We're going to talk about how you can find and research and document the grantees, and we'll do a demo on how you do a search manually as well as how you would do a batch, a group of names at one time using a special software called Bridger. And then we'll have some time at the end for questions and answers. So I'm going to now turn it over to Cindy. We talked a little bit about the foundation and what you do, so if you want to just jump right in to talking about the compliance. Okay, I'm going to give us a little bit of background as to why we have found ourselves in the position that we're in now and why we require those grantees of ours that re-grant to list check as well as the MOT Foundation we require ourselves to list check. So this came all about because of the response to the September 11, 2001 terrorist attacks. The U.S. government issued an executive order that prohibits transactions with individuals and organizations deemed by the executive branch to be associated with terrorism and allows the government to freeze all assets controlled by or in the possession of these entities and those who support them. Prior to September 11, 2001, federal law included criminal sanctions for persons who provide material or financial support for terrorism. In October of 2001, President Bush signed the USA Patriot Act into law and that contains various measures directed at strengthening the federal government's ability to combat terrorism. So by passing the USA Patriot Act, the federal law now can impose significant fines in terms of imprisonment for any entity that provides material support or resources knowing or intending that they are to be used in terrorist acts or by the foreign terrorist organizations. At the end of June of 2002, the federal criminal law was again supplemented this time to criminalize the financing of terrorism. So the new provision now says that they can punish an individual or an organization who willfully prides or collects funds with the intention that such funds be used to carry out acts of terrorism. In response to the USA Patriot Act, Treasury issued what's called Voluntary Treasury Guidelines to assist nonprofits and grant makers in complying with the Executive Order and the USA Patriot Act. The Voluntary Treasury Guidelines consisted of four sections. The first three sections were Governance, Disclosure and Transparency and Governance and Finances, Financial Practices and Accountability. And those three sections outlined principles of good governance which are largely already observed by the well-run foundations and nonprofits. So there really wasn't any new challenge in that area. The challenge came into the fourth section which is entitled Anti-Terrorist Financing Procedures. In summary, this section proposes that foundations and nonprofits attempt to implement a compliance program to ensure that their funds are not used to support terrorism. We should also note at this time that it wasn't just the United States government that responded but also the UN and the European Union passed laws that were similar in the wake of the terrorist attacks. So that gets us to why we're list-checking. So what Matt did was we talked with our legal counsel and came up with a program between them, our grants administration department, and we've come up with a program of compliance which is based on the knowledge of our grantees. We have program officers that work closely with each of our organizations receiving grant funds from Matt. That relationship is really the basis for compliance and assuring that grant funds are not diverted from their charitable purposes. In addition, upon the advice of legal counsel, we added additional measures. One is list-checking which means essentially cross-checking grantee organizations in the subject context against the official terrorism watch list. And the second thing we did was we added language to our grant agreement prohibiting violence and terrorist activities. Since 2001, a lot has changed. It's a rapidly changing and complex area. So Matt reviews their policies and procedures in this arena annually. However, we now require all of our grantees. I'm sorry, I went ahead too far. Any grantees that re-grant with Matt funds are also required to do list-checking and changing of their grant agreement. Again, we want our organizations that re-grant with Matt funds. We want them to know their grantees. We want them to cross-check organizations and contact information against the official terrorism watch list, in particular against the U.S. Treasury Department's specially designated nationals list, which is the SDN list. And we want them to adopt changes to their own grant agreement with their grantees along the lines of what Matt has done with theirs. So that is what gets us to why we list-check and what we expect our subgrantees who re-grant with Matt funds to do. So now we're going to get into the actual what happens with list-checking. List-checking is really...it's complex when you first start it, especially if you have a large volume of grants. But once you get the process down, it's a fairly easy and quick task to get some assurance that your funds are not going to be used or given to an organization that would use them for terrorist activity. But before we get too far, as most people will probably know, it isn't unusual to have a hit. And a hit is just some type of match. The Matt Foundation recognizes that with similarities in names and the use of acronyms, list-checking may create a lot of false positives. And any hit must be reviewed and documented. In a rare case, if it turns up a true hit, then you need to not make your payment. We always list-check prior to our payment, as well as we do it once a month on all open grants. But you should always list-check before you make any grant payments. So as grant makers, we collect a lot of information regarding our grantees. And as a result, you would usually have most documents in-house that could be used to confirm whether the hit was a false positive or a true match. So for example, if we were list-checking an organization and a hit came up, first of all, the information that would come up on the hit, it would give you the name of the organization, the address of the organization. So you would look to the documents that you have in-house, and if you don't have them in-house, you would need to get them from the grantee, which would have their, you would look at some of their, let me go to the next screen. You would look at governing documents, registration documents. If it's a U.S. organization, you can go to GuideStar, get their 990, get their employer identification number. But if it's a foreign grantee, an international grantee, then you would have, typically you would already have their governing documents and a registration document, which would give the legal name, and then the governing documents may also give a shortened name. So when I had, just recently, I guess maybe last month I had a hit on one of our international grants. And what it was was there was two words in the name of this organization that was also included in the name of the organization that showed up as a hit. They were in two separate countries. The director of the organization was different. The registered name was different. So it was obvious to me that we were talking about two different organizations. So I was able to say I talked to the program officer to confirm a few things. And we documented what we had found and said that this was a false positive and it was not a true match. If you were to hit with an individual, then there are other documents that you may need to review. And this has happened as well. Sometimes we collect bios on contacts. We might have to look at a passport. We might have to review a driver's license. You may have done a site visit and met the person or a colleague has met the individual and knows them well. All of this can help you. We had an incident here in Flint actually where the name of an executive director popped up on the list. And the date of birth, of course, the name of the date of birth was on the list. And this gentleman would have been 70 years old. However, we knew the executive director, he's in the same building that we are. And he obviously was in his 30s and not 70s. So we knew that these were two different people. So again, that was a false positive and not a match. But if you ever run into a problem and you're in doubt, don't make the payment. Because if it's a true match, you can't make the payment because if you do, you're going to risk your organization's assets being frozen. So this gets us to the documentation process because it's not just enough to do the list checking and to say that, okay, we had a false positive or we've had this or we've had that. Now you've got to document your verification. And this is kind of where it gets a little bit tricky because it's hard to say you know, there's no cut and dry as to what's proper and what's not and what's enough and what's not. So if you're one of MOT's grantees and you're re-granting and if you have any questions about it, you can contact your program officer who can put you in touch with myself or Mary Galbraith and we can help you with the documentation process. What you want to do though is you want to record your results of the list checking and then you want to record what you've looked at, you want to make copies of it, you want to have it all together so that if anyone was to come in, somebody from a taxing authority or even Treasury was to come in, they would be able to see why you listed this as a false positive and what you had to support that basis. Sometimes here I'm not sure if I've got enough written down and so what I'll do is I'll have somebody else who's not, somebody else in my department but who's not closely associated with list checking and with the situation to read it and say, you know, does this seem reasonable to you? Does this seem like it's going to address concerns of somebody coming in here auditing or reviewing our documentation. And if not, then I'll beef it up a little bit and if so, then I'm content to move on. So again, like I said, we document, you record the results of the list check and any verification you did, you want to print the results because you want to have a hard copy but we also save, we have a folder in our directory where we also keep an electronic file of all of this. So we have two files, the manual and an electronic one. We're actually talking about, I said earlier that we look at our processes annually and we're actually talking about not having a hard copy because our files are backed up on a daily basis. So we're considering just doing the electronic copy but right now we still have a hard copy in the electronic copy. And you're required to retain these records during the terms of the grant and for five years thereafter. Again, let me just reiterate that we do require that our grantees who re-grant list check and prior to this year or maybe even two years ago we changed our policy, we used to have them submit some documentation to us to show that they had list checked and that they had looked into any false positives or any hits that they had had. But we don't do that any longer. We put it in our commitment letter that they need to list check and we just ask that they keep the hard copy in the electronic copy and if not should come in and want to look that they have that available to us. But we no longer require our grantees to submit that documentation with their reports. So we do again expect our grantees to know their grantees. We expect to know our own grantees. We want to revise commitment letters to add the anti-terrorism language and then we want them to list check. So that pretty much sums up the documentation process and now we're at the resources. The Mott Foundation, when all this came about, and I think it was in 2003 when we really started implementing these changes, we knew that this was going to be a burden to our grantees that re-granted with our funds. So I think it was in 2003 that we entered into an agreement with TechSoup. They were known then as CompuMentor and they worked with our grantees that re-granted with our money and helped them to get the list checking process up and running and to supply them with technical support. The management of the Mott Foundation didn't want, they knew that they were putting another additional step on the grantees and it's an onerous one and so we wanted to help them as much as possible. But at the same time, we wanted to make sure that we were doing all that we thought we should do to make sure we were in compliance with the USA Patriot Act. So in addition to all of that, the Mott Foundation has a website, www.mott.org and we have a grant resources section and in that section we have different items such as accounting, grantee reporting and then the USA Patriot Act. If you look in the USA Patriot Act, that's where you're going to find some of the information on the list checking and on the requirements and those kinds of things. There's a wealth of information there and not only just in the Mott Foundation's website but also if you went to the Council on Foundation website, they have a book and let me see if I can find the name, a handbook. Hang on one second. I can't see the name right now. We can send a link to that information in the follow-up message as well. It really is. It's a handbook and it's about the Executive Order, the Patriot Act, the guidelines and what they're trying to do to help nonprofits and foundations be compliant and there's a wealth of information in that as well. So I think that's it. That's wonderful. Thank you, Cindy. So there's a lot of information. It looks like it's fairly well organized on the Mott site. We'll include links to this site as well as the individual pages in the follow-up message that I'll send this afternoon. I'd like now to move on to Emily and have her do a demo of how she does her list checking. She's going to first go through this list, her own list of her process and then do the demo for you. So I'll turn it over to you, Emily. Great. So can you all see my screen now? Yes. We can see your browser if there's ready talk. Okay. The PowerPoint slides that I had are not showing up, but that's okay. I can just talk through it. Oh, sorry. If you wanted to go through the slides, I'm going to stop sharing and then you can just go through these. You can go through this list and then we can go back to sharing your desktop. Is that okay? Yeah, yeah, that's great. Sorry about that. So as I said before, WRI has been a grantee of the Mott Foundation for about 10 years. And this is the first year we're actually going to be re-granting funds. We were going to be re-granting funds to four different partner organizations in Mexico, Indonesia, South Africa, and the Philippines. And we found out from our program officer that before we could re-grant the funds, we had to comply with the U.S. Patriot Act and list check all of our re-granting organizations against the specially designated nationals list. So since we were only checking for organizations, it wasn't going to be too cumbersome, so we were able to do this manually rather than using one of the services that we'll be talking about later. So I'm going to just walk you through the process that we take to manually list check our different organizations. It's pretty simple. And you can kind of see the steps that I've outlined on the slide. And so I'll just walk you through these steps. And then we can see if there's any questions at the end. Okay, so the first thing that you want to do is set up a Word document with all the information that you're going to need to list check. So this information includes the organization name, the organization director, and the project, your main project contact. So the person you're going to be working with the most closely throughout the project. You also need to include the...there we go. So you also need to include your search date, the staff member who's going to be doing the list checking, and then also once you complete your list checking, you're going to need to sign off to verify that you were the one who did this and keep it for your record. So I usually make a Word document that includes all this information to start off with. And then your next step is you have to go to the U.S. Treasury's website. So you go to the website. And then the first thing you have to do is you have to download the SDN list, which is the specially designated national list in PDF format. So you would click that and download the list, and then it looks like this. So if you were to scroll through the list manually, it would take a really long time to list check those three pieces of information. But luckily they have a find box, like many PDF documents do. So you want to click on the arrow and go to Open Full Acrobat Search. And so we've already set up our Word document with the information we need to search for. So the first thing that we're going to search for is the organization name. And the organization that we are looking for is called General Organization for Tourism and Affairs. So you would type it in, and then you would press Search. And it shows that there's zero results. So that's good. You do not want to get any positive results. So to document this, you would want to do a print screen. So you would press Print Screen, which is normally on the upper right-hand side of your keyboard. And then you would want to paste this into your Word document. So as you can see, I have pasted this into my Word document. You see the organization name. And you can see that there's, you can see the search box, which shows that there's zero documents with zero instances, which is great. It's exactly what you want. So then you would go along and do this for also the program projects, contact, and your primary organization contact. So the primary organization contact is Mohammed Dubey, and the primary project contact is Mohammed Latif. So we'd go through and do it for those three as well. And you'd do the same thing. You'd do your print screen, you'd, and then you'd paste it into your Word document. So then you end up having a document that has all three pieces of the information. As you can see, this document does. And then the last step you'd want to do is you'd want to save this for your record. So you would save it to your electronic files. And then you'd also want to print it, sign it, and then put it with your hard files, your paper files, and put that away. And then you need to keep them on file for five years, as was said. And that's about it. So it's pretty simple. You just follow those steps. And then as long as you have not had any positives, then you can go ahead and begin the re-granting process to your partner. Excellent. Thank you so much for walking us through that. And I hope for those of you who are new to this idea, if it didn't go too quickly, remember this is recorded. So if you want to go back and replay it and use this as a guide for yourself later, please do so. We're going to move on to – I'm going to stop sharing and move on to Francia. She will be showing us how we do our list checking. Oops, wrong slide. Thank you. How we do our list checking here at TechSoup for our donor partner, Cisco. So we would like to now pass it over to Francia. Hi. As mentioned earlier, my name is Francia, and I'm one of the Cisco Program Administrator at TechSoup. And as part of our process in reviewing Cisco product donation requests, we also perform Patriot Act checks. And we use the Bridger Insight online tool for that purpose. So just giving a little bit more information about Bridger, this online tool contains 25 terrorist watch lists, and it includes the SDN list as the speakers mentioned earlier. And there are two ways to run searches on Bridger. So let me show you how that works. So I just logged into Bridger, and we have a search option called Check Names. If you have just a few names to search, you can just type it in. I'll go ahead and type in my name, and then just click Search. And as you can see, no matches found. And then there is this other cool feature where if you have a large number of grantees and you want to check those names, you could use this scan file option. So to start with that option, you first need to collect or prepare your data by retrieving the information from your database. So let's say the information you got is this list. And the way at least my input format is configured is you have to, if it only scan names in one column, so I have to combine the organization's name and the contact, the primary contact for the organization into one column. So I did that right here. As you can see, they are all in one column. So going back to the Bridger Insight tool, so you do a scan file, and under input format, this is my personal configured format. And then we just browse where you save your file. And as you can see, so when I save my file, I save it as a comma-delimited file or a CSV file. So that's the format it accepts. So verify format. So just simply follow the step-by-step instructions. So when you click on verify format, just click Start. So the list is fed through the search and then to feed the results. So we've fed the sample data that CSV on today's date. And as you can see, there are four names that were found. So let's take a look at that. So I highlighted the name of the file and I clicked Search. So for one of the organizations' names, it's called Radio Unidas. And as you can see on the score, it had a score of 88. And the higher the score, the more it's closely related to the match. So let's see. And the cool thing about this is you can click Print Details and it would give you all this information which you could use to document for matches. So let's see from the information for Radio Unidas, if the country is different from what's indicated on here which is in Colombia. So it has all this information which you could use to verify if it's a false positive or a true positive. So that's basically it. So how we do it for the Cisco program is if the score is high and the matches are really close to each other, we do escalated Cisco in their export compliance team. They do extra research on their end and then they will let us know if they are good to go for the Cisco donation. So that's how the Bridger online tool works. So back to you, Kenny. Excellent. Thanks, Francia. I also wanted to let you know that there are a few products out there like Bridger. And I'll include links to those in the message I sent out this afternoon. One is called IST Watch. It has the option of searching individual names as well as searching in batches. So you can see the benefits of batch searching if you have money, many people to look up at any one time. So I just sent a message out via the chat asking you to submit your questions if you have any. Before I move on to questions I wanted to quickly point out in the PowerPoint we have some resources that are listed, some links to places on the TechSoup site, to places within, more information on what we were talking about today. So there's been a couple of questions posted so far. And I think I will fill them out there and see who would be, I guess Cindy would be the best person for this first question. So this is a question that Sarah asked earlier. To clarify a little, does this list only US 503s? Her grantee organizations are all overseas. Can I use this list for them? So Cindy can you answer Sarah's question? Yes. The answer is yes. The SDN list is put together by the government. It's all organizations that are linked or individuals or persons that are linked to terrorist activities. It isn't just 501C3s. It's worldwide. So you're safe to use that. Excellent. And another question that Jeff had, approximately how much does bridge your insight cost and is it useful to our organization that only grants in the US? Now Cindy, do you have that information? I believe and maybe Jennifer you might be able to tell me if I'm on track again. It used to be about $1,000 for a subscription for a year. Does that sound about right? Yes, so we're having a hard time getting Jennifer on mute. She's my coworker here and she's helping on the back end. But she did agree with that. And again we'll send out links to the bridge your information. Okay, so I'm just only interested. It's only good for people if they're in the US. Okay, my apologies, my apologies. We need to work out our unmuting. So we've shown you and again I'm waiting for more questions. If any of you have any questions please submit them now or raise your hand and we can see if we can answer those questions. The two examples we've shown you, if you have a small number of grantees to do the list, the manual list, it is a bit more work. And then Bridger allows you to put in a bunch of names out once and it also checks multiple lists. So was there any other questions out there or do the presenters have anything that they would like to add that maybe they didn't get to share earlier? Okay, well I think that we did thank you presenters for taking time to show us your processes. And Cindy, thank you for explaining the Patriot Act and what the law says. I think it's something that a lot of folks aren't aware of. I know I've had some conversations with people that do re-granting and they've never heard of this. So it's nice for us to get the word out. We hate to see people have their assets frozen because they just didn't know that this was in the law. So expect a message from me this afternoon or in two or three hours from now. It will include the recording to this webinar, the PowerPoints, the audio file, and links to the resources that we talked about today. You can also email me at any time if you have questions. I'll give you another email in a second. But before I close this webinar I want to let you guys know that we have some other upcoming webinars. We do webinars like these on a weekly basis. Not all of them are so specific to a type of organization. So if you're available next Tuesday we're offering a free webinar on social media decision making and the following week on donor management solutions. So I will include links to the registration pages for those webinars. And I would like to thank you all for attending today. We have an email address down here at the bottom. If you have any questions, email Mott at TechSoup.org that will go to Jennifer. She'll be happy to help you with any questions that you have related to this topic. If you wouldn't mind taking a second to fill out our post-event survey, letting us know if you had any questions or comments and if you have any suggestions for future webinars. So I really appreciate your time and thanks again to the presenters and have a great day. Bye everyone. Bye. Thank you. Bye. Thank you. Thank you. Please stand by.