FCPA Compliance and Ethics Blog

December 19, 2014

Winter Begins in Valley Forge and the FCPA Professor Teaches in Miami

Filed under: FCPA,FCPA Institute,FCPA Professor — tfoxlaw @ 12:01 am

FCPA InstituteToday we celebrate one of the seminal turnarounds in US history for on this day in 1777, George Washington lead his beleaguered troops into winter quarters at Valley Forge, Pennsylvania. At that point in time, things could hardly have looked bleaker for Washington and the Continental Army as 1777 came to a close. The British had successfully occupied Philadelphia, leading some members of Congress to question Washington’s leadership abilities. No one knew better than Washington that the army was on the brink of collapse. Though he had hoped to provide his weary men with more nutritious food and badly needed winter clothing, Congress had been unable to provide money for fresh supplies.

The winter at Valley Forge might have signaled the end of the American Revolution. Fortunately for the Continentals though, Washington did not give up. During this time Washington made several key additions to his officer corps, such as the Prussian General Friedrich von Steuben, who was tasked with implementing a new training regime, and appointed Nathanael Greene as Quartermaster General, relieving Washington of the duty of supply procurement. Washington, supported by a loyal officer corps, was now free to focus on strategies to beat the British. He was further buoyed by France’s agreement to join the revolutionaries in February 1778.

Once Washington’s detractors in Congress realized they could not sway his troops’ loyalty, they gave up on any secret plans to replace him. In March 1778, Washington led his troops, their bodies and supplies replenished and their confidence restored, out of Valley Forge to face the British again.

While you are considering the cold and starving Continental Army troops, you might think to warmer climes to consider attending one of the premier Foreign Corrupt Practices Act (FCPA) educational events of 2015 as the FPCA Professor will put on his well-renowned FCPA Institute over two days, January 12 and 13. The event will be held in Miami and is hosted by the law firm of Carlton Fields Jorden Burt. While myself and others bemoan to him that he needs to get out on the speaking circuit so that we can hear more of his critique and analysis of FCPA enforcement and to learn from him, I was interested to see he is correcting this by leading his first Southern based FCPA Institute next month.

As clearly denominated by his moniker, the FCPA Professor, he teaches law with a specialization in the arena of the FCPA. The Professor’s stated goal in leading this Institute is “to develop and enhance fundamental skills relevant to the FCPA and FCPA compliance in a stimulating and professional environment with a focus on learning. Information at the FCPA Institute is presented in an integrated and cohesive way by an expert instructor with FCPA practice and teaching experience.”

Some of the topics to be covered, include the following:

  • An informed understanding of why the FCPA became a law and what it seeks to accomplish;
  • A comprehensive understanding of the FCPA’s anti-bribery and books and records and internal controls provisions and related enforcement theories;
  • Various realties of the global marketplace which often give rise to FCPA scrutiny;
  • The typical origins of FCPA enforcement actions including the prominence of corporate voluntary disclosures;
  • The “three buckets” of FCPA financial exposure and how settlement amounts in an actual FCPA enforcement action are typically not the most expensive aspect of FCPA scrutiny and enforcement;
  • Facts and figures relevant to corporate and individual FCPA enforcement actions including how corporate settlement amounts are calculated;
  • How FCPA scrutiny and enforcement can result in related foreign law enforcement investigations as well as other negative business effects from market capitalization issues, to merger and acquisition activity, to FCPA related civil suits; and
  • Practical and provocative reasons for the general increase in FCPA enforcement.

The Professor has said, “The FCPA Institute is different than a typical FCPA conference.  At the FCPA Institute, information is presented in an integrated and cohesive manner by an expert instructor with FCPA practice and teaching experience. Moreover, the FCPA Institute promotes active learning by participants through issue-spotting video exercises, skills exercises, small-group discussions and the sharing of real-world practices and experiences. To best facilitate the unique learning experience that the FCPA Institute represents, attendance at each FCPA Institute is capped at 30 participants. In short, the FCPA Institute elevates the FCPA learning experience for a diverse group of professionals and is offered as a refreshing and cost-effective alternative to a typical FCPA conference. The goal of the FCPA Institute is simple: to develop and enhance fundamental skills relevant to the FCPA, FCPA enforcement, and FCPA compliance best practices in a stimulating and professional environment with a focus on learning.”

In other words, it is what you have come to expect from the FCPA Professor; well-thought out reasoned analysis, practical knowledge and learning, and provocative thinking and assessment.

For information on the event, click here.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

 

 

December 18, 2014

Ty Cobb and the Compliance Performance Appraisal Review

Ty CobbToday we celebrate greatness, in the form of one of the greatest baseball players ever, with the anniversary of the birthday of Ty Cobb. Coming up to the majors as a center fielder for the Detroit Tigers in 1905, he emerged in 1907 to hit .350 and win the first of nine consecutive league batting titles. He also led the league that year with 212 hits, 49 steals and 116 RBIs. In 1909 he won the league’s Triple Crown for the most home runs (9), most runs batted in (107), and best batting average (.377). In 1911, he led the league in eight offensive categories, including batting (.420), slugging percentage (.621), hits (248), doubles (47), triples (24), runs (147), RBI (144) and steals (83), and won the first American League MVP award. He batted .410 the following season, becoming the first player in the history of baseball to bat better than .400 in two consecutive seasons.

Cobb set a record for stolen bases (96) and won his ninth straight batting title in the 1915 season. He faltered the next year, but came back to win another three straight titles from 1917 to 1919. He left the team in 1926 and signed with the Oakland Athletics, hitting .357 and becoming the first-ever player to reach 4,000 total career hits before retiring after the 1928 season. His record of nine consecutive batting titles as well as his overall number of 12 will never be succeeded.

While Cobb certainly had quite a bit of natural ability, he was also a very dedicated baseball player, forever working to improve his craft. He might not have taken well to criticism but he did work to improve all aspects of his game. One of the modern ways to improve employee performance is through an annual employee performance review. Recently I read an article in the Houston Business Journal entitled “6 Ways To Make Performance Reviews More Productive” by Janet Flewelling. I found her article provided some interesting perspectives on some of the ‘nuts and bolts’ work that you can put into your Foreign Corrupt Practices Act (FCPA) or UK Bribery Act anti-corruption program that can be relatively low-cost but can add potentially high benefits.

One of the ways to drive compliance into the DNA of an organization is through incentives such as making it a component of a year-end discretionary bonus payment. Indeed the FCPA Guidance states, “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance pro­gram, and rewards for ethics and compliance leadership. Some organizations, for example, have made adherence to compliance a significant metric for management’s bonuses so that compliance becomes an integral part of management’s everyday concern.”

Most Human Resources (HR) experts will opine that properly executed performance appraisals are crucial to organizational productivity as well as the development of employee skills and employee morale. Moreover, they can serve a couple of different functions for a best practices compliance program. First, and foremost, they communicate to each employee their job performance from a compliance perspective. However, one key is not to approach the performance appraisal review as an isolated event but rather a continual process. This means that instead of trying to play catch-up at the last minute, supervisors should provide feedback and assess job performance throughout the year so annual reviews are grounded in a year’s worth of experience. This includes the compliance component of each job. The second area performance appraisals impact is compensation. As noted above, the DOJ and SEC expect that your compliance program will have both discipline and incentives. But those incentives need to be based upon something. The score or other performance appraisal metrics will provide to you a standard which you can measure and use to evaluate for other purposes such as employee promotion or advancement to senior management going forward.

In her article Flewelling provides six points you should consider which I have adapted for the compliance component of an annual employee performance appraisal. 

  1. Prioritize reviews in your schedule – You should schedule the employee performance appraisal at least several days in advance, rather than when a time slot suddenly opens up. You would make sure that you allot sufficient time for unhurried give and take between the reviewer and the employee.
  2. Review the entire year’s performance – You should resist the attempt to focus the discussion on the latest compliance experience. This is called recency bias. If a compliance issue arose in the past month or so, you need to keep it in perspective for the entire review period. Moreover, by focusing a review on a recent problem you may obscure prior accomplishments and make an employee feel demoralized. Take care not to go too much in the opposite direction as recency bias can work both ways, and one should not let a favorable recent compliance event overshadow the full review period.
  3. Do not hesitate to critique – Be generous with praise where it is warranted, but do not hesitate to discuss improvements needed in the compliance arena. Many supervisors are reluctant to confront and indeed desire to avoid confrontation. However remaining silent about an employee’s compliance shortcomings is a disservice to both the company and the employee.
  4. Do not dominate the conversation – Remember that you must give the employee time for self-appraisal and to ask questions or to comment about the feedback received from the compliance perspective. If there are specific questions or concerns raised by the employee you need to be prepared to address them as appropriate.
  5. Understand the employee’s role – You need to understand and appreciate that if the recent economy has resulted in many employees assuming the responsibilities of more than one position. If relevant to the employee, acknowledge that fact and take it into account in the review. This is certainly true from the compliance perspective as many non-Compliance Department employees have cross-functional responsibilities. If they claim not to have the time to handle their compliance responsibilities you will need to address this with the employee and perhaps structurally as well.
  6. Anticipate reprisal – Although it is rare, you can face the situation where an employee who is very dissatisfied with a review may refuse to sign it. The employee may be offered the opportunity to add a statement to the review. Also point out that the employee signature is an acknowledgement of receiving the review and does not signify agreement. If the employee still refuses to sign, have a second supervisor come in to witness the refusal. This may be particularly important from the compliance perspective.

Flewelling ends her piece by noting, “A proper annual review requires considerable effort from employee supervisors. It should be a full-year process involving regular guidance and feedback and perhaps several mini-reviews along the way. But rather than viewing it as onerous, supervisors should keep in mind that it is a tool for making their departments work more efficiently and yields better results for everyone involved.” I would add this is doubled from the compliance perspective. Nonetheless the potential upside can be significant from your overall compliance program perspective.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 17, 2014

Scrooge and Corporate Settlement Agreements

A Christmas CarolAlthough there seems to be a difference in the precise publication date between the online reference sites This Day in History and Wikipedia, today we celebrate the Charles Dickens’ work A Christmas Carol, which both sites acknowledge was published in 1843. This story has become well known and omnipresent in the Christmas season; in film, theater, radio, television, cartoon, opera and about every other form of media known to mankind. A Christmas Carol tells the story of a bitter old miser, Ebenezer Scrooge and his transformation into a gentler, kindlier man after visitations by the ghost of his former business partner Jacob Marley and the Ghosts of Christmases Past, Present and Yet to Come.

The book was written at a time when the English were examining and exploring Christmas traditions from the past as well as new customs such as Christmas cards and Christmas trees. Dickens’ source materials for the tale appear to be many and varied, but are principally, the humiliating experiences of his childhood, his sympathy for the poor and various Christmas stories and fairy tales. A Christmas Carol has been credited as one of the greatest influences in rejuvenating the old Christmas traditions of England. Scrooge himself is the embodiment of winter, and, just as winter is followed by spring and the renewal of life, so too Scrooge’s cold, pinched heart is restored to the innocent goodwill he had known in his childhood and youth. It is hardy tale that should be retold and remembered each holiday season as one of the true spirits for celebration.

I considered this work by Dickens when I read a recently released article entitled “Improving Corporate Settlement Agreements by The Fraud Guy, John Hanson. In this piece Hanson considers some shortcomings in a variety of corporate misconduct settlement agreements, where he believes “the Terms of most Agreements lack a full and practical appreciation for what constitutes an effective Program within a particular organization.” He articulates that “A key reason for this is because the parties to the Agreement miss the forest for the trees in that they too narrowly focus on Program sub-components (that piece of a Program associated with a particular risk, such as Anti-Corruption, Anti-Trust, False Claims, Organizational Conflicts of Interest, etc.…), the failure of which is only symptomatic of a higher level and overall Program failure.” Although Hanson’s critique of Deferred Prosecution Agreements (DPAs), corporate monitors and settlement agreements was broader than simply those issues in Foreign Corrupt Practices Act (FCPA) enforcement, I found his comments provided some useful insights into how both companies and the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) might help to make the process more robust in helping companies create a culture of compliance and ethics as result of a resolved enforcement action.

Ethical Tone

Here Hanson says that DPAs do not tie the relationship of compliance and ethics together going forward. He believes that one cannot exist without the other. He thinks many compliance program overseers focus too much on the sub-parts and institute too much of “A piecemeal approach that overly focuses on Program sub-components and neglects ethical tone almost completely is doomed to failure. It is like placing a Band-Aid on an arterial wound.”

While many external monitors will drill down into the detailed specifics of a certain issue or even sub-issue under compliance, such a mechanism can be a useful exercise. For example if there is a particular compliance problem being faced such a detailed approach may be warranted. For instance, if the company got into FCPA trouble for its use of third parties that came into a business relationship with the company through the Supply Chain, an extreme deep dive into the Supply Chain and management of those relationships from the compliance perspective may be important. However what such an approach may cost is losing a greater focus of the overall picture.

Time

A second critique is that many DPAs are simply too short in time length to “effectively implement remediation.” While this criticism is largely for DPAs outside the FCPA context, it bears some discussion. Hanson believes that “A Program is a process, not a one-time event. Moreover, it is a process that perpetuates and improves continuously. Generally speaking, for organizations without a robust and effective Program, it realistically takes at least three years to stand up this process to the point where it is effective and begins annually repeating.” A compliance program design and implementation can take up to 18-months and it can often take another year to assess the implementation results and fine tune the compliance regime going forward.

While most DPAs in the FCPA context are for three years, there have been examples of where either a company was released early from a DPA or a monitorship ended at the 18-month mark rather than the full three years. An example of this is Pride International (now ENSCO) who were rewarded by being released early for its superior enhanced compliance efforts. In the latter category is Weatherford, among others, whose external monitorship can end at 18-months after the execution of the DPA, if sufficient progress is met.

External Monitors

Hanson had some very interesting thoughts about the use of corporate monitors. He has long championed more professionalism for monitors, specifically regarding their training in implementing compliance programs, not simply as very good white-collar defense lawyers or internal investigators. However, in his paper Hanson notes that other concerns have lessened both the effectiveness of external monitors or even their use; when he writes, “Due to past negative publicity arising from problems resulting from poor/immature government agency Monitor selection policies and/or inexperienced and/or ineffective Monitors, government agencies and organizations alike have developed some misperceptions that have led to Monitors being underutilized, even avoided. While some government agencies are still developing or improving Monitor selection policies, many have already adopted policies that addressed past concerns.”

Hanson champions his concerns for monitors with the experience issue. He believes that “many Monitors come from the ranks of whitecollar defense attorneys, who, as noted above, frequently lack the requisite level of compliance and ethics training and knowledge, as well as practical Program experience, to serve in that role most effectively. Additionally, most persons selected to be a Monitor have never been a Monitor before and are unaware of the nuances associated with such a specialized role.” To rectify this issue, Hanson advocates greater monitor training from organizations such as the Society of Corporate Compliance and Ethics (SCCE) or others. Finally, as Hanson notes, “it is of much greater importance to engage a Monitor who is an expert in compliance and ethics rather than one who is an expert on the substantive underlying criminal and/or regulatory violations.”

As usual when John Hanson writes something relating to the compliance field, you should definitely read it. Hanson’s unique background as a forensic auditor, FBI agent and four-time corporate monitor provide valuable insights to any compliance related issue. His current article is no different. You can use many of his insights directly in your compliance program through engaging an outside expert, called monitor or something else, to help move your compliance and ethics program forward on a number of fronts.

Hanson’s article is available through JDSupra by clicking here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 16, 2014

The Eve of Destruction and Tone at the Top – You Are Who Say You Are

Barry McGuireIn 1965 the single Eve of Destruction was released. It was written by an 18 year old named Phil Sloan and was sung by former member of the New Christie Minstrels named Barry McGuire. To top it off, it was produced by Lou Adler. These facts, the story of the song, its recording and release were related in a recent Wall Street Journal (WSJ) article by Steve Dougherty entitled “Still on the ‘Eve of Destruction’. There are some singles that got under my skin when they were released and have remained there. This song was one of them. For me, the single most powerful line in the song was following:

Think of all the hate there is in Red China; And take a look around to Selma Alabama. 

Even as an eight year old I pondered the import that line. While we were taught that the Soviet Union might have wanted to defeat, conquer, and then enslave us; it was Red China that hated us so much they wanted to wipe us out of existence As we were taught back then that it was the Red Chinese who hated us; I wondered if there was that much hate in Selma Alabama. For if there was as much hate in Selma Alabama as there was in Red China, it had to be quite a lot of it.

I thought about Eve of Destruction and those lyrics about the hate in Selma, Alabama when I read about the conduct of a couple of senior managers recently. While they have both apologized for their conduct and comments that were clearly beyond the pale, I wondered that if you do say and act a certain way, if it really translates into who you really are. For the compliance practitioner, I wondered what such comments or actions might mean about a Chief Executive Officer (CEO) or other senior management’s commitment to doing business in an ethical manner and in compliance with anti-corruption laws such as the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act.

The first has been nicknamed Nut-Rage and involved the (now former) Korean Air executive Cho Hyun-ah (Heather Cho), who threw one of the greatest diva-worthy (or perhaps five year-old worthy) public temper tantrums of all-time. An article in the BBC Online, entitled “Former Korean Air executive apologises for ‘nut rage” ,reported that “Ms Cho was onboard a Korean Airlines plane departing from New York for Incheon last week when she demanded a crew member to be removed, after she was served nuts in a bag, instead of on a plate.” Also according an article in Slate, entitled “Flight Attendant Forced to Kneel for Serving Nuts in a Bag (Instead of a Dish) to Korean Air Executive” by Daniel Politi, Ms. Cho was not simply content to disrupt the plane’s service, air traffic control and airport scheduling, he wrote “Just when you thought the whole story about the Korean Air executive who went nuts over some nuts couldn’t get more ridiculous, the head of the cabin crew said he was forced to kneel to apologize about how a flight attendant served some macadamia nuts. Just in case you haven’t been following the case, Heather Cho, the daughter of the airline’s chairman and the executive in charge of in-flight service, forced a plane to return back to the gate at New York’s JFK airport last week after a flight attendant dared to bring her macadamia nuts in a bag and not a dish. Cho forced the head of the cabin crew to get off the plane.”

But the story did not end there. In another BBC article, entitled “Korean Air executive ‘made steward kneel over nut rage, the head of the cabin crew also reported that “Once home, officials from the airline came to his home to ask him to say that Ms Cho did not use abusive language and that he had voluntarily got off the plane.” Not to be outdone in this attempt to obstruct the truth and intimidate the witness, the BBC article also reported “Korean Air initially defended Ms Cho, noting that she was responsible for overseeing flight service in her role as vice-president, but the company later apologised.”

Unfortunately the second event is much closer to home here in the US and involves the Sony hacking scandal, which has been an unmitigated disaster for the company. In addition to all of the salary information, personal social security numbers and corporate intellectual properties that have been released, Sony’s Entertainment Chairman Amy Pascal sent some emails that can only at best be characterized as racially insensitive in nature. Jason L. Riley, in a WSJ entitled article “What Do You Call A Black President”, wrote that Pascal and Producer Scott Rudin engaged in the following email colloquy “Last year, Ms. Pascal and Mr. Rudin were invited to a fundraiser for Mr. Obama by Jeffrey Katzenberg, a DreamWorks Animation bigwig and major Democratic donor. Before the event, Ms. Pascal and Mr. Rubin joked about having to attend and what to say to the president. “What should I ask the president at this stupid Jeffrey breakfast,” wrote Ms. Pascal. “Should I ask him if he liked Django”, a 2012 film about slavery. Mr. Rudin responds with his own suggestion, “12 Years a Slave.” The two go back and forth naming movies they imagine the president enjoying—“The Butler,” “Think Like a Man,” “Ride Along”—all of which feature black actors or racial themes.” While Riley opines that this ­tete-a-tete is political in nature, my Southern upbringing reminds me of the line from Eve of Destruction to Think of all the hate there is in Red China; And take a look around to Selma Alabama. Maybe if McGuire were singing the song today, he would expand his geographic horizons.

While both Ms. Cho and Ms. Pascal have apologized for their actions and as noted, Korean Airlines has terminated Ms. Cho from her position. If you are what you say and show to others; what does all that mean when such people get into senior management positions? What does it say about Korean Airlines that it (1) fostered such a culture where the daughter of the President is given a job she clearly knows nothing about, (2) the same person humiliates an employee in public, (3) the Company tries to cover-up the incident by intimidating the employee, and (4) defends the actions of the daughter? Think that company has a culture of compliance? How about if a compliance incident is reported – would the company try to cover it up or thoroughly investigate it? Would the company try to intimidate witnesses to get them to change their recollections of events? How would you answer these questions if the incident in question were not over some nuts being served but over a safety issue?

As to Sony, how do you imagine minority employees might feel, given Pascal’s comments about the President of the United States? What about employees that might complain about discrimination in employment practices? If the head of the studio communicates in the manner about the President, what can a regular employee expect; similar sensitivity? Maybe the lesson for Sony and Pascal is simpler and much more direct, Don’t put stupid stuff in email. For even if your company is not hacked like Sony; in today’s world such emails uncovered in the context of a FCPA investigation might indicate a tone at the top which is not something you wish a regulator to see. But at the end of the day, you are you claim you are.

For a YouTube video clip of Barry McGuire singing Eve of Destruction, click here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 15, 2014

Hiring and Promotion in Compliance – Wait for Great

7K0A0597The role of Human Resources (HR) in anti-corruption programs, based upon the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act, is often underestimated. I come from a HR background and practiced labor law early in my career so I have an understanding of the skills HR can bring to any business system which deals with legal issues; which is not only required of all businesses but certainly is true of FCPA or UK Bribery Act compliance. If your company has a culture where compliance is perceived to be in competition or worse yet antithetical to HR, the company certainly is not hitting on all cylinders and maybe moving towards dysfunction.

One of the Ten Hallmarks of an Effective Compliance program relates to the key role HR plays in incentives and discipline. However, another key area that is not given as much attention is in hiring and promotion. The FCPA Guidance states, “[M]ake integrity, ethics and compliance part of the promotion, compensation and evaluation processes as well. For at the end of the day, the most effective way to communicate that “doing the right thing” is a priority is to reward it. Conversely, if employees are led to believe that, when it comes to compensation and career advancement, all that counts is short-term profitability, and that cu tting ethical corners is an ac­ceptable way of getting there, they’ll perform to that measure. To cite an example from a different walk of life: a college football coach can be told that the graduation rates of his players are what matters, but he’ll know differently if the sole focus of his contract extension talks or the decision to fire him is his win-loss record.” In other words make compliance significant for professional growth in your organization and it will help to drive the message of doing business in compliance.

I thought about these concepts when I read an article in the Corner Office column of the Sunday New York Times (NYT), entitled “Sally Smith of Buffalo Wild Wings, on patience in hiring” where columnist Adam Bryant interviewed Sally Smith, the Chief Executive of Buffalo Wild Wings, the restaurant chain. She had some interesting concepts not only around leadership but thoughts on the hiring and promotion functions, which are useful for any Chief Compliance Officer (CCO) or compliance practitioner striving to drive compliance into the DNA of a company.

Leadership – Get Feedback

One of the early lessons which Smith learned about leadership is to set clear expectations. Bryant wrote that Smith told him, “You have to be really clear about what you want and what your expectations are. When you’re clear and everybody understands them, you have a much better chance of success than if you say, “Just do it.” It’s a great slogan, but you’ve got to know what it is that you’re just doing.” This is a constant battle for the compliance practitioner when senior management also makes clear that you must make your numbers as well. However this dynamic tension can be met and one of the best ways is to require business-types to make their numbers but doing so in a way that is in compliance with a company’s Code of Conduct and compliance regime.

A second leadership lesson that Smith has learned is around feedback. As you might guess from a Chief Executive, Smith has found that obtaining honest critiques about her management style from those who work under her is difficult to acquire. To overcome this reluctance she set up a program where her leadership can give anonymous reviews of her performance annually to the company’s Board of Directors. Bryant said, “My leadership team does a performance review on me each year for the board. It’s anonymous. They can talk about my management style or things I need to work on. If you want to continue growing, you have to be willing to say, “What do I need to get better at?”” This type of insight is absolutely mandatory for any best practices compliance program as anonymous reporting is also one of the Ten Hallmarks of an Effective Compliance program. But more than simply an anonymous reporting line for FCPA violations, how does your company consider feedback to determine how all levels of the company is doing compliance going forward or as the FCPA Guidance states, “From the boardroom to the shop floor.”

Hiring and Promotion – Waiting for Great

Here Smith had some thoughts put in a manner not often articulated. One of her cornerstones when hiring is to search out the best person for any open position, whether through an external hire or internal promotion. Bryant stated that Smith said “We use the phrase “wait for great” in hiring. When you have an open position, don’t settle for someone who doesn’t quite have the cultural match or skill set you want. It’s better to wait for the right person.”

Smith articulated some different skills that she uses to help make such a determination. Once a potential hire or promotion gets to her level for an interview, she will assume that person is technically competent but “I assume that you’re competent, but I’ll probe a bit to make sure you know what you’re talking about. And then I’ll say, “If I asked the person in the office next to you about you, what would they say?””

Passion and curiosity are other areas that Smith believes is important to probe during the hiring or promotion process. In the area of passion, Smith will “Often ask, “What do you do in your free time?” If they’re passionate about something, I know they’re going to bring that passion to the workplace.” Smith believes curiosity is important because it helps to determine whether a prospective hire will fit into the Buffalo Wild Wings culture. Bryant wrote, “I look for curiosity too, because if you’re curious and thinking about how things work, you’ll fit well in our culture. So I’ll ask about the last book they read, or the book that had the greatest impact on them.” Smith also inquires about jobs or assignments that went well and “ones that went off the tracks. You ask enough questions around those and you can determine whether they’re going to need a huge support team.”

I found these insights by Smith very useful for a compliance practitioner and the hiring and promotion functions in a compliance program. By asking questions about compliance you can not only find out the candidates thoughts on compliance but you will also begin to communicate the importance of such precepts to them in this process. Now further imagine how powerful such a technique could be if a Chief Executive asked such questions around compliance when they were involved in the hiring or promotion process. Talk about setting a tone at the top from the start of someone’s career at that company. But the most important single item I gleaned from Bryant’s interview of Smith was the “Wait for great” phrase. If this were a part of the compliance discussion during promotion or hiring that could lead to having a workforce committed to doing business in the right way.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 12, 2014

Seamus Heaney and Compliance With a Seat at the Table

Seamus Heaney and beowulfI have long been fascinated with the Irish poet Seamus Heaney. I came to know him thought his 1999 translation of Beowulf. While I was aware that he had been awarded the 1995 Nobel Prize for Literature, I did not know his work as an Irish poet. However, this was rectified in a piece in the Times Literary Supplement (TLS), entitled “A stay against confusion – Seamus Heaney and the Ireland of his time”, by Roy Foster. In this piece he reviewed the evolution of Heaney’s poetry through the 1960s and 1990s. Foster believed that Heaney’s work in many ways mimicked the growth that “Irish intellectual as well as social and economic life”. Heaney began as a ‘nuts and bolts’ type of poet and moved to become a Yeatsian figure as the national poet of Ireland.

I thought about that growth and Foster’s article when I considered the question of what happens if you seek for something and then actually get it? For instance, you may have wanted a seat at the C-Suite table as a Chief Compliance Officer (CCO) and now you have one. What happens now, for instance in the situation where you find out that your company has decided to enter a new overseas market with a new product offering? The Chief Executive Officer (CEO) who championed you coming onboard with the big boys (or perhaps big girls) team looks down and says, “We need an analysis from the compliance perspective by the end of the week?” Where do you begin?

Obviously there are some preconditions for success such as your company should have a product that you can make and sell overseas for a profit. Further, you should have the time, money and sophistication to develop an international distribution network and you have the home office infrastructure to support a truly international business. Finally, you should have a senior management with at least an appreciation of compliance challenges in the target, with the personnel, technological solutions and internal training to address and meet these challenges. As you begin to think through this assignment you fall back on the four basic questions of (1) Who will we sell to? (2) What are we going to sell? (3) Where will we sell? (4) How will we sell?

Who will we sell to?

For any anti-corruption analysis you need to begin here as the Foreign Corrupt Practices Act (FCPA) applies to commercial relationships with foreign governments or instrumentalities such as state owned enterprises. Will your end using-direct customers be foreign governments or privately owned companies? What if your customers are distributors or other middlemen who will then sell to foreign governments or state owned enterprises? What about licenses; will you need special permits to sell to a foreign government or state owned enterprise or will you need some type of basic permit simply to transact business? If your company is subject to the UK Bribery Act this public/private distinction does not exist.

What are we going to sell?

What is the product or service you wish to take internationally? I will assume your company has done the market studies to ascertain it is a viable commercial concept. If it a product, is it a complete or partial product? Will you manufacture here in the US and only sell internationally or will you manufacture abroad as well? If it is here in the US, what about spare parts and accessories, will you need to obtain any licenses overseas? What about your technology, will that component require any licenses? If you will manufacture outside the corporate offices in the US, how will you assure quality in your supply chain? Conversely, if you manufacture in the US, do your supplier agreements allow you to resell outside the US?

Where will we sell? 

This question may seem more important for export control issues; however it is also important in the anti-corruption world. Obviously this is because certain geographic areas are more prone to corruption than others. A starting place might be the Transparency International-Corruption Perception Index but you can also use tools such as the recently released TRACE Matrix which provides a much broader assessment of corruption indices and give you additional insight into a fuller panoply of corruption risks in a country. In addition to the basic corruption analysis you need to ascertain whether you can even sell your products in a new country, either because of US export regulations or the end using jurisdictions laws. You should also focus on the business culture of a country and whether it is compatible in doing business in compliance with relevant anti-corruption legislation. This will also help you in your search to find any local business partners. 

How are you going to sell?

This is one of the most important questions you can ask under a FCPA analysis. It is because well over 90% of all FCPA enforcement actions involve third parties. If this is your first international sales effort, your company probably does not have an international based employee sales force. This means you will most probably need in-country partners for your target markets. Some of the most basic sales arrangements for third parties are as follows:

  1. Agent/Sales Representative – This person or entity is an independent third party from the company. Compensation is usually commission based or combined with a periodic fee plus commission. It is generally viewed as the highest risk from the anti-corruption perspective but you will have a direct relationship with the end-using customer.
  2. Distributor/Retailer – This person or entity is an independent third party from the company. Your company will sell to the distributor/retailer who then resells your product. You will have less visibility into the end user and hence a greater export control risk. Consignment is a variation on this model but if you are warehousing you will need to be aware of other US rules such as revenue recognition under US GAAP or local, indigenous rules on storage and warehousing.
  3. Consultant – This is also an independent third party who is paid a periodic fee. The fee can be more easily assessed for an hourly or service based rather than simply a commission based fee structure.

There are some other sales arrangements that you may whish to consider. You can acquire a local business and run it as your own company. Of course if you do so, you may buy all of these liabilities, both known and unknown. You can joint venture with another local company. Here you may have the dual problems of less actual control yet the same amount of potential exposure, particularly under the FCPA if you fail to perform the requisite pre-acquisition due diligence and allow any illegal conduct to continue going forward. You can issue a manufacturing license to an in-country manufacturer and allow them to make and then sell your product using your technology. Finally, you can issue a brand license where you license an existing company to put your brand name on your product manufactured by another entity. Of course if you use any of these types of arrangements you will need to go through a full third party management cycle; consisting of a business justification, questionnaire, due diligence, contract and management thereafter.

From the internal control perspective you will need to make sure you have several key compliance related controls in place. This will include the aforementioned vetting of all customers and third parties; appropriate controls over each transaction, including both quotes and contracts; empowered and non-conflicted employees; and finally training and self-auditing. You will need separate controls over payment terms and payment mechanisms and controls to align shipping and export controls. Finally, do not forget the omnipresent segregation of duties and control over the vendor master file.

Lastly, you should focus on your high-risk points in any of the above. These include your full vetting and management of third parties. You should pay attention as to how you became aware of these third party sales representatives. You will also need to pay attention to your freight forwarders and other export control representatives. You will need to be vigilant going forward for outright bribes paid in either cash or other values such as free products, lavish travel, gifts and entertainment, especially if the travel has no business purpose.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 11, 2014

On Compliance Leadership: From Edward VIII to LeBron James

Will, Kate and LeBronOn this day in 1936 King Edward VIII became the first English monarch to voluntarily abdicate the throne. He chose to abdicate after the British government, public and the Church of England condemned his decision to marry the American divorcée Wallis Warfield Simpson. On the evening of December 11, he gave a radio address in which he explained, “I have found it impossible to carry on the heavy burden of responsibility and to discharge the duties of king, as I would wish to do, without the help and support of the woman I love.” Despite these protestations of love requiring his abdication, recent scholarship has suggested the King was forced out because of his sympathy to Hitler’s Germany. Indeed I recently saw a documentary, which went so far as to say that the King had agreed to re-assume the monarch’s throne if Germany had successfully invaded England. Whatever the reason or reasons, on December 12, 1936 his younger brother, the Duke of York, was proclaimed King George VI. England was certainly better off for it.

I thought about this excellent example of extremely poor leadership and what a Chief Compliance Officer (CCO) or compliance practitioner might be able to learn from it in the context of a couple of articles I recently came across in the Financial Times (FT). The first was by Andrew Hill in his ‘On Management’ column and was entitled “The dangers of a rising C-level for the business environment”. While the focus of the article was on chief executives, I found some of Hill insights also applicable to a CCO. Hill expressed concern about how chief executives embody “the fallacy of infallibility.” He decried that “The corporate world is similarly deluded in thinking that individual chief executives are a wonder drug that can be injected into ailing businesses. It is better to think of companies as systems. They may not work at all without some sort of hierarchy. But they work much better if managers and leaders recognise that they are merely a single, if important, component and that effective procedures and clear designation of individuals’ roles and responsibilities help the whole work smoothly.”

He cited to the example of one un-named chief executive who “said he had just two ways to influence the company: by setting the tone and culture and by “building the machine”.” I would translate this into process. Hill recognized that “Reliance on mechanical process alone is clearly dangerous. It could “induce mindlessness.” Rigorous procedures and training should instead free innovators to take the necessary risks and leaders to react in the right way to inevitable challenges.”

This means that training employees and giving them the tools to succeed should be a more important skill than simply following orders. If you train your business team in the basics of compliance and then provide the right support to them, it can help bake compliance into the DNA of a company. Simply put a top-down compliance program dictated from the corporate office in the US or UK will not be as effective as a CCO or compliance practitioner getting out into the field and getting the business team to view themselves as compliance colleagues and assume responsibility for doing compliance in everyday transactions.

The second article was by psychologist Naomi Shragai and was entitled “Bloated and shrunken egos both prove bad for business”. Shragai began her article with the following observation, “We are rarely the best judge of our own skills and achievements. Even with the best intentions, we tend to overrate or underrate our abilities. Deluding ourselves that we are better than we are boosts our confidence and helps us to recover from setbacks. Identifying faults in others, the company or circumstances is easier on the ego than believing any deficiency lies within. The problem with this attitude is that it is rooted in a misguided belief that there is nothing to learn or correct.” She also described the contradictory when she wrote, “At the opposite end of the continuum are people who underplay their abilities and tend to see the fault in themselves rather than in others. They might overcompensate for what they perceive as deficiencies in themselves by working hard, but, stuck in a cycle of negativity, they generally fail to take responsibility for their own development.”

Shragai suggests dealing with the former is important because in the long run “their behaviour needs to be managed early before it becomes self-reinforcing and harms the business…Let him or her know that you are not judging the person but the work.” For the latter behavior, she suggests, “The underconfident need to take more responsibility for listening to what others are saying by consciously tuning into reality rather than slipping into negative thoughts…Help them to recognise their skills by presenting them with concrete evidence of their accomplishments.”

From these two articles, I synthesized the importance of the process of compliance. The more that you can make compliance about process, the more you can take out the egos, the over-confident and under-confident out of the equation. But it is much more than a process, as it requires training and providing tools to the employee base and those employees on the front lines in high risk countries, areas, products and services so that they can deal with the situations which they might confront.

As a CCO or compliance practitioner, that means you have to get out of the corporate headquarters, put boots on the ground and learn what your business team’s challenges might be going forward. It also means to instruct them specifically on how to deal with situations where they may be faced with requests to pay bribes and the difference between bribes and extortion. If an employee is faced with a danger to his or her health, safety or liberty it is encumbent on you not only explain the difference but also absolutely support them to remedy or rectify the situation. As Hill said in his article, “building the machine” is a key way to influence a company. But once you build that machine, you have to support it and keep it running.

So today I would ask you to reflect on what the abdication of Edward VIII meant for the UK and even up until today with the current monarch, Queen Elizabeth II. You might even consider Prince William and Princess Kate hanging out with LeBron James.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 10, 2014

The Nobel Prize and FCPA Enforcement Going Forward

Nobel Prize MedalOne hundred and 13 years ago on this date, the first Nobel Prizes were awarded in Stockholm, Sweden, in the fields of physics, chemistry, medicine, literature, and peace. The ceremony came on the fifth anniversary of the death of Alfred Nobel, the Swedish inventor of dynamite and other high explosives. In his will, Nobel directed that the bulk of his vast fortune be placed in a fund in which the interest would be “annually distributed in the form of prizes to those who, during the preceding year, shall have conferred the greatest benefit on mankind.” Although Nobel offered no public reason for his creation of the prizes, it is widely believed that he did so out of moral regret over the increasingly lethal uses of his inventions in war. The Royal Swedish Academy of Sciences decides the prizes in physics, chemistry, and economic science; the Swedish Royal Caroline Medico-Surgical Institute determines the physiology or medicine award; the Swedish Academy chooses literature; and a committee elected by the Norwegian parliament awards the peace prize. The Nobel Prizes are still presented annually on December 10, the anniversary of Nobel’s death. Each Nobel Prize carries a cash prize of nearly $1,400,000 and recipients also received a gold medal, as is the tradition.

Just as important in the area of anti-corruption and anti-bribery is the Organization for Economic Development and Cooperation (OECD). Earlier this month the OECD issued a report entitled “Foreign Bribery Report-An Analysis of the Crime of Bribery of Foreign Public Officials”. To say the findings were eye opening, if not disheartening, would be to put it mildly. As reported by Shawn Donnan in the Financial Times (FT), in an article entitled “Big companies blamed for most of the world’s bribery cases”, he said that “Large companies and their senior managers are responsible for the vast majority of the world’s bribery cases and are giving up a third of their profits from related projects to corrupt officials”. Donnan summarized the reports key findings as follows:

  • Companies with more than 250 employees accounted for 60 per cent of the cases of corruption studied. In 31 per cent of the cases the companies brought the bribes to the attention of authorities themselves. In just 2 per cent of the cases were whistleblowers involved.
  • The cost of bribes averaged 10.9 per cent of the value of the related transaction and 34.5 per cent of the profits. The largest bribes paid in a single case were worth $1.4bn. The smallest were valued at just $13.17.
  • A majority of the bribery cases involved company executives. Managers were involved in 41 per cent of the cases. A further 12 per cent involved the president or chief executive officer of a company.
  • Corruption is not just a poor world phenomenon. Almost half the cases studied involved bribery of public officials from countries with “high” or “very high” levels of human development.
  • The number of bribery cases brought around the world has grown substantially since 1999 but has fallen in the past two years after reaching a peak of 68 annually in 2010. Moreover, the time needed to prosecute cases has risen substantially from an average of 2 years in 2003 to 7.3 years in 2013.
  • Executives at state-owned companies accounted were the target of almost three in 10 bribes while customs officials accounted for just 11 per cent. Almost 60 per cent of the bribes were paid in order to obtain government contracts.
  • More than two-thirds of all sanctions levied were the result of legal settlements rather than convictions. In almost half the cases studied the fines levied were worth less than 50 per cent of the profits made by defendants as a result of the bribe.
  • Oil and mining companies on average paid bribes worth 21 per cent of the value of projects whereas those involved in the education sector or in water supply paid just 2 per cent.

I thought about the implications of these key findings in the context of Foreign Corrupt Practices Act (FCPA) enforcement going forward. At the 2014 Securities Enforcement Forum, held in October of this year, Jesse Eisenger reporting in the New York Times (NYT) DealB%k column, in an article entitled “In Turnabout, Former Top Regulators Assail Wall Street Watchdogs”, noted that white-collar defense lawyer Brad S. Karp, the chairman of Paul, Weiss, discussed some of the defense tactics that he uses when the government comes knocking against banks. “First, he pushes to move the charges to a subsidiary. Second, he tries to lower the charge. Third, he said, he focuses “on the powerful individuals in an organization” meaning that lawyers need to put top management first as they prepare a defense.”

Now consider those tactics in the context of the OECD report. Where do you think that the Department of Justice (DOJ) or Securities and Exchange Commission (SEC) might look if they wanted to beef up enforcement? I ask this question because of a second article, which got my attention this week. In the Wall Street Journal (WSJ), Joel Schectman wrote a piece based upon in interview with University of Virginia School of Law professor Brandon Garrett, entitled “Professor Says Corporate Penalties Aren’t Working”. Schectman wrote, “many critics have said the government is still fighting companies with kid gloves.” Garrett delivered some direct criticisms when he was quoted as follows:

Of course, companies, like children, can’t go to jail. You can fine them, but the fines might not affect the right person. There is much more focus on rehabilitation compared with other areas of the criminal justice system. 

What you can do with companies is supervise them strictly, not through the lenient means they are using. People would be really troubled if the most serious individual offenders were let out and told to just behave for a couple years without supervision. And that is what’s happening with companies. In cases that are not plea bargains, there is no probation, there is no court supervision of probation, and with these deferred and non-prosecution agreements, most of them are not even supervised by an independent monitor. Only a quarter get monitorships. 

Most companies don’t have to audit their compliance to validate whether it’s working or not. Obviously a prosecutor is not in any position to obtain a sense of whether a big multinational company is complying with anything. Even a monitor needs a big international team working for them onsite to look at documents and interview employees.

Garrett does not seem to favor the DOJ going to trial but does believe that by getting a criminal plea in front of a court, the DOJ could use the resources and power of a federal court to deal with recidivists. Moreover, he believes that rehabilitation should be more rigorous and stated, “And if prosecutors aren’t getting anything more than the company’s assurance that it will do a systemic fix, that should leave us uneasy. We are starting to see recidivist banks and it’s looking like this compliance stuff isn’t working. A monitor isn’t a cure-all either. There are concerns about how a monitor is appointed. Do some of them go over budget without doing good work? But having someone independent seems a much better way to supervise compliance than rely on the company’s own assurance.”

What does all this mean for FCPA enforcement going forward? On the one hand you have the OECD saying the myth of the rogue employee is simply that, a myth. Corporations are intentionally violating anti-corruption laws such as the FCPA or certainly are aware of the conduct. Couple that with Garrett’s concerns that companies are getting off too easily and you may have a storm of more severe and stringent FCPA enforcement coming out of the DOJ and SEC. It may mean more and greater fines and penalties. It may mean greater use of external monitors who have unlimited budgets. It may mean more court supervision and interpretation of what compliance programs a company may implement going forward. It may mean longer and more thorough investigations as the DOJ and SEC strive to ascertain as much as they can that companies are remediating not only during the pendency of their investigations and enforcement actions but continue to do so while they are under resolution agreements such as Deferred Prosecution Agreements (DPAs) and Non-Prosecution Agreements (NPAs).

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 9, 2014

Bobby Keys, the Rolling Stones and Establishing Trust

Bobby KeysBobby Keys died last week. What you probably did not know was that Keys was a Texan so we get to claim him. He was the saxophonist for the Rolling Stones and a number of other serious rockers. As Bruce Weber wrote in his New York Times (NYT) obituary, entitled “Bobby Keys, Hard-Living Saxophonist for Rolling Stones, Dies at 70, Keys “was a rock ’n’ roller in every sense of the term. Born (almost literally) in the shadow of Buddy Holly, he was a lifelong devotee and practitioner of music with a driving pulse and a hard-living, semi-law-abiding participant in the late-night, sex-booze-and-drug-flavored world of musical celebrity.”

But Keys was far more than just another rock and roll party animal. He “recorded with a Who’s Who of rock including Chuck Berry, Eric Clapton, John Lennon, George Harrison, Carly Simon, Country Joe and the Fish, Harry Nilsson, Joe Cocker and Sheryl Crow. He toured with Delaney and Bonnie and was recording with them in 1969”. For me his most famous work was with the Stones and his soaring sax solo in Brown Sugar. He worked on the albums “Sticky Fingers, Exile on Main Street, Goats Head Soup and Emotional Rescue”. He also joined the Stones for “almost a dozen tours over more than 30 years.” I was lucky enough to see Keys play with the Stones on their farewell tour last spring. Most interestingly he felt an instant kinship with Keith Richards, about an un-Texan a person as one can imagine.

I thought about Keys, both his life and his relationship with Keith Richards, when I read a couple of recent articles in the Financial Times (FT). The first one was by Luke Johnson and entitled “Trust can seem risky – but its absence is far more perilous.” Johnson said, “For commercial life to function at all, there has to be a general assumption of trust – that partners, staff, suppliers, customers and the authorities will do the right thing by each other. It is impossible to verify every transaction, and check each task: delegation is essential for all operations of scale. Those who are suspicious of everyone have to limit their ambitions, because they assume deceit is endemic. Such a pessimistic approach is a sorry and unprofitable state of human affairs. As Samuel Johnson said: “It is . . . happier to be sometimes cheated than not to trust.””

Trust is certainly important but as President Reagan noted, “Trust but verify”. In a Foreign Corrupt Practices Act (FCPA) or UK Bribery Act anti-corruption compliance program, this means that you need to obtain a full battery of information about any third party with which you might be doing business. Obviously performing due diligence is a well recognized step for any third party management protocol under the FCPA but with certain data and privacy restrictions coming out of locations as diverse as China and the EU, it may be the situation that you cannot perform full due diligence on third parties you may wish to do business with or through.

I have previously written extensively about the need for the management of the third party relationship after the contract is signed. However there are other steps that you can use to help in this process. These include steps one and two, which are the Business Justification and the Questionnaire. Viewed from another angle, they can provide further internal controls to your anti-corruption compliance program.

I believe it should be common sense that you have a business justification to hire or use a third party but it is also an important financial control. If that third party is in the sales chain of your international business it is important to understand why you need to have this particular third party represent your company. This concept is enshrined in the FCPA Guidance, which says, “companies should have an understanding of the business rationale for including the third party in the transaction. Among other things, the company should understand the role of and need for the third party and ensure that the contract terms specifically describe the ser­vices to be performed.” Conversely, if a business representative cannot articulate a reason why you should have a new or another third party representative, your company probably does not need that third party.

The Questionnaire fills several key roles in your overall management of third parties. Obviously it provides key information that you need to know about who you are doing business with and whether they have the capabilities to fulfill your commercial needs. Just as importantly is what is said if the questionnaire is not completed or is only partially completed, such as the lack of awareness of the FCPA, UK Bribery Act or anti-corruption/anti-bribery programs generally. The information provided (or not provided) in the questionnaire will assist you in determining what level of due diligence to perform. But the final requirement of your questionnaire provides an important internal control. It is one of the most basic controls and is what internal control expert Henry Mixon calls the ‘stop and think control’. Your Questionnaire should require a signature that all of the information included is true and correct. It is something else under the ‘pains and penalties for perjury’ but nonetheless it should give anyone signing it outside the United States pause before the put their name on the line.

In his article Johnson ends with the following, “Confidence in the other party is the magic ingredient that empowers an entrepreneurial business to succeed. An absence of trust leads to paralysis. Straight dealing, accountability and transparency are much more about truth and candour than box-ticking and an obsession with regulations. Any partner can betray you and stay within the law if they are assiduous and devious enough. Integrity in your working relationships consists of a broader understanding than the letter of the law. In the end, all that any entrepreneur can do is obey their gut instinct and, perhaps, to follow the example of Charlie Munger, vice-chairman of Berkshire Hathaway and Warren Buffett’s partner, who said: “By the standards of the rest of the world, we overtrust. So far it has worked very well for us”.”

Even if you cannot perform the level of due diligence that you might otherwise like to do because of country or regional regulations, you can still talk to your prospective third party business partner. This can go quite a long way in you determining whether you can trust them. You can visit them in their office to get a better feel for the size of their operations. In addition to talking with the principals of the third party, you can visit with the employees who will work on your account, if it they are different from the principals of the organization.

Just as Bobby Keys and the Rolling Stones had an ultimate level of trust that lasted well over 40 years, you can learn to develop one with your third parties. And just as such trust is absolutely key in making great music, it is also required to make any successful business relationship.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 8, 2014

DPAs and NPAs – Powerful Tools in the Fight Against Corruption

ToolAs readers of this blog know the FCPA Professor and I usually look at the same Foreign Corrupt Practices Act (FCPA) enforcement action, item or remark and see different things. Sometimes we even hear the same thing and come away with different interpretations. Last week, we experienced yet another instance of the former where we both looked at the same article, that being one in Global Investigations Review entitled “Caldwell: settlement a “more powerful tool” than convictions” by Rahul Rose, yet came away with different interpretations. After some to-ing and fro-ing, we decided that we would both post our interpretations on the same day. So with a nod to Dan Fogelberg and Tim Weisberg, today we have the first twin posts from different bloggers dual- blog posts. Since we agreed to write our respective posts without seeing the other’s post and hence could not comment on each other’s post, I urge that after you finish reading my blog today, you click on over to the FCPA Professor’s site and see what his thoughts on Caldwell’s remarks might be.

The specific remarks we want to focus on were apparently made by during the Q&A session of Assistant Attorney General Leslie R. Caldwell who spoke at the Launch of the Organization for Economic Co-operation and Development Foreign Bribery Report, note these remarks were not found in the printed remarks of the speech on the Department of Justice (DOJ) website. In her Q&A, Rose reported the following, “Caldwell told the audience in Paris: “Companies cannot be sent to jail, so all a court can do is say you will pay ‘x’. We can say: ‘you will also have a monitor and will do all sorts of other things for the next five years, and if you don’t do them for the next five years then you can still be prosecuted’.” [And for the money shot] “In the United States system at least it is a more powerful tool than actually going to trial,” she said.”

It turns out that I have been thinking along these lines as well. The debate over the usefulness of Deferred Prosecution Agreement (DPAs) and Non-Prosecution Agreements (NPAs) has been long attended. Yet there are a couple of key reasons that DPAs and NPAs are such powerful tools in the fight against anti-corruption and anti-bribery which I do not believe have been fully articulated or explored. The first is that by settling, the DOJ (and Securities and Exchange Commission [SEC]) will have the ability to monitor the company going forward. This process began under the practice of formally appointing a corporate monitor nominated by the company in the throes of the enforcement action and who would be agreed to by the DOJ. This practice is generally referred to as a company having mandatory monitor.

While this specific practice received a fair amount of criticism from a variety of sources, the basic concept was sound. That concept was that a neutral third party would review a company’s compliance with the terms and conditions of a DPA or NPA and report to the DOJ at intervals generally no shorter than annually. This would give the DOJ eyes and ears into a company to oversee its adherence to the terms of the settlement. But what information did Caldwell convey in her statement as to why she thinks settlements are such a powerful tool? I read three pieces of information her statement about why FCPA settlements are such powerful tools.

‘Do All Sorts of Other Things’

Under this prong a settling defendant is required to do “all sorts of other things.” We know from the DPAs and NPAs relating to FCPA enforcement over the past several years, the minimum that a company will be required to institute is a best practices anti-corruption compliance program. While the FCPA Guidance specifies ten hallmarks of an effective compliance program, the DPAs and NPAs have had between 9 to 16 items listed in the best practices anti-corruption compliance programs that settling companies’ have agreed to institute. If the DOJ went to trial and secured a conviction the company would not have to put such a compliance program in place but only pay a fine or some other monetary penalty. Further, by requiring such a best practices anti-corruption compliance program in such a public manner, through a publicly filed DPA or NPA, the DOJ can communicate its current thinking on what it believes constitutes such a program. This provides valuable information to the compliance practitioner going forward and I believe completely disabuses the argument that companies cannot know what their obligations might be to comply with the FCPA or that companies do not know what the DOJ expects from them in the area of a FCPA compliance regime.

‘You will also have a monitor’

David E. Matyas and Lynn Shapiro Snyder
from the law firm of Epstein Becker & Green P.C., described the duties of a corporate monitor in their article entitled, “Monitoring the Monitor? The Need for Further Guidance Governing Corporate Monitors Under Pre-Trial Diversion Agreements”. The monitor would meet with “the company’s board and employees. A monitor then develops a work plan which defines the scope, access, and power the monitor will have over the company. The monitor’s work involves frequent visits to the company (including possible on-site accommodations) and broad access to company documents and meetings. The monitor should be knowledgeable about the regulatory aspects of the company’s operations, but that is not necessarily a criterion for selection of the monitor. Indeed, a monitor can hire others to assist in his or her responsibilities at the company’s expense. The monitor files periodic reports with the U.S. Attorney’s Office and makes visits with that office as well as with the company. At the conclusion of a monitor’s term – often 24-36 months – the monitor files a final report that details the activities accomplished and whether the company complied with all the terms of the agreement.”

So the monitor provides the DOJ with continued insight into what the company is doing to satisfy its settlement obligations around the implementation of its compliance program. If the DOJ has high confidence that the company has and will continue to put significant resources and efforts into its compliance program, it may agree to a voluntary monitor, as we have seen with the Parker Drilling and Hewlett-Packard (HP) DPAs. If the DOJ does not have such confidence, it may require a monitor for the length of the DPA, such as we saw in the Total DPA, which was three years. The DOJ may also take an interim position on the mandatory or voluntary nature of the monitor by allowing a company to end a mandatory monitorship half-way through the pendency of a DPA as it did with the Weatherford DPA, which allowed the mandatory monitorship to end at the 18 month mark of a three year DPA, if certain criteria were met.

‘You can still be prosecuted’ 

This final point is not to be underestimated. Once again if a company is found guilty at trial, a fine and/or penalty will be assessed and payment is the end of it. While it still may be under enhanced scrutiny, it will not have the affirmative obligation to report any FCPA violations going forward, nor will it bear potential liability and prosecution for failure to implement the terms and conditions of the DPA or NPA. Indeed, the company will agree to be prosecuted if there is another violation or it fails to implement as agreed to.

So by using DPAs and NPAs as settlement tools, I believe that the DOJ is able to impact on an ongoing basis, for two to three years, the compliance program of a settling company. This continued oversight usually translates into greater enthusiasm by a settling company to get compliance right so that it does not have to go through the full FCPA investigation and enforcement process. Of course there will always be recalcitrant companies such as Marubeni Corporation, which do not take the agreed to compliance obligations seriously going forward. When they get into trouble as recidivists, the second penalty is usually much higher. But there is also benefit to the compliance practitioner and greater compliance community because the DOJ communicates its expectations in these DPAs and NPAs. So they also work as powerful communication tools. Finally, by requiring a third party to act as the monitor, whether voluntary or mandatory, the DOJ can get some independent insight into what a company is doing compliance-wise.

Not knowing what the Professor has said, I have not tried to anticipate his arguments or rebut them directly. Nonetheless, I have tried to articulate why I agree with Ms. Caldwell’s remarks and why I continue to find the DOJ’s use of DPAs and NPAs as settlement tools a powerful weapon in the fight against bribery and corruption. I also hope that you will find favor with this exercise that the FCPA Professor and I have engaged in because we both believe that ongoing debate over FCPA enforcement is worthwhile for the compliance practitioner and necessary for the long-term success of compliance moving forward.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

Next Page »

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 4,879 other followers