FCPA Compliance and Ethics Blog

July 31, 2014

Lessons Learned from the Beautiful Game: Compliance, FIFA and the World Cup

World Cup e-BookThe 2014 World Cup is over and in the books. It was a great tournament for probably everyone across the globe but the host nation of Brazil. While there are many lessons to be learned from this event, the lead up to and events of this year’s World Cup provide some interesting insights for the compliance practitioner. I have collected some of my writings on FIFA, the World Cup and the world of the ‘Beautiful Game’ in one volume, entitled, “Lessons Learned from the Beautiful Game: Compliance, FIFA and the World Cup”. It is now out and available from amazon.com in Kindle e-reader format.

In this short volume I take a look at some for the following topics.

  • FIFA and its selection process for the 2022 World Cup in Qatar.
  • Performing due diligence and World Cup bids.
  • Referee Professionalism as an anti-corruption tool
  • What are some of the consequences for failure to set a proper tone-at-the-top.
  • Leadership lessons from managers of some of the world’s top soccer clubs.
  • Lessons learned from both compliance successes and failures.

I am sure that you will find this e-Book gives you some ideas for your anti-corruption compliance program, no matter which FIFA country you might practice compliance in. Finally, you cannot beat the price, as it is only $3.99. You can order a copy by going to amazon.com or by simply clicking here.

July 25, 2014

Code of Conduct, Compliance Policies and Procedures-Part IV

Policies and ProceduresThis is the fourth and final installment of my series on the the importance of a Code of Conduct and anti-corruption compliance policies and procedures in your compliance program and how you should go about drafting or updating Code of Conduct and anti-corruption compliance policies and procedures. On Tuesday, I reviewed the underlying legal and statutory basis for the documents as a foundation of your overall anti-corruption regime. In subsequent posts, I looked at how to go about drafting your Code of Conduct and anti-corruption compliance policies and procedures. Today, I will end the series on how to keep all of the above vibrant and dynamic through a discussion of how to assess, review and revise them and your Code of Conduct on a timely basis.

Simply having a Code of Conduct, together with policies and procedures is not enough. As articulated by former Assistant Attorney General, for the Criminal Division of the US Department of Justice, Lanny Breuer, “Your compliance program is a living entity; it should be constantly evolving.” In an article in the SCCE Magazine, entitled “Six steps for revising your company’s Code of Conduct”, authors Anne Marie Logarta and Ruth Ward suggest considering the following issues before you take on an update of your Code of Conduct.

  • When was the last time your Code of Conduct was released or revised?
  • Have there been changes to your company’s internal policies since the last revision?
  • Have there been changes to relevant laws relating to a topic covered in your company’s Code of Conduct?
  • Are any of the guidelines outdated?
  • Is there a budget to create/revise a Code?

After considering these issues, the authors suggest that you should benchmark your current Code of Conduct against others companies in your industry. I would also add that your standards, policies and procedures should be reviewed and updated in the same manner. If you decide to move forward the authors have a six-point guide which they believe will assist you in making your revision process successful, which I have used as a basis to include revisions to your compliance policies and procedures.

  1. Get buy-in from decision makers at the highest level of the company 

The authors believe that your company’s highest level must give the mandate for a revision to a Code of Conduct and compliance polices and procedures. It should be the Chief Executive Officer (CEO), General Counsel (GC) or Chief Compliance Officer (CCO), or better yet all three to mandate this effort. Whoever gives the mandate, this person should be “consulted at every major step of the Code review process if it involves a change in the direction of key policies.”

  1. Establish a core revision committee 

You should have a cross-functional working group would be ideal to head up your effort to revise your Code of Conduct and compliance polices and procedures. This group should include representatives from the following departments: legal, compliance, communications, HR; there should also be other functions which represent the company’s domestic and international business units; finally there should be functions within the company represented such as finance and accounting, IT, marketing and sales.

From this large group, the topics can be assigned for initial drafting to functions based on “relevancy or necessity”. These different functions would also solicit feedback from their functional peers and deliver a final, proposed draft to the Drafting Committee. The authors emphasize that creation of a “timeline at the outset of the revision is critical and hold the function representatives accountable for meeting their deliverables.”

  1. Conduct a thorough technology assessment 

The cornerstone of the revision process is how your company captures, collaborates and preserves “all of the comments, notes, edits and decisions during the entire project.” They believe that technology such as SharePoint or Google Cloud can be of great assistance to accomplish this process even if you are required to train team members on their use.

In addition to this use of technology in drafting your Code of Conduct and compliance polices and procedures revisions, you should determine if they will be available in hard copy, online or both. If it will be available online, you should assess “the best application to launch your Code and whether it includes a certification process”. Lastly, there must be a distribution plan, particularly if the Code and compliance polices and procedures will only be available in hard copy.

  1. Determine translations and localizations 

The authors emphasize, “If your company does business internationally, then this step is vital to ensure you have one Code, no matter the language.” They do note that if you decide to translate your Code of Conduct be sure and hire someone who is an “approved company translation subject matter expert.” Here I would simply say to contact Jay Rosen at Merrill Brink, as those guys are the one of the top Language Service Providers and know what they are doing when it comes to translations. The key is that “your employees have the same understanding of the company’s Code-no matter the language.” 

  1. Develop a plan to communicate the Code of Conduct 

A rollout is always critical because it “is important that the new or revised Code is communicated in a manner that encourages employees to review and use the Code on an ongoing basis.” Your company should use the full panoply of tools available to it to publicize your new or revised Code of Conduct and compliance polices and procedures. This can include a multi-media approach or physically handing out a copy to all employees at a designated time. You might consider having a company-wide Code of Conduct and compliance polices and procedures meeting where the new or revised documents are rolled out across the company all in one day. But remember, with all thing compliance; the three most important aspects are ‘Document, Document and Document’. However you deliver the new or revised Code of Conduct, you must document that each employee receives it.

6.   Stay on Target 

The authors end by noting that if you set realistic expectations you should be able to stay on deadline and stay within your budget. They state that “You want to set aside enough time so that you won’t feel rushed or in a hurry to get it done.” They also reiterate that to keep a close watch on your budget so that you do not exceed it.

These points are a useful guide to not only thinking through how to determine if your Code of Conduct, and compliance policies and procedure needs updating, but also practical steps on how to tackle the problem. If it has been more than five years since it was last updated, you should begin the process that the authors have laid out. It is far better to review and update if appropriate than wait for a massive FCPA investigation to go through the process.

There are numerous reasons to put some serious work into your Code of Conduct, policies and procedure. They are certainly a first line of defense when the government comes knocking. The FCPA Guidance makes clear that “Whether a company has policies and procedures that outline responsibilities for compliance within the company, detail proper internal controls, auditing practices, and documentation policies, and set forth disciplinary procedures will also be considered by DOJ and SEC.” And by considered, I think it is clear that this means the regulators will take a strong view against a company that does not have well thought out and articulated policies, procedures or Code of Conduct; all of which are systematically reviewed and updated. Moreover, as Allen emphasized, “having policies written out and signed by employees provides what some consider the most vital layer of communication.” Together with a signed acknowledgement, these documents can serve as evidentiary support if a future issue arises. In other words, the ‘Document, Document and Document’ mantra applies just as strongly to this area of anti-corruption compliance.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

July 22, 2014

Code of Conduct, Compliance Policies and Procedures-Part I

Policies and ProceduresFor the remainder of this week, I will have a four-part episode on your Code of Conduct and anti-corruption compliance policies and procedures. In today’s post I will review the underlying legal and statutory basis for the documents as a foundation of your overall anti-corruption regime. In subsequent posts, I will review how to go about drafting your Code of Conduct and anti-corruption compliance policies and procedures and how to assess, review and revise them on a timely basis.

The cornerstone of a US Foreign Corrupt Practice Act (FCPA) compliance program is its written protocols. This includes a Code of Conduct, policies and procedures. These requirements have long been memorialized in the US Federal Sentencing Guidelines (FSG), which contain seven basic compliance elements that can be tailored to fit the needs and financial realities of any given organization. From these seven compliance elements the Department of Justice (DOJ) has crafted its minimum best practices compliance program, which is now attached to every Deferred Prosecution Agreement (DPA) and Non-Prosecution Agreement (NPA). These requirements were incorporated into the 2012 FCPA Guidance. The FSG assumes that every effective compliance and ethics program begins with a written standard of conduct; i.e. a Code of Conduct. What should be in this “written standard of conduct? The starting point, as per the FSG, reads as follows:

Element 1

Standards of Conduct, Policies and Procedures (a Code of Conduct)An organization should have an established set of compliance standards and procedures. These standards should not be a “paper only” document, but a living document that promotes organizational culture that encourages “ethical conduct” and a commitment to compliance with applicable regulations and laws. 

In the FCPA Guidance, the DOJ and Securities and Exchange Commission (SEC) state, “A company’s code of conduct is often the foundation upon which an effective compliance program is built. As DOJ has repeatedly noted in its charging documents, the most effective codes are clear, concise, and accessible to all employees and to those conducting business on the company’s behalf.” Indeed, it would be difficult to effectively implement a compliance program if it was not available in the local language so that employees in foreign subsidiaries can access and understand it. When assessing a compliance program, DOJ and SEC will review whether the company chapter has taken steps to make certain that the code of conduct remains current and effective and whether a company has periodically reviewed and updated its code.”

In each DPA and NPA over the past 36 months the DOJ has said the following as item No. 1 for a minimum best practices compliance program.

  1. Code of Conduct. A Company should develop and promulgate a clearly articulated and visible corporate policy against violations of the FCPA, including its anti-bribery, books and records, and internal controls provisions, and other applicable foreign law counterparts (collectively, the “anti-corruption laws”), which policy shall be memorialized in a written compliance code. 

Stephen Martin and Paul McNulty, partners in the law firm of Baker and McKenzie, developed one of the best formulations that I have seen of these requirements in their Five Elements of an Effective Compliance Program. In this formulation, they posit that your Code of Conduct, policies and procedures should be grouped under the general classification of ‘Standards and Procedure’. They articulate that every company has three levels of standards and controls. First, every company should have a Code of Conduct, which should, most generally express its ethical principles. But simply having a Code of Conduct is not enough. So a second step mandates that very company should have standards and policies in place that build upon the foundation of the Code of Conduct and articulate Code-based policies, which should cover such issues as bribery, corruption and accounting practices. From the base of a Code of Conduct and standards and policies, every company should then ensure that enabling procedures are implemented to confirm those policies are implemented, followed and enforced.

FCPA compliance best practices now require companies to have additional standards and controls, including, for example, detailed due diligence protocols for screening third-party business partners for criminal backgrounds, financial stability and improper associations with government agencies. Ultimately, the purpose of establishing effective standards and controls is to demonstrate that your compliance program is more than just words on a piece of paper.

In an article in the Society for Corporate Compliance and Ethics (SCCE) Complete Compliance and Ethics Manual, 2nd Ed., entitled “Essential Elements of an Effective Ethics and Compliance Program”, authors Debbie Troklus, Greg Warner and Emma Wollschlager Schwartz, state that your company’s Code of Conduct “should demonstrate a complete ethical attitude and your organization’s “system-wide” emphasis on compliance and ethics with all applicable laws and regulations.” Your Code of Conduct must be aimed at all employees and all representatives of the organization, not just those most actively involved in known compliance and ethics issues. From the board of directors to volunteers, the authors believe that “everyone must receive, read, understand, and agree to abide by the standards of the Code of Conduct.” This would also include all “management, vendors, suppliers, and independent contractors, which are frequently overlooked groups.”

There are several purposes identified by the authors which should be communicated in your Code of Conduct. Of course the overriding goal is for all employees to follow what is required of them under the Code of Conduct. You can do this by communicating what is required of them, to provide a process for proper decision-making and then to require that all persons subject to the Code of Conduct put these standards into everyday business practice. Such actions are some of your best evidence that your company “upholds and supports proper compliance conduct.”

The substance of your Code of Conduct should be tailored to the company’s culture, and to its industry and corporate identity. It should provide a mechanism by which employees who are trying to do the right thing in the compliance and business ethics arena can do so. The Code of Conduct can be used as a basis for employee review and evaluation. It should certainly be invoked if there is a violation. To that end, suggest that your company’s disciplinary procedures be stated in the Code of Conduct. These would include all forms of disciplines, up to and including dismissal, for serious violations of the Code of Conduct. Further, your company’s Code of Conduct should emphasize it will comply with all applicable laws and regulations, wherever it does business. The Code needs to be written in plain English and translated into other languages as necessary so that all applicable persons can understand it.

As I often say, the three most important things about your FCPA compliance program are ‘Document, Document and Document’. The same is true of communicating your company’s Code of Conduct. You need to do more than simply put it on your website and tell folks it is there, available and that they should read it. You need to document that all employees, or anyone else that your Code of Conduct is applicable to, has received, read, and understands the Code. For employees, it is important that a representative of the Compliance Department, or other qualified trainer, explains the standards set forth in your Code of Conduct and answers any questions that an employee may have. Your company’s employees need to attest in writing that they have received, read, and understood the Code of Conduct and this attestation must be retained and updated as appropriate.

The DOJ expects each company to begin its compliance program with a very public and very robust Code of Conduct. If your company does not have one, you need to implement one forthwith. If your company has not reviewed or assessed your Code of Conduct for five years, I would suggest that you do in short order as much has changed in the compliance world.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

July 21, 2014

World Cup Finale – Compliance Lessons to be learned from Success and Failure

World Cup 2014Over the past few weeks, I have written several articles on the lessons a compliance practitioner can draw from this year’s World Cup and the international group which runs the event, the Fédération Internationale de Football Association or more commonly know as FIFA. Over on my podcast site, the FCPA Compliance and Ethics Report, Mike Brown, the Managing Director of Infortal and myself have just concluded a 7 part World Cup Report, where we discussed issues surrounded FIFA and this year’s World Cup in the context of anti-corruption programs. Whatever else FIFA may be, it is certainly is a compliance practitioner’s dream for lessons learned on bribery and corruption.

The 2014 championship is over and Germany came through this year’s tournament as the clear victors. Over the past couple of weeks, I was lucky enough to see the current Queen/Adam Lambert Tour. They ended both concerts with We Are the Champions and I could not but help think of the German soccer team and indeed the entire German country, winning its first World Cup title since unification. And, of course, any discussion of Germany, its title and this year’s World Cup will have to include is absolute destruction of the Brazilian team and the hearts of the host country with its 7-1 uber-win in the Semi-Finals. How long will that game be remembered? My guess is as long as soccer is played.

While Argentina did have its shots at Germany in the finals, in order to win they were required to play a near perfect game, which, unfortunately for the team and the country, it failed to do in the finals. Does this mean that Messi is not the greatest player in the game today? I really do not know but I still love watching him play and that is good enough for me.

From all of this, the lessons for the compliance practitioner can be many but I wanted to focus on two leadership lessons: What can you learn from failure? and What can your learn from success? Losing first. In an article in this week’s issue of Sports Illustrated, entitled “And Then There was Ein”, Grant Wahl wrote about how Germany turned its national soccer program around from one of its most devastating performances in Euro 2000 where it finished last in its group and did not win a single match in the tournament. From that nadir, “the national federation teamed up with German clubs to overhaul the country’s youth development.” Players from this development program were instrumental in leading the 2014 German team to the 2014 World Cup win. In other words, the German soccer federation learned from its past mistakes and grew a team that became champions.

Contrast this lesson with Wahl’s take on Brazil. He quoted Alex Bellos who said the following, “What does it mean to be the five-time champion if you let in four goals in six minutes?… The world’s biggest footballing country hosting a World Cup, in front of their own fans, and were made to look like they couldn’t play football. And against a team that was playing with artistry and sophistication and happiness, all the thing that Brazil is supposed to play with. You couldn’t have devised a more devastating epitaph for the Beautiful Game.” Bellos went on to say, “Brazil’s week from hell revealed a nation satisfied with resting on past soccer achievements and unwilling to seek new ideas abroad.”

Just as lessons can be learned from failure they can also be learned from success. In this week’s Corner Office section in the New York Times (NYT), Adam Bryant profiled Kat Cole, the President of Cinnabon, in an article entitled “Questioning Success More Than Failure”. While thinking about Germany’s success in the World Cup I was intrigued when Bryant quoted Cole for the following, “I’ve learned to question success a lot more than failure. I’ll ask more questions when sales are up than I do when they’re down. I ask more questions when things seem to be moving smoothly, because I’m thinking: “There’s got to be something I don’t know. There’s always something.” This approach means that people don’t feel beat up for failing, but they should feel very concerned if they don’t understand why they’re successful. I made mistakes over the years that taught me to ask those questions.”

Both of these perspectives can be very useful for the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act compliance practitioner. Just as it is axiom that your compliance program should not be static but dynamic and evolving, what are you learning from your compliance failures and compliance successes? Most lawyers and compliance practitioners can review root cause/analyses to help determine how a compliance failure might have arisen. But how many are looking at your compliance successes. By this I do not mean celebrating your compliance successes but performing the same type of root cause/analyses to determine how a fact pattern arose but was prevented from becoming a full-blown FCPA violation. If something came in through the hotline, did you interview the whistleblower about what caused them to have confidence to report in that manner? Did you look at the training delivered to the whistleblowing employee? How about their supervisor? Did you interview that supervisor to see how he or she got the message out to not only use the hotline but stress the message of no retaliation?

In her interview Cole put it another way when she said, “I learned to make sure I take the full authority of my role. When I haven’t, I knew it immediately. And so I keep a keen eye out for whether my young leaders are forgoing an opportunity to lead. Their intentions might be right but the action and outcome are wrong. I remind people that they were hired for their point of view: “I want 100 percent of your brain 100 percent of the time, and there is a respectful way to communicate and disagree. Please do not hold back, because I want 100 percent of my investment in you.””

For the compliance practitioner, I found Cole’s insights useful in other areas. Although given in the context of ambitious employees who might want to succeed at Cinnabon, I found them to be useful in compliance as well. “First, I talk about being incredibly coachable, because we all give each other feedback. If you want to move up, you’ve got to get as many inputs as possible to continue to develop. Second, take your development into your own hands and be curious about the entire company. If there’s something you want to learn, go learn it. The structure here is like a start-up. Then I talk about productive achievers and destructive achievers, and that I only promote and support productive achievers. And that’s about mentoring and helping others while you are delivering results.

Germany is the new king of the soccer world. Long live the King, at least until the next World Cup. The lessons that Germany took to heart in the wake of its disaster in Euro 2000 directly led to it hoisting the trophy this year. Conversely, Brazil rested on its considerable laurels and now must live with the ignominy of a 7-1 shellacking, probably for the rest of the country’s collective memory. For a compliance program to be effective it must evolve. As Wahl’s Sports Illustrated article makes clear, lessons can be learned and evolution made from failure. However, as Bryant’s Corner Office article interview of Cole makes clear as well, lessons can be learned from successes as well.

Perhaps that is the final lesson from the 2014 World Cup…

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

June 26, 2014

Coolness in Being the Bad Guy? Eli Wallach and GSK

Eli WallachEli Wallach died Tuesday. For my money, he was about the coolest bad guy out there. Not tough like Lee Marvin, just cool. My favorite Wallach roles were as Calvera in The Magnificent Seven and as Tuco in The Good, The Bad and The Ugly. An early proponent of method acting, Wallach performed on the stage and in films for over 60 years. Although originally from Brooklyn, Wallach was also a fellow Texas Longhorn, having attended the University of Texas. He served in France as a Second Lieutenant in France during World War II.

I thought about Wallach’s über coolness when considering the most decided uncool position of the UK pharmaceutical giant GlaxoSmithKline PLC (GSK) recently. Last month the Chinese government issued a most very stern warning to GSK when it accused the former head of GSK’s China business of direct involvement in bribery and corruption. But more than this direct accusation, the move was a clear warning shot across the bow of not only western pharmaceutical companies doing business in China but also all western companies. In an article in the Wall Street Journal (WSJ), entitled “Beijing Warns Sernly on Glaxo”, Laurie Birkett quoted Helen Chen, a director and partner at consultancy L.E.K., as saying “Focusing much of the blame on a foreigner sends a strong message to all. Companies will see that if authorities are willing to accuse even a foreigner, who is in senior management, the issue is being taken seriously, it’s a clear message that bribery is unacceptable in the market.” Burkitt went on to say, “Experts say China’s medical system is deeply underfunded, giving doctors, hospitals and administrators an incentive to overcharge and overprescribe. Glaxo, in the past, organized trips for doctors around China and to places such as Budapest and Greece as part of a broader effort involving perks and cash to get doctors to boost drug prescriptions, according to documents previously reviewed by The Wall Street Journal.”

Such reports of endemic corruption are not new. An article, entitled “GSK China probe flags up wider worries”, in the Wednesday edition of the Financial Times (FT) reporters Andrew Jack and Patti Waldmeir discussed not only the endemic nature of corruption in China but how, in many ways, the Chinese health care system is based on such corruption. The piece quoted George Baeder, an independent drug industry advisor, for the following, “Financial flows – both legal and illegal – tied to drug and device sales are funding perhaps 60-80 per cent of total hospital costs. Without this funding, the current system would collapse.” Further, “central and provincial Chinese governments cannot afford to pay doctors a living wage, and may patients cannot afford to pay the true cost of care.” And finally, “Up to now, Beijing has turned a blind eye as pharma companies find ways to subsidise doctor salaries and underwrite their medical education.” How about that for structural corruption?

Intertwined with this structural issue is the problem of the quantity and quality of the drug supply. Many Chinese doctors do not feel that there is an acceptable alternative to foreign pharmaceutical products. This drives up the cost of prescribed medicines, as this quantity is therefore limited. But even where indigenous Chinese generic drugs are available as alternatives, many patients do not trust these medicines. This restricts the quality of drugs available.

But with this recent round of accusations against GSK it appears that the Chinese government has opened a new front. In an article in The Telegraph, entitled “GSK bribery scan could cause ‘irreparable damage’, says China”, Denise Roland reported that “Beijing has apparently issued a warning to all foreign firms, cautioning that the corruption charges against GlaxoSmithKline executives could cause “irreparable damage” to the drug maker’s Chinese operations.” She quoted from the state news agency Xinhua for the following, “GSK’s practices eroded its corporate integrity and could cause irreparable damage to the company in China and elsewhere. The case is a warning to other multinationals in China that ethics matter.”

In addition to these charges against a senior GSK executive, which could lead liability up to the GSK boardroom, Jonathan Russell, also writing in The Telegraph, in an article entitled “GlaxoSmithKline is facing more than double jeopardy”, said that “GlaxoSmithKline’s problems are multiplying fast. In China authorities have identified 46 individuals connected to the company they claim were involved in “massive and systemic bribery”. In the UK the Serious Fraud Office (SFO) marked out its pitch this week, revealing it has opened an official investigation into allegations of bribery; and an internal GSK probe is looking at potential wrongdoing in Jordan and Lebanon.” More ominously, he also noted that “Given the slew of allegations so far it seems a fair assumption that other international law enforcement agencies, notably the US Department of Justice, will be taking a long, close look at the allegations.”

While Russell points to the general UK prohibition against prosecutions, which might invoke double jeopardy, he says “As ever with the law there are exceptions to the principle. However they are limited in scope and rare in number. It may also be the case that the principle of double jeopardy may not be invoked in this case if the alleged offences the SFO is investigating are separate to those under investigation in China. They could relate to matters that took place in Jordan or Lebanon.” Russell also pointed out that “international prosecutors carving up parts of prosecutions so they can all have their pound of flesh. A very painful prospect for GSK.” It will also be interesting to see if GSK is charged under the UK Bribery Act, under the prior law or both. If charges are brought under the Bribery Act, which became effective on July 1, 2011, do you think GSK would try and raise a compliance defense based on the Six Principals of Adequate Procedures? I guess having a compliance defense is pretty useless if your company engages in bribery and corruption.

While Russell talks about the aggressiveness of US prosecutors under the Foreign Corrupt Practices Act (FCPA), he does not discuss what may be GSK’s greatest exposure in the US. GSK was under the equivalent of a Deferred Prosecution Agreement (DPA) called a Corporate Integrity Agreement (CIA) for its prior sins related to off-label marketing. This CIA not only applied to the specific pharmaceutical regulations that GSK violated but all of the GSK compliance obligations, including the FCPA. In addition to requiring a full and complete compliance program, the CIA specified that the company would have a Compliance Committee, inclusive of the Compliance Officer (CO) and other members of senior management necessary to meet the requirements of this CIA, whose job was to oversee full implementation of the CIA and all compliance functions at the company. These additional functions required Deputy Compliance Officers for each commercial business unit, Integrity Champions within each business unit and management accountability and certifications from each business unit. Training of GSK employees was specified. Further, there was detail down to specifically state that all compliance obligations applied to “contractors, subcontractors, agents and other persons (including, but not limited to, third party vendors)”.

For the compliance practitioner, one clear message from the GSK matter is to monitor, audit and continuously review your Chinese operations. I will have more to say about the China corruption crackdown in an upcoming blog post but just like Eli Wallach as Calvera in The Magnificent Seven told the gunmen hired to protect the Mexican village, you have been warned.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

June 9, 2014

GSK Faces a Bad Day at Black Rock

Bad Day at Black RockOne of my favorite movies is Bad Day at Black Rock. It is one of the few movies to combine elements of film noir into something approaching a traditional Western. It also attacks directly the prejudice and hate against Japanese-Americans in the immediate aftermath of Pearl Harbor. I thought about that eponymous title when I read a recent article in the Financial Times (FT), entitled “GSK salesmen want ‘bribes’ reimbursed”, by reporters Patti Waldmeir and Andrew Ward.

You know it is going to be a bad day when your employees line up to testify against your company in an ongoing investigation for bribery and corruption. But those rainy day sighs can go up to the Bad Day at Black Rock level when these same employees publicly announce that the company they work for owes them for the creation of fraudulent invoices used by a business unit to fund bribery and corruption which violates not only the US Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act but also domestic Chinese anti-corruption laws. This happened to the UK pharmaceutical giant GlaxoSmithKline PLC (GSK) last month when it was announced that certain current employees in its China operation were petitioning the company to reimburse them for bribes they were ordered to pay by their superiors.

In their article, Waldmeir and Ward wrote “the UK pharmaceutical company at the centre of a Chinese corruption scandal, is facing protests from junior employees who say the company is refusing to reimburse them for bribes they were ordered to pay by their superiors.” While my initial thought was that these Chinese employees had quite a bit of ‘cheek’ in raising this claim, the more I read into the story, the more I think it may portend serious problems for GSK in any attempt to defend the company going forward. Waldmeir and Ward reported “some Chinese sales staff are complaining that GSK has denied bonuses, threatened dismissal or refused to reimburse them for bribes they say were sanctioned by their superiors to boost the company’s drug sales. In some cases, managers instructed them to purchase fake receipts that were used to cover up bribes paid in cash or gifts to doctors and hospitals, according to salesmen interviewed by the Financial Times.”

The article went on to highlight just how some of these fake invoices, used to gain funds from the corporate headquarters to facilitate bribery and corruption, were generated. “In some instances, managers disguised their involvement by using their personal email address to instruct staff to pay bribes and by ordering junior staff to claim on their personal expense accounts – even if the bribe was actually paid out by the manager – according to these people.” Last March, a group of current GSK employees sent a letter to the company that said, in part, ““All the expenses were approved by the company,” the group wrote in a letter to management. “The expenses were paid with our own money, and although the receipts were not compliant, it was our managers who told us to buy the fake receipts,” said one former GSK salesman.”

The article quoted that GSK said, “We have zero tolerance for unethical or illegal behaviour and anyone who conducts such behaviour has no place in our company. We believe the vast majority of our employees uphold our values and we welcome employees speaking up if they have concerns.” Talk about a ‘Speak Up’ culture at your company. Probably not exactly what the company had in mind when it invited employees to raise their concerns.

However, as damning as this is, and it would certainly appear to be quite damning, was the following revelation, which was also reported by Waldmeir and Ward, regarding witness prep during GSK’s internal investigation. They wrote, “Some staff were warned not to implicate their supervisors, according to a former salesman: “Our manager approached each person before they were questioned and asked them not to mention his name. He even prepared a story for them to tell the investigator.””

Dissecting all of the above, it would appear that GSK has several real problems on several fronts from this article. The first is that there appears to have been clear China business unit management participation in the bribery and corruption scheme. While it is still not clear whether the corporate home office was involved in the scheme, simply knew of it or choose to bury its collective head in the sand as to what was going on in China, if your in-country business unit management is involved, it is not too many steps to the corporate home office. Conversely, the question might be that if this fraud against the corporate home office was so open and obvious, why did the corporate office not detect it going forward?

Yet the real issue for the corporate office may be the information about employees being coached to hide evidence during the investigation. If such activity was limited to the ‘managers’ in the Chinese business units only, what does it say about a corporate office, which allows such witness intimidation? Think that is an investigation best practice? However, if the corporate office was involved in any way in such witness intimidation, it will bode extremely poorly in the eyes of the Chinese regulators, the UK Serious Fraud Office (SFO), which has opened an investigation into the GSK matter and probably the US Department of Justice (DOJ) as well, since GSK is still subject to the Corporate Integrity Agreement (CIA) it signed back in July of 2012; when it pled guilty and paid $3 billion to resolve fraud allegations and failure to report safety data in what the DOJ called the “largest health care fraud settlement in U.S. history” according to its press release. Think witness tampering or hiding of evidence might garner the attention of the DOJ for a company already under the equivalent of a Deferred Prosecution Agreement (DPA)?

In addition to all of the above conduct, it will be interesting to see the effect of this ongoing investigation on the stock value of GSK. In a Wall Street Journal (WSJ) article, entitled “FCPA Hits Companies Harder if they Committed Fraud”, Sam Rubenfeld reported “A study of U.S. Foreign Corrupt Practices Act enforcement issued by the Searle Civil Justice Institute, a research division of The Law & Economics Center at George Mason University School of Law found that public companies lost an average of 2.9% of market capitalization as a result of an investigation. But, the study found, the number masks an important distinction: Companies charged with bribery only suffered an initial 1.5% loss, while those charged with bribery and financial fraud saw a initial drop of 16.3% in market cap.” It will be interesting to see the effect the apparent fraudulent activities of GSK’s China employees will have on not only the overall penalty assessed against GSK but if there is any attendant drop in shareholder value.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

 

© Thomas R. Fox, 2014

May 29, 2014

May Flowers for GSK? The Corruption Investigation Deepens

Chelsea Flower ShowApril showers bring May flowers, at least that is the old truism. One place it is decidedly correct is at the RHS Chelsea Flower Show, which began its run as one of the, if not the greatest, annual flower shows in the world in May 1862. The event draws some 157,000 people during its five-day run each May. The event has royal patronage and there is always a large contingent of royalty who visit the show.

Unfortunately one group of Englishmen and women who will not be stopping by to ‘smell the roses’ this year are those from the increasingly embattled UK company GlaxoSmithKline PLC (GSK). Yesterday the UK Serious Fraud Office (SFO) announced that it had “opened a criminal investigation into the commercial practices of GlaxoSmithKline plc and its subsidiaries.” To top off this bouquet of May flowers from the SFO, in the same Press Release the SFO said, “Whistleblowers are valuable sources of information to the SFO in its cases. We welcome approaches from anyone with inside information on all our cases including this one – we can be contacted through our secure and confidential reporting channel, which can be accessed via the SFO website.” It then proceeded to provide the SFO’s secure reporting website.

In an article in the New York Times (NYT), entitled “GlaxoSmithKline Under Investigation by Serious Fraud Office”, Chad Bray reported that the SFO “is investigating Glaxo’s business activities in “multiple jurisdictions,” according to a person familiar with the investigation who was not authorized to speak publicly.” As most readers will recall, “Chinese authorities have been investigating the drugmaker’s business practices related to payments to doctors and other health care professionals since last year and questions have been raised in recent months about the company’s practices in Iraq and Poland.”

James Titcomb, reporting in The Telegraph, in an article entitled “SFO opens criminal investigation into GlaxoSmithKline”, went further when he noted that GSK has been in contact with the SFO “in recent months in the wake of claims that it funnelled hundreds of millions of pounds to doctors and officials in countries around the globe to boost sales of its drugs.” Moreover, “Chinese police have accused the company of dispensing 3bn yuan (£285m) in bribes under the leadership Mark Reilly, the former head of its Chinese business. Authorities in the country say the bribes resulted in billions of pounds in “illegal revenue” for the company.”

On the Chinese side of the investigation, the NYT article reported that during the month of May, “Chinese authorities accused Mark Reilly, the former head of Glaxo’s operations in China, of ordering employees to bribe doctors and other hospital staff to use the drug maker’s products, resulting in more than $150 million in illegal revenue. Two other Chinese-born Glaxo executives were also charged in the matter.”

When news of the Chinese investigation broke last summer, GSK claimed that “Certain senior executives of GSK China who know our systems well, appear to have acted outside of our processes and controls which breaches Chinese law,” Glaxo said in July, after meeting with the Chinese authorities. “We have zero tolerance for any behavior of this nature.” [Read: Rogue Employees] However it appears the Chinese authorities have not fallen for this age-old attempt at corporate misdirection. But Andrew Ward, reporting in a Financial Times (FT) article entitled “SFO opens criminal inquiry into GSK, said that the Chinese authorities had engaged in a “ten-month investigation” which had identified 46 current or former GSK employees as “suspects”. Rogue indeed.

Where might the US Department of Justice (DOJ) or Securities and Exchange Commission (SEC) be on these issues? Clearly, these would seem to be areas of at least inquiry under the US Foreign Corrupt Practices Act (FCPA), but consider the following about GSK, in July of 2012 GSK pled guilty and paid $3 billion to resolve fraud allegations and failure to report safety data in what the DOJ called the “largest health care fraud settlement in U.S. history” according to its press release. The DOJ press release went on to state “GSK agreed to plead guilty and to pay $3 billion to resolve its criminal and civil liability arising from the company’s unlawful promotion of certain prescription drugs, its failure to report certain safety data, and its civil liability for alleged false price reporting practices.” The press release noted that the resolution was the largest health care fraud settlement in US history and the largest payment ever by a drug company for legal violations.

You would think that any company that has paid $3 billion in fines and penalties for fraudulent actions would take all steps possible not to engage in bribery and corruption. Indeed as part of the settlement GSK agreed to a Corporate Integrity Agreement (CIA). This CIA not only applied to the specific pharmaceutical regulations that GSK violated but all of the GSK compliance obligations, including the FCPA.

In addition to requiring a full and complete compliance program, the CIA specified that the company would have a Compliance Committee, inclusive of the Compliance Officer and other members of senior management necessary to meet the requirements of this CIA, whose job was to oversee full implementation of the CIA and all compliance functions at the company. These additional functions required Deputy Compliance Officers for each commercial business unit, Integrity Champions within each business unit and management accountability and certifications from each business unit. Training of GSK employees was specified. Further, there was detail down to specifically state that all compliance obligations applied to “contractors, subcontractors, agents and other persons (including, but not limited to, third party vendors)”. So while GSK may have separate FCPA liability to be investigated by the DOJ; it may be more of an issue that the company could be in violation of its CIA.

GSK has of course averred that it is fully cooperating with all of the various investigations into its alleged bribery and corruption. Further, as reported in Ward’s FT article, “GSK said it was “committed to operating its business to the highest ethical standards”. The company had “previously denied any systemic problem with corruption and said the latest Chinese allegations were “deeply concerning to us and contrary to the values of GSK”.”

So I guess the GSK team probably missed the Chelsea Flower Show this year. ON the other hand, maybe they might be like former BP President Tony Hayward, who during the first few of weeks of the worst oil spill in the history of the world ever, went yachting…

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

May 13, 2014

Working With Third Parties in the Due Diligence Process

Jamestown ColonyOn this day we celebrate the 1607 founding of the English colony at Jamestown. While credited with being the first English colony in what became America, it’s probably more accurate to refer to it as the first permanent English colony that survived for any length of time. The largely male colonists faced many tough years before they finally pulled through. One thing that made the colonists experience so difficult was that they had no idea about what to expect when they sailed over to the New World.

Hopefully in the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act compliance regime, the situation is a bit more advanced today when it comes to looking at third parties, in the pre-contract phase of third party management, during due diligence. While most companies, if not comfortable with the need for and execution of pre-contract signing due diligence, certainly understand the need for this process; the same is not universally true for the non-US or non-UK company upon which due diligence is being performed upon. An interesting article in the recent issue of Compliance Insider, entitled “Disclosing the Subject-Dealing with Compliance Immaturity”, deals with precisely this situation; where the third party has not gone through the due diligence process. The article provides some useful tips on how the compliance practitioner can get through this sometimes-delicate process.

One thing the article makes clear is that if you are performing due diligence on a third party, you should fully disclose this information to the third party. They state, “There is nothing to be gained by not telling the subject company about the process or trying to keep it secret. Except for in an acquisition where the buyer has yet to disclose themselves, there is little advantage in keeping quiet. The third party expects that you will be doing some form of due diligence and engaging a compliance or legal firm to complete a review. There is nothing that the due diligence company or law firm is going to do differently than if that due diligence were secret – no one would ever disclose more than they had to and would never disclose the name of the client for which they were acting.”

After you disclose to the third party that they need to go through your company’s due diligence process, which should begin with a questionnaire to help determine the appropriate level of due diligence to perform, you may face pushback from the third party. Unfortunately, as the article notes, such pushback usually goes initially to the business contact, which tends to side with the third party against the compliance function. This means that you need to educate your business unit sponsor on the reasons your company must engage in the third party management process so that they can communicate this to the third party. The article identifies three major reasons which a third party may resist your attempts at due diligence.

  1. Immaturity - the third party is “not used to due diligence or working with global companies that focus on compliance. They are not aware of the value of due diligence and have been living in the “compliance cave”. This is an issue in itself as it shows a degree of compliance immaturity and certainly gives an insight into how that company might be as an acquired entity. They are probably going to focus on the fact that there is an inbuilt level of trust that is needed in business and that the company should rely on that trust.”
  2. Negotiating - the third party may be “negotiating, trying to leverage the issue for their own gain as part of a negotiation. They may not be trying to hide anything per se, but may be sending a message that the company is taking too long, being too conservative, being caught in compliance obfuscation or losing sight of the real deal.”
  3. Hiding - it may also be that the third party does have something to hide.

The article suggests four clear steps that you can take if you are faced with one or a multiple of the above reasons for pushback from the third party.

  1. Engage the issue head on – it is important that you quickly and succinctly address concerns that your compliance team or compliance process is “heavy handed or that there is a lack of trust” between your company and the third party.
  2. Engage the business sponsor – as I stated above, one of the key components of any successful third party lifecycle management program is the engagement of the business sponsor. Obviously the business sponsor needs to justify the potential contractual relationship your company would have with the third party but the business sponsor is also the primary point of contact with the third party, throughout both the pre-contracting phase and the post-contracting relationship management. The article intones that if the third party tries to use an excuse to stop or lessen the process, “then the transaction is probably not worth it.”
  3. Develop your company’s compliance message – you should be crystal clear that your company will “conduct due diligence and background screening on all its proposed business partners and it is company policy to do so.” This can be done so through reference to the FPCA and your company policy. But more than simply a legal explanation, reputational risk is also important for your company. Be clear and re-emphasize your message that “there is neither a lack of trust nor an assumption of lack of integrity on the part of the subject company – it is normal procedure and gets done for all third parties of certain types right across the company, and this subject company is no different.”
  4. Negotiate a proposed go-forward plan – the article emphasizes that you should “not back down” and I whole-heartedly agree. But more than simply standing strong, you can use these discussions to help educate the third party involved why it is not only important for your company but also the third party. If they want to do business with any US or UK Company, they will need to go through this process. Indeed, it will make them more marketable to US or UK Companies if they have gone through the process.

Like many compliance practitioners, I came to the field of compliance through the legal department. Working for a very big fish company in the energy company it was very much ‘big fish-little fish’ where the big fish told the little fish what would be in the contract. However that model does not, nor should it, work in the compliance field. I have found that most third parties understand that if they desire to do business with a US or UK company, since we are required to perform due diligence as part of any best practices compliance program, the third party will need to be a part of that process. The Compliance Insider article provides a valuable look at a topic which is not always focused on from the perspective of the US or UK based compliance practitioner.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

April 8, 2014

Mickey Rooney and The 90 Cent Solution

Mickey Rooney as PuckWe begin today with a word on the death of Mickey Rooney. Rooney’s career, spanning nearly 90 years was certainly was from a different era. He was short of stature and long in his number of marriages but as Bob Lefsetz noted in his blog post tribute to Rooney, “But they stood in front of us twenty feet tall. At the drive-in. Even when the pictures truly got small on the tiny old screens of yore they emerged triumphant, because they were so good-looking, so charismatic. And if you were big enough, a bright enough star, your legacy lived on, even if your present day circumstances bore no resemblance to fame.” But here’s why there is always a place in my heart for Mickey Rooney. When I was very young I lived with my grandparents and one night I watched the 1935 movie version of Shakespeare’s A Mid Summer Night’s Dream on television with my grandmother. Rooney’s so over the top performance of Puck began for me a life long love affair with the Bard. So here’s to the grandmother that started me off on a lifelong love affair of Shakespeare’s works and here’s to the Mickster—you did it your way.

I have often considered the role of senior management is to set a proper ‘Tone-At-The-Top” to do business ethically and in compliance with anti-corruption laws like the Foreign Corrupt Practices Act (FCPA) or the UK Bribery Act. Incentives to do business ethically and in compliance are also recognized as an important part of any best practices compliance program. The flip side of incentives is disincentives, such as discipline or financial penalties for affirmatively engaging in misconduct. But how far should such disincentives go and how strong should they be? Should there be penalties for not only affirmatively engaging in misconduct but also failing to monitor risk-taking that allows misconduct to occur? If the latter becomes prevalent, how close do we come to criminalizing conduct, which is arguably negligent and not simply intentional?

I have thought about several of these questions and many others over the past few days when reading about the ongoing struggles of General Motors (GM) over its Cobalt recall issues and Citigroup in regards to its Mexican banking operations. In an article by Gretchen Morgenson in the New York Times (NYT), entitled “The Wallet as Ethics Enforcer”, where she asked “Who decided—and who agreed—that 90 cents was too much to pay for each switch that would have fixed the problem that apparently led to 13 deaths? How much did that decision add to the bottom line and add to executives’ compensation over the years? What will the company have to pay in possible regulatory penalties and legal settlements?” One of her own answers to these questions reads, “While the shareholders of G.M. will shoulder the cost of the fines, the settlements and loss of trust arising from the mess, the executives responsible for monitoring internal risks like these are unlikely to be held accountable by returning past pay.”

Citigroup, which had previously indicated that it had been the victim of a huge fraud perpetrated by one of its customers in Mexico, Oceanografía. However, now Citigroup now faces both federal criminal and civil investigations over the affair. As reported in a Wall Street Journal (WSJ) article, entitled “Crime Inquiry Said to Open On Citigroup”, Ben Protess and Michael Corkery reported that both the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) have opened investigations “focusing in part on whether holes in the bank’s internal controls contributed to the fraud in Mexico. The question for the investigators is whether Citigroup—as other banks have been accused of doing in the context of money laundering—ignored warning signs.” For a bank to be criminally liable, “prosecutors would typically need to show that the bank willfully ignored warning signs of the fraud.” However, to show a civil violation, the threshold is lower and there may only need to be a showing that the bank lacked the proper internal controls or internal oversight.

In her article, Morgenson spoke with Scott M. Stringer, the New York City Comptroller, who is a strong advocate of corporate requirements which “make sure that insiders who engage in questionable conduct are required to pay the piper” in the form of clawback provisions. Stringer has worked with companies to expand clawback provisions beyond those mandated by Sarbanes-Oxley (SOX), which required “boards to recover some incentive pay from a chief executive and chief financial officer if a company did not comply with financial reporting requirements.” Now, clawbacks have expanded to require executives to return compensation “even if they did not commit the misconduct themselves; they run afoul of the rules by failing to monitor conduct or risk-taking by subordinates.” Stringer believes that such clawback provisions not only “speak to the issue of financial accountability but also to setting a tone at the top.”

Morgenson ends her article by noting that unless GM makes public its internal investigation, “we may never know how many G.M. executives knew about the Cobalt problems and looked the other way.” In the meantime though, this debacle shows the importance of policies that hold high-level employees accountable for conduct that, even if not illegal, can do serious damage to their companies. Directors creating such policies would be sending a clear signal that they take their duties to the company’s owners seriously.”

At this point, we do not know high up the decision went in GM not to install the 90 cent solution. But I would argue it really does not matter. Somewhere in the company, some engineer figured out a solution and indeed one was implemented without changing the part number. I am sure the GM Board would have been sufficiently shocked, just shocked, to find out that such decisions as monetary over safety were going on inside the company. What does all of the information released so far tell us about the culture inside GM when these decisions were made? While I am certainly willing to give current GM Chief Mary Barra the benefit of the doubt about her intentions for the company going forward, particularly after a grueling couple of days before Congress, what do you think the financial incentives were in the company when the 90 cent solution was rejected?

It initially appeared that Citigroup was the victim of a massive fraud perpetrated by one of its customers. However, even initially it was reported that Citigroup let its Mexican operation, Banamex run its own show with very little oversight from the corporate office in New York. Now Citigroup is not only under a civil investigation for lack of proper internal controls but also a criminal investigation for willful ignorance of Banamex’s operations. Does any of this sound far-fetched or perhaps familiar? Think about Frederick Bourke and ‘conscious indifference’. Even the judge in Burke’s criminal trial mused that she did not know if he was a perpetrator or a victim. Perhaps Citigroup is both, but if he was both it certainly did not help Bourke. While I am certainly sure that the Citigroup Board of Directors would also say that it would also simply be shocked, just shocked, to find that there were even insufficient internal controls over Banamex, let alone willful ignorance of criminal actions of its Mexico subsidiary, it does pose the question as to what is the culture at the bank?

As important as clawbacks are, until the message of compliance gets down from the top of an organization, into the middle and then to the bottom, a culture of compliance will not exist. I have worked in an industry where safety is goal number one. But in the same industry I have heard the apocryphal tale of the foreign Regional Manager who is alleged to have said, “If I violate the Code of Conduct, I may or may not get caught. If I violate the Code of Conduct and get caught, I may or may not be punished. If I miss my numbers for two quarters, I will be fired.” Clawbacks for Board members would not have influenced this apocryphal foreign Regional Manager, any more than they would have worked on the psyche of the GM engineers who proposed and then later dropped the 90 cent solution. It was clear to them what their bosses thought was important for them to keep their jobs. As long as management has that message, doing business ethically and in compliance will always take a second seat.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

 

April 7, 2014

The Battle of Shiloh, Corruption in Ukraine and Things to Come

Things to ComeOn this day 126 years ago the two-day battle of Shiloh ended. On the second day, the Union troops under General Grant largely recovered the ground that the Confederate troops had taken on the first day. Grant was severely criticized for allegedly being taken by surprise by the Confederate attack but he managed to survive the firestorm. The Confederates lost their most senior commander, General Albert Sydney Johnson, on the first day of the fighting.

With the successful Union counter-attack on the second day the battle is generally viewed as a tactical victory for the North. However, for me the thing that is most significant about this battle is that it was the first horrific slaughter of the Civil War. There were over 23,000 casualties on both sides. Unfortunately it presaged more to come. I will never forget Shelby Foote’s comments in Ken Burn’s documentary The Civil War. Shiloh was not an aberration but there were 25 more Shiloh’s to come. It truly was a sign of things to come.

The recent events in Ukraine have had a variety of interpretations, results and predictions. But one thing is clear, the government of Ukraine allowed systemic corruption to occur. One can look to the Archer-Daniels-Midland Corp. (ADM) Foreign Corrupt Practices Act (FPCA) enforcement action to see the effects in play. In that matter, ADM paid bribes to obtain tax rebates to which it was legally entitled. Unfortunately for ADM it developed opaque schemes to fund bribery payments and then hid them on its books and records. Not good for FPCA compliance.

Or consider the case of Ikea. In an article in Bloomberg, entitled “Dashed Ikea Dreams Show Decades Lost to Bribery in Ukraine”, Agnes Lovasz wrote that Ikea has tried for over a decade to open a store in the country but has been unable to do so because it refuses to pay bribes to do so. She wrote that according to Transparency International’s (TI’s) Corruptions Perceptions Index (CPI), “Stuck between the European Union and its former imperial master Russia, Ukraine has emerged as the most corrupt country on the continent.” She quoted Erik Nielsen, chief global economist at UniCredit SpA in London, for the following, “Even before this latest crisis, Ukraine was a mess beyond description”. How about this recommendation from Lennart Dahlgren, a retired Ikea executive who led the company’s entry into Russia, who said in an interview with Russkiy Reporter magazine in 2010, that compared with Ukraine, Russia, the most corrupt major economy, “is whiter than snow”. Faint praise indeed.

While a US, UK, EU or other western government response is certainly appropriate, I thought about a business led response to such a situation when I read a recent article in the April issue of the Harvard Business Review (HBR), entitled “The Collaboration Imperative”, by authors Ram Nidumolu, Jib Ellison, John Whalen and Erin Billman. In this article they discussed business collaborations in the context of sustainability. I found their concepts should be considered by companies or industry groups when trying to develop strategies to fight corruption. As Jason Poblete continually reminds us, the marketplace is one important place to look for solutions to problems and this article certainly provides some starting points for such an analysis.

The authors posit that collaboration models should be divided into two categories: (1) coordinated processes and (2) coordinated outcomes. Adapting these to anti-corruption/anti-bribery programs, this means that under the ‘coordinated processes’ prong businesses should identify and share industry-wide operational processes that prevent and detect bribery and corruption. Under the ‘coordinated outcomes’ prong, the authors work translates into developing industry benchmarks and standardized systems for measuring anti-corruption/anti-bribery performance across the value chain.

The authors had some specific steps in their article which I thought also provided insightful for implementing their ideas in the anti-corruption/anti-bribery context. First you should being this journey “with a small, committed group.” The reason to do so is “to prevent the logjams that can occur when many stakeholders with conflicting goals try to work together, start by convening a small “founding circle” of participants. The members must have a common motivation and have mutual trust at the outset. This group develops the project vision and selectively invites subsequent tiers of participants into the project as it develops.” Next you should try to “link self-interest to shared interest.” This is because to help facilitate success, “collaboration initiatives must ensure that each participant recognize at the outset the compelling business value that it stands to gain when shared interests are met.” The participants need to then try to monetize the system value by “linking self-interest and shared interest is to quantify how the collaboration reduces costs or generates revenue for each participant.” It helps to build a direct path to some early successes because it is important “to generate momentum and commitment, the action plan must also emphasize quick wins. Business thrives on visible and immediate results, and sustainability collaborations are no exception. Even if these wins are small initially, the cost savings or incremental revenues provide proof to other executives inside participants’ organizations that the investment is worthwhile.”

As many in such a collaborative group will have conflicting priorities, the authors believe it is important to have “independent project-management specialists with demonstrated competence in trust building among diverse stakeholders. Additionally, the project management function must be seen by all participants as neutral and committed to the success of the project, rather than to any individual stakeholder.” Interestingly, the authors note that there should be built in competition which should be “structured to support shared goals.” Finally, and perhaps most obviously, any such group must have a culture of trust. Fortunately, in the anti-corruption/anti-bribery world there are very few trade secrets but beyond this, the “building and maintaining trust is an ongoing practice foundational to every other practice during the collaboration project.”

Perhaps the people or the leadership of Ukraine may at some point realize that the perceived endemic nature of corruption in their economic system, helped lead in part to its current problems. Maybe the citizens in Crimea thought the Russian government less corrupt. While I do not pretend to know the answers to these questions, the collaboration model that the authors have detailed for sustainability initiatives is certainly one that US companies might wish to consider on some type of industry wide basis.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

« Previous PageNext Page »

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 4,759 other followers