FCPA Compliance and Ethics Blog

July 7, 2014

No Sex Please, We’re British: More from GSK in China

No Sex PleaseThe above is the title of a British television show/play/movie which is a farcical romp about a newlywed couple who mistakenly receive an initial shipment of pornographic pictures, then movies and women, all sent from Sweden to England. The plot turns on their attempts to dispose of the ‘offending materials’ while under the noses of their parents/in-laws, employers and friends. In his review of the show, Christopher Heath said, “No Sex Please, We’re British shows how we stuffy Brits tie ourselves in knots when it comes to this subject. The funny thing is how the cast, led by Ronnie Corbett, handle their predicament and it has to be said, they cope with aplomb. As you might expect, the plot is all about mix-ups, keeping a stiff upper lip, maintaining a veneer of social respectability, not getting found out about something someone hasn’t done and failing miserably.”

I thought about that ubiquitous work of British visual and audio entertainment when the revelations from late June that the GlaxoSmithKline (GSK) PLC corruption scandal all started with a sex tape. In an article in the MailOnline, entitled “How a secret sex tape plunged British drugs giant Glaxo in a £90million bribery probe”, Rebecca Evans reported “A covert sex tape involving a senior executive and his Chinese lover was the trigger for a major investigation into corruption at British drugs giant GlaxoSmith-Kline, it was revealed yesterday. The video of married Mark Reilly and his girlfriend was filmed by secret camera and emailed anonymously to board members of the pharmaceutical firm. It led to an investigation that has rocked the £76billion company – which stands accused of bribing doctors and other health officials in China with £320million of gifts, including sexual favours from prostitutes, to persuade them to prescribe its drugs.”

This sex tape, along with allegations of bribery and corruption, were sent to GSK Board members, including Chief Executive Officer (CEO), Andrew Witty in March 2013 by someone with the email address “GSK Whistleblower”. Evans reported that two additional emails “making serious fraud allegations” were sent as well, one in January and one in May. In an article in the Wall Street Journal (WSJ), entitled “Sex Video Sheds Light in Glaxo China Case”, Laurie Burkitt reported that “The British drug maker regarded the video—apparently shot without the executive’s knowledge—as a breach of security, the person said.” Evans reported that in addition to this security breach, GSK believed the sex tape to be a “threat or blackmail attempt”. One of GSK’s responses was to hire the firm ChinaWhys Co., to investigate the matter. The firm’s principals, former journalist Peter Humphrey and Yu Yingzeng, a naturalized US citizen, were not able to determine who placed the video camera in Reilly’s Shanghai apartment, who shot the video or who sent it to GSK executives. However Evans reported “But a few months after starting to investigate Miss Shi, Mr Humphrey was arrested along with his wife Yu Yingzeng, a US citizen and daughter of one of China’s most eminent atomic weapons scientists. According to the Sunday Times, Mr Humphrey’s arrest and detention in July was at around the same time that China began a police probe into GSK’s alleged bribery.” And, unfortunately for Humphrey and his wife, they were arrested last August for allegedly breaking of Chinese laws relating to information privacy.

In addition to the investigation into the provenance of the sex tape and its sender, GSK had also engaged in an internal investigation into the substantive allegations of bribery brought forward by the “GSK Whistleblower” in emails to the GSK Board in January and May, 2013. As reported by Evans, “The emails laid out a series of sales and marketing practices described as ‘pervasive corruption’.” Unfortunately for the company, GSK “found ‘no specific evidence’ to substantiate the claims. However, the accusations are virtually identical to the charges laid by police against Mr Reilly and 45 other suspects. Last month, Britain’s Serious Fraud Office announced it is to investigate the company’s ‘commercial practices’.”

‘Honey-pots’ and ‘Sparrow-nests’ are well known terms for anyone who has read cold war tales of espionage between the former Soviet Union and the US. However, the Reilly sex-tape and the GSK bribery scandal would seem to be an entirely different can of worms. In an article in Time, entitled “What the GSK Sex Tape Says About Surveillance in China, Hannah Beech wrote that in China, “Surveillance – or the threat of surveillance — is a constant in China. As a journalist, I may be more interesting to the powers that be than some other foreigners here. But other expat friends who’ve been followed, hacked or otherwise tracked in China include diplomats, NGO staff and businesspeople. Also, artists and academics.” Such surveillance includes having “email auto-forwarding mysteriously activated or to be tailed by a black Audi while on assignment in the Chinese countryside.”

For the compliance practitioner the lessons of GSK in China continue to resonate, unfortunately for the negative consequences to GSK and its employees. All of the above articles note that the allegations of bribery and corruption presented to GSK by the “GSK Whistleblower” were also made to Chinese officials, who then began to investigate the company. Andrew Ward, reporting in a Financial Times (FT) entitled “Sex tape adds to murk of GSK China scandal”, said “A separate internal investigation was already under way into the bribery allegations that had first been made by a whistleblower in January.” Unfortunately for GSK, its internal investigation failed to turn up any evidence of bribery and corruption. More unfortunately for the company, “Mr. Reilly, a Briton and long-time GSK executive, was among 46 company employees identified by Chinese police in May as suspects when they handed evidence of “massive and systematic bribery” to prosecutors after a 10-month investigation.”

It does seem incredible at this point that any serious internal investigation could fail to turn up any of the evidence that the Chinese government has been able to develop against GSK. This points to the absolute importance of your internal investigations. Although the GSK investigation was focused in China, the same is true in the US, particularly for a US listed company subject to Dodd-Frank. Further, we must invoke that well-known British author George Orwell for reminding you that in some countries Big Brother really is watching you. And finally, you may not be paranoid as people really may be watching you and filming your most intimate acts.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

June 9, 2014

GSK Faces a Bad Day at Black Rock

Bad Day at Black RockOne of my favorite movies is Bad Day at Black Rock. It is one of the few movies to combine elements of film noir into something approaching a traditional Western. It also attacks directly the prejudice and hate against Japanese-Americans in the immediate aftermath of Pearl Harbor. I thought about that eponymous title when I read a recent article in the Financial Times (FT), entitled “GSK salesmen want ‘bribes’ reimbursed”, by reporters Patti Waldmeir and Andrew Ward.

You know it is going to be a bad day when your employees line up to testify against your company in an ongoing investigation for bribery and corruption. But those rainy day sighs can go up to the Bad Day at Black Rock level when these same employees publicly announce that the company they work for owes them for the creation of fraudulent invoices used by a business unit to fund bribery and corruption which violates not only the US Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act but also domestic Chinese anti-corruption laws. This happened to the UK pharmaceutical giant GlaxoSmithKline PLC (GSK) last month when it was announced that certain current employees in its China operation were petitioning the company to reimburse them for bribes they were ordered to pay by their superiors.

In their article, Waldmeir and Ward wrote “the UK pharmaceutical company at the centre of a Chinese corruption scandal, is facing protests from junior employees who say the company is refusing to reimburse them for bribes they were ordered to pay by their superiors.” While my initial thought was that these Chinese employees had quite a bit of ‘cheek’ in raising this claim, the more I read into the story, the more I think it may portend serious problems for GSK in any attempt to defend the company going forward. Waldmeir and Ward reported “some Chinese sales staff are complaining that GSK has denied bonuses, threatened dismissal or refused to reimburse them for bribes they say were sanctioned by their superiors to boost the company’s drug sales. In some cases, managers instructed them to purchase fake receipts that were used to cover up bribes paid in cash or gifts to doctors and hospitals, according to salesmen interviewed by the Financial Times.”

The article went on to highlight just how some of these fake invoices, used to gain funds from the corporate headquarters to facilitate bribery and corruption, were generated. “In some instances, managers disguised their involvement by using their personal email address to instruct staff to pay bribes and by ordering junior staff to claim on their personal expense accounts – even if the bribe was actually paid out by the manager – according to these people.” Last March, a group of current GSK employees sent a letter to the company that said, in part, ““All the expenses were approved by the company,” the group wrote in a letter to management. “The expenses were paid with our own money, and although the receipts were not compliant, it was our managers who told us to buy the fake receipts,” said one former GSK salesman.”

The article quoted that GSK said, “We have zero tolerance for unethical or illegal behaviour and anyone who conducts such behaviour has no place in our company. We believe the vast majority of our employees uphold our values and we welcome employees speaking up if they have concerns.” Talk about a ‘Speak Up’ culture at your company. Probably not exactly what the company had in mind when it invited employees to raise their concerns.

However, as damning as this is, and it would certainly appear to be quite damning, was the following revelation, which was also reported by Waldmeir and Ward, regarding witness prep during GSK’s internal investigation. They wrote, “Some staff were warned not to implicate their supervisors, according to a former salesman: “Our manager approached each person before they were questioned and asked them not to mention his name. He even prepared a story for them to tell the investigator.””

Dissecting all of the above, it would appear that GSK has several real problems on several fronts from this article. The first is that there appears to have been clear China business unit management participation in the bribery and corruption scheme. While it is still not clear whether the corporate home office was involved in the scheme, simply knew of it or choose to bury its collective head in the sand as to what was going on in China, if your in-country business unit management is involved, it is not too many steps to the corporate home office. Conversely, the question might be that if this fraud against the corporate home office was so open and obvious, why did the corporate office not detect it going forward?

Yet the real issue for the corporate office may be the information about employees being coached to hide evidence during the investigation. If such activity was limited to the ‘managers’ in the Chinese business units only, what does it say about a corporate office, which allows such witness intimidation? Think that is an investigation best practice? However, if the corporate office was involved in any way in such witness intimidation, it will bode extremely poorly in the eyes of the Chinese regulators, the UK Serious Fraud Office (SFO), which has opened an investigation into the GSK matter and probably the US Department of Justice (DOJ) as well, since GSK is still subject to the Corporate Integrity Agreement (CIA) it signed back in July of 2012; when it pled guilty and paid $3 billion to resolve fraud allegations and failure to report safety data in what the DOJ called the “largest health care fraud settlement in U.S. history” according to its press release. Think witness tampering or hiding of evidence might garner the attention of the DOJ for a company already under the equivalent of a Deferred Prosecution Agreement (DPA)?

In addition to all of the above conduct, it will be interesting to see the effect of this ongoing investigation on the stock value of GSK. In a Wall Street Journal (WSJ) article, entitled “FCPA Hits Companies Harder if they Committed Fraud”, Sam Rubenfeld reported “A study of U.S. Foreign Corrupt Practices Act enforcement issued by the Searle Civil Justice Institute, a research division of The Law & Economics Center at George Mason University School of Law found that public companies lost an average of 2.9% of market capitalization as a result of an investigation. But, the study found, the number masks an important distinction: Companies charged with bribery only suffered an initial 1.5% loss, while those charged with bribery and financial fraud saw a initial drop of 16.3% in market cap.” It will be interesting to see the effect the apparent fraudulent activities of GSK’s China employees will have on not only the overall penalty assessed against GSK but if there is any attendant drop in shareholder value.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

 

© Thomas R. Fox, 2014

May 22, 2014

On the Oregon Trail and Expectations in an Investigation Protocol

Oregon TrailOn this day in 1843, a massive wagon train, made up of 1,000 settlers and 1,000 head of cattle, set off down the Oregon Trail from Independence, Missouri. Known as the “Great Emigration,” the expedition came two years after the first modest party of settlers made the long, overland journey to Oregon. The Great Immigration followed the Sante Fe Trail for some 40 miles and then turned northwest to the Platte River, which it followed along its northern route to Fort Laramie, Wyoming. From there, it traveled on to the Rocky Mountains, which it passed through by way of the broad, level South Pass that led to the basin of the Colorado River. The travelers then went southwest to Fort Bridger, northwest across a divide to Fort Hall on the Snake River, and on to Fort Boise, where they gained supplies for the difficult journey over the Blue Mountains and into Oregon. The Great Emigration finally arrived in October of that year and the participants had completed the 2,000-mile journey from Independence in five months.

This week at Compliance Week 2014, I moderated a panel entitled Investigations Gone Global, Not Haywire. One of the panelists, Stephen Donovan, Chief Ethics and Compliance Officer, International Paper Company, said that one of his key reasons for setting out an investigation protocol was more than simply having a plan or guideline in place so that there would be consistency in investigations. The other key reason was to set expectations for all persons who might be involved in the investigation. The participants in the Great Emigration had a route to follow but that was about it. When it came to expectations, I think there were very little except hardship and the hope for a better future.

I think that one of the key lessons to be drawn from the ongoing Wal-Mart Foreign Corrupt Practices Act (FCPA) matter is that back in the 2006 time frame, when the corporate office was made aware of allegations of bribery and corruption regarding its Mexican subsidiary, the corporate office either did not have an investigation protocol in place, or perhaps even worse, it had one and disregarded it when the allegations bubbled up to Bentonville. But if the expectations had been set up beforehand, perhaps there would have been action taken to resolve the matter during that time frame and not later.

I have heard Jackie Trevino, Senior Manager, Corporate Compliance at Fluor Corporation, present the Fluor investigation protocol which consists of the following five steps (1) Opening and Categorizing the Case; (2) Planning the Investigation; (3) Executing the Investigation Plan; (4) Determining Appropriate Follow-Up; and (5) Closing the Case. I recognize that if a case of significant bribery or corruption is uncovered that there may be more or additional steps that you may need to take. However if you follow this basic protocol, you should be able to work through most investigations, in a clear, concise and cost effective manner. Furthermore, you should have a report at the end of the day which can stand up to later scrutiny if a regulator comes looking. Finally, you will be able to document, document, and document, not only the steps you took but why and the outcome obtained. But, as Donovan noted, it also sets the expectations of all involved.

Step 1: Opening and Categorizing the Case. Under this first step, you should categorize the ethics and compliance violation. You should notify the relevant individuals, including those on your investigation team and any senior management members under your notification protocols. After notification, you should assemble your investigation team for preliminary meetings and assessments. Step 1 should be accomplished in one to three days after the allegation comes into compliance, either through your reporting structure or other means.

Step 2: Planning the Investigation. After assembling your investigation team, you should determine the required investigation tasks. These would include document review and interviews. If hard drives need to be copied or documents put on hold or sequestered in any way, or relationships need to be analyzed through relationship software programs or key word search programs, this should also be planned out at this time. These tasks should be integrated into a written investigation or work plan so that the entire process going forward is documented. Also if there is a variation from the written investigation plan, such variation should be documented and an explanation provided as to why there was such a variation. Lastly, if international travel is involved this should also be considered and planned for as part of this step. Step 2 should be accomplished within another one to three days.

Step 3: Executing the Investigation Plan. During the course of this step the investigation should be completed. I would urge that the interviews not be effected until all documents are reviewed and ready for use in said interviews. Care should be taken to ensure that an appropriate Upjohn warning is issued and that the interviewee clearly understands that whoever is performing the interview represents the company and not the person being interviewed, whether they are the target of the investigation or not. The appropriate steps should also be taken to preserve the attorney-client privilege and attorney work product assertions. Step 3 should be accomplished within one to two weeks.

Step 4: Determining Appropriate Follow-Up. At this step the preliminary investigation should be completed and you are ready to move into the final phases. In some investigations, it is relatively easy to determine when the work is essentially complete. For example, if the allegation is both specific and narrow, and the investigation reveals a compelling and benign explanation for the conduct alleged, then the investigation typically is complete and you are ready to convene the investigation team and the relevant business unit representatives. This group would decide on the appropriate disciplinary steps or other actions to take. Step 4 should be completed in one day to one week.

It must be cautioned that at this step, if there are findings of specific or discrete allegations of corruption and bribery, a decision must be made as how to handle such findings going forward.

Step 5: Closing the Case. Under this final step, you should communicate the investigation results to the stakeholders and the case report should be completed. Everything done in the above steps should be documented and stored, either electronically or in hard copy form together. Step 5 should be completed in one day to one week.

With the growing number of reports to the Securities and Exchange Commission (SEC) Whistleblower program under Dodd-Frank, companies are under increasing pressure to get up and running quickly on any claim of bribery and corruption that is brought forward. By using an investigation protocol, you will have a ready-made process in place to start from. If your company does not have such a protocol I would suggest that you tailor this process to fit the needs of your company. It will help set the expectations of everyone involved.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

 

March 18, 2014

When to Bring in Investigative Counsel and Why

InvestigationsWhen should you bring in a true outsider to handle an internal investigation? What about specialized investigative counsel? Jim McGrath, who often writes about the need for specialized investigative counsel, has also pointed out on several occasions that having an independent eye on things is also a plus. However, rarely do we see both questions played out so publicly as is currently going on in the General Motors (G.M.) recall investigation. Indeed, Matthew Goldstein and Barry Meier discussed these  questions in Sunday New York Times (NYT) Business Section article by, entitled “G.M Calls the Lawyers”.

For those of you not familiar with G.M.’s problems, McGrath also wrote about them in his Internal Investigations Blog, in a post entitled “What Did GM Know and When Did They Know It?” McGrath describes the current issues as “the revelation that General Motors is the target of probes by Congress and by the National Highway Transportation Safety Administration over its handling of ignition switch defects in at least six of its popular automobiles. Failures in these switches may have resulted in as many as thirteen deaths and seemingly point to quality control failures at the automaker.” Others have estimated the death totals much higher for this defect. And, as McGrath notes, the key question is ‘what did GM know and when did they know it’?

Interestingly G.M. has hired two law firms to handle the investigation. One is King & Spalding, which handled much of the product liability litigation over the alleged defect and the second is Jenner & Block. In the NYT article, a prominent plaintiff’s lawyer, Lance Cooper, who fought GM and King & Spalding on this product liability litigation noted the obvious when he said, “They are part of the story.” By this he meant that “King & Spalding’s switch from a fierce defender of G.M. to a potential inquisitor into the company’s actions may also pose a conflict. For one, some of the firm’s lawyers may have to ask their own colleagues if they advised G.M. about whether to recall the vehicles at the time the Melton case was settled.”

More importantly for G.M., the retention of “outside counsel in these cases is part investigation, part public-relations gambit and part legal strategy. In most cases, the goal isn’t to publicly flog a company or its top executives, but rather to limit damage to an institution’s reputation or to contain the financial harm to shareholders of a publicly traded company. And it does so under the protection of the attorney-client privilege. From the point of view of the company, a well-done internal investigation can shape the accepted story of what happened — and produce findings that allow the company to negotiate for lower penalties from prosecutors or regulators down the road.” But, more importantly, to “achieve those ends, the law firms conducting the investigations must be viewed as forthright and uncompromised. In this respect, some critics have already questioned G.M.’s choices.”

The NYT quoted another lawyer, William McLucas, a partner at WilmerHale, who said, “If you are a firm that is generating substantial fees from a prospective corporate client, you may be able to come in and do a bang-up inquiry. But the perception is always going to be there; maybe you pulled your punches because there is a business relationship.” This is because if “companies want credibility with prosecutors and investors, it is generally not wise to use their regular law firms for internal inquiries.” Another expert, Charles Elson, a professor of finance at the University of Delaware who specializes in corporate governance, agreed, adding, “I would not have done it because of the optics. Public perception can be affected by using regular outside counsel.””

Adam G. Safwat, a former deputy chief of the fraud section in the Justice Department, said that the key is “Prosecutors expect an internal investigation to be an honest assessment of a company’s misdeeds or faults, “What you want to avoid is doing something that will make the prosecutor question the quality of integrity of the internal investigation.”” The aforementioned Jim McGrath was also interviewed for the article. He said, “A shrewd law firm that gets out in front of scandal can use that to its advantage in negotiating with authorities to lower penalties and sanctions. There is a great incentive to ferret out information so they can spin it.”

All of these concerns are equally valid in the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act investigation context. But they are layered upon the Fair Process Doctrine. This is because procedural fairness is one of the things that will bring credibility to your Compliance Program. This Doctrine generally recognizes that there are fair procedures, not arbitrary ones, in a process involving rights. Considerable research has shown that people are more willing to accept negative, unfavorable, and non-preferred outcomes when they are arrived at through processes and procedures that are perceived as fair. Adhering to the Fair Process Doctrine in your Compliance Program is critical for you, as a compliance specialist or for your Compliance Department, to have credibility with the rest of the workforce.

In internal investigations, if your employees do not believe that the investigation is fair and impartial, then it is not fair and impartial. Further, those involved must have confidence that any internal investigation is treated seriously and objectively. I have recently written about several aspects of internal investigations, in order to emphasize how to handle internal whistleblower complaints in light of the Dodd-Frank implications. One of the key reasons that employees will go outside of a company’s internal hotline process is because they do not believe that the process will be fair.

This fairness has several components. One would be the use of outside counsel, rather than in-house counsel to handle the investigation. Moreover, if a company uses a regular firm, it may be that other outside counsel should be brought in, particularly if the regular outside counsel has created or implemented key components that are being investigated. Further, if the company’s regular outside counsel has a large amount of business with the company, then that law firm may have a very vested interest in maintaining the status quo. Lastly, the investigation may require a level of specialization that in-house or regular outside counsel does not possess.

Living in Houston, this all played out in disastrous results during the Enron scandal. Near the end of Enron’s run, its regular outside counsel, Vinson & Elkins, investigated questionable accounting practices at Enron. As the NYT article noted, “The firm’s investigation is viewed as an utter failure or a corporate whitewash. The review essentially gave Enron a clean bill of health just months before it collapsed in one of the biggest accounting frauds of all time. In 2006, the law firm paid $30 million to Enron’s bankruptcy estate to resolve claims that its actions had contributed to the energy company’s demise.”

All of this means, your company needs to get it right in the hiring of outside counsel to handle an investigation. As McGrath wrote at the end of his blog, “the Jenner and King people will have to make like Howard Baker and ask what the president – or other ranking person with reporting authority to NHTSA – knew and when they knew it. Because the cover-up is usually worse than the underlying wrong and this one could cost GM $35 million and its reputation.” The NYT article ended with the following, “The best internal investigations are the ones that don’t receive much media attention. A company deals with a problem quickly, and if there’s something to report to authorities, the company tends to be treated leniently for its forthrightness.” Amen.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

February 19, 2014

Welcome to the Hotel California: FCPA Enforcement

Hotel CaliforniaThis past weekend I saw The Eagles on their ‘History of The Eagles Tour. It truly was that, a complete musical history of the group, from the beginning in 1971 up until now. They played for well over 3 hours and it was fantastic. The Eagles were at their peak in the 70’s when I was at my peak as a rock and roller, both in high school and college, so the concert was a very memorable experience. In one interesting twist they did not allow videos to be taken of the concert with cell phones or any other types of recordings. Of course the concert ended with song Hotel California and its iconic line “You can check out but you can never leave.”

I thought about that final line and how true it was in the late 70s and how true it is now in the world of international anti-corruption enforcement when I read a front page article in Sunday’s New York Times (NYT), entitled “Eavesdropping Ensnared American Law Firm”, and an blog post by the FCPA Professor, entitled “FCPA Lawyers Would Be Wise to Review Recent Third Circuit Decision”.

We know from the American Spectator article, “Rise of the Surveillance State”, by James Bovard about the National Security Agency (NSA) program ‘Echelon’, which he described as “a spy satellite system run by the National Security Agency along with the United Kingdom, Australia, New Zealand, and Canada. Echelon reportedly scans millions of phone calls, e-mail messages, and faxes each hour, searching for key words.” Further, Bovard stated, “A February report by the European Union alleged that Echelon has been used for economic espionage. Former CIA Director James Woolsey told a German newspaper in early March that Echelon collects “economic intelligence.”” One example Woolsey gave was espionage aimed at discovering when foreign companies are paying bribes to obtain contracts that might otherwise go to American companies. Woolsey elaborated on his views in a March 17, 2001 Wall Street Journal (WSJ) Op-Ed piece, justifying Echelon spying on foreign companies because some foreigners do not obey the Foreign Corrupt Practices Act (FCPA).

After the NYT article, we know that US law firms can also fall under surveillance. The firm of Mayer Brown was monitored by the NSA’s Australian counterpart, the Australian Signals Directorate (ASD), regarding work the law firm was doing for the government of Indonesia in trade disputes with the US. It is of no consequence that it was the Australians doing the spying as under the “Five Eyes Alliance”, Australia is one of five countries the US shares intel with and agrees not to spy on. While most Americans would understand the need to place those dealing with terrorists under surveillance, the need to monitor US law firms giving legal advice in a legal trade dispute seems one or two steps past the safety of the US homeland. While only mentioned in the article, I also wonder about the effect of this surveillance on the attorney-client privilege, the basic reason that clients come to lawyers, for confidential legal advice. If you know that you are susceptible to espionage, why would a client ever trust the confidentiality of your communications or even that they are confidential to start with. Moreover, if you know you are subject to surveillance, is the privilege destroyed if a country does so and passes the information along to the US?

Equally unsettling as the revelations in the NYT article is the FCPA Professor’s report on a Third Circuit, Court of Appeals decision, entitled “In Re: Grand Jury Subpoena”. In this matter, an attorney was consulted on an international transaction, which was described as follows: “In April 2008, Client approached Attorney to discuss issues he was having with the project. Client explained that he planned on paying Banker in order to ensure that the project progressed swiftly, as Banker was threatening to slow down the approval process. Attorney did some preliminary research, found the FCPA, and asked Client whether the Bank was a government entity and whether Banker was a government official. Although Attorney could not ascertain given his limited research whether the planned action was legal or illegal, he advised Client not to make the payment. Despite this advice, Client insisted that his proposed payment did not violate the FCPA, and informed Attorney that he would go ahead with the payment. Attorney gave Client a copy of the FCPA. After this communication, Attorney and Client ended their relationship.” The opinion stated that the Client made a payment to the banker’s sister.

In other words, the client came for legal advice regarding an international transaction, the attorney advised against the transaction in question but the client did so against the advice of his attorney and the attorney thereafter terminated the relationship. There was no evidence the lawyer advised the client how to violate the FCPA or in any way helped the client ‘get around’ the law.

The attorney-client privilege is not sacrosanct. There are some limited exceptions to it and one of those is the ‘crime-fraud exception’ which the Court of Appeals explained is, “To circumvent [the attorney-client] privilege under the crime-fraud exception, the party seeking to overcome the privilege . . . must make a prima facie showing that (1) the client was committing or intending to commit a fraud or crime, and (2) the attorney-client communications were in furtherance of that alleged crime or fraud.” (All citations omitted) But, in this case, there was no evidence presented that the attorney involved gave advice that was in the furtherance of a crime but only that “The communication between Attorney and Client was brief, and consisted mainly of informing Client on the applicable law and advising that he not make the payment. However, we believe that the questions posed by Attorney to Client and the information that Client could gain from those questions are sufficient for us to conclude that the District Court did not abuse its discretion in determining that the advice was used in furtherance of a crime or fraud.”

What were the questions posed by the client or put another way, what was the legal advice sought by the client? The Court stated, the “questions about whether or not the Bank was a governmental entity and whether Banker was a government official would have informed Client that the governmental connection was key to violating the FCPA. This would lead logically to the idea of routing the payment through Banker’s sister, who was not connected to the Bank, in order to avoid the reaches of the FCPA or detection of the violation. Of course, it is impossible to know what Client thought or how he processed the information gained from Attorney. But the District Court did not abuse its discretion in determining that Client “could easily have used [the advice] to shape the contours of conduct intended to escape the reaches of the law.””

What does the spying on a US law firm and this court decision invalidating the attorney-client privilege mean for FCPA enforcement? I think that it means if you find yourself in the position of having violated the FCPA; your company now has an even greater incentive to self-disclose. If you are a non-US based company subject to the FCPA, the NSA is watching you. Further, if you are a non-US company, which seeks legal advice, you are now on notice that US laws firm are being spied on. Lastly, if you have violated the FCPA and seek legal advice; it may well come to pass that the lawyer whose advice you sought, can be compelled to testify about those conversations. So in the words of The Eagles, if you engage in conduct that arguably violated the FCPA, you can check out but you can never leave.

———————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————–

If you will be in Dallas this coming Thursday, February 20, I hope that you will join myself and fellow FCPA Blog Contributor Marc Bohn at the Corporate Compliance Summit on 2014 FCPA Concerns You Cannot Afford to Ignore. The event is complimentary and is sponsored by The Network. You can check it out and register by clicking here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

February 18, 2014

Board Investigations and the Curse of the Mummy’s Tomb – Part II

Board of DirectorsYesterday I began an exploration of a recent article in the Corporate Board magazine, entitled “Successful Board Investigations” by David Bayless and Tammy Albarrán, partners in the law firm of Covington & Burling LLP. In Part I, I reviewed the authors’ five key objectives, which they believe a board must pursue to ensure a successful investigation. Today, I will look at the authors’ seven considerations to facilitate a successful board investigation.

1.             Consider whether you need independent outside counsel

The authors consider that the appearance of partiality “undermines the objectivity and credibility of an investigation.” That means you should not use your regular counsel. The authors cite to the Securities and Exchange Commission (SEC) analysis of how independent board members truly are to explain the need for independent counsel. They state, “the SEC considers the following criteria when determining whether (and how much) to credit self-policing, self-reporting, remediation and cooperation” which will consist of the following factors:

  • Did management, the board or committees consisting solely of outside directors oversee the review?
  • Did company employees or outside persons perform the review?
  • If outside persons, have they done other work for the company?
  • If the review was conducted by outside counsel, had management previously engaged such counsel?
  • How long ago was the firm’s last representation of the company?
  • How often has the law firm represented the company?
  • How much in legal fees has the company paid the firm?

As Andre Agassi might say, ‘perception is reality’.

2.             Consider hiring an experienced “investigator” to lead the internal investigation

Noted internal investigation expert Jim McGrath has written and spoken about the need to utilize specialized counsel in any serious investigation. If a board is leading an investigation, I would submit by definition it is serious. The authors say that your investigation needs to lead by a lawyer with significant experience in conducting internal investigations; a strong background in criminal or SEC enforcement; and has substantive experience in the particular area of law at issue. The traits are needed so that your designated counsel will think like an investigator, not like an in-house lawyer or civil litigator.

3.             Consider the need to retain outside experts

In any Foreign Corrupt Practices Act (FCPA) or other anti-corruption investigation, there will be the need for a wider variety of subject matter experts (SME’s) than a compliance professional. The authors correctly recognize that “ if there are accounting issues, forensic accountants might be needed. In this day and age, an electronic discovery consultant is often required, and can be a cost effective option for gathering and processing electronic data for review.” These types of investigations will most probably be cross-border as well and this will require other varieties of expertise. The authors caution that, “The lowest bid may not necessar­ily be the best for a particular investigation. While cost is important, understand the limitations of each consultant and, with input from your investigator, determine which consultant best meets your goals.”

4.             Analyze potential conflicts of interest at the outside and during the investigation

The authors see two types of conflicts of interest that may come to light during an investigation. First is the one which comes up when the law firm or lawyers conducting the inves­tigation are those whose prior legal advice has some bearing on the matters being investigated because a company’s regular outside lawyers represent the company. During an internal investigation, however, the lawyers may be hired by, and represent, the board or its committee. The second occurs when a lawyer or law firm jointly represents the board and employees at the company as regulators have become increasingly concerned with joint representations. Moreover, “The trickier question is what to do when there simply is a risk that representing one client could limit the lawyers’ duties to the other.” So in these situations, joint representation may not be appropriate.

5.             Carefully evaluate Whistleblower allegations

With the advent of Sarbanes-Oxley (SOX) and Dodd-Frank, whistleblowers have become more important and taking their allegations seriously is paramount. This does not mean trying to find out who the whistleblowers might be to punish or stifle them, even if they are located outside the United States and therefore do not have protections under these laws. They can still get hefty bounties. The authors recognize that companies can come to grief when “companies run into problems when whistleblower allegations are discounted, if not outright dismissed, especially if the whistleblower has a history of causing trouble or is perceived as incompetent. When this type of whistleblower makes a claim, it is easy to presume ulterior motives.” While such motives might exist, it does not matter one iota when it comes to the investigation, as “Regulators are very wary of boards that do not satisfactorily evaluate a whistleblower’s complaint based on a perception of the whistleblower himself, as opposed to the substance of the complaint.”

6.             Request regular updates from outside counsel, without limiting the investigation

These types of investigations are long and very costly. They can easily spin out of cost control. But, by trying to manage these costs, a board might be perceived as placing improper limits on the investigation. The “goal is to strike the right balance between the cost of the investigation and its thoroughness and credibility.” To do so, the authors advise that flexibility is an important ingredient. A board can begin the project with an agreed upon initial scope of work and then “revisit the scope of work as the investigation progresses. If conduct is discovered that legitimately calls for expanding the scope of the investigation, then the board can revisit the issue at that point. Put another way, the scope of what to investigate is not a static, one-time decision. It can, and usually does, evolve.” By seeking regular updates and questioning counsel on what they are doing and why, directors can manage costs, while at the same time ensuring that the investigation is sufficiently thorough and credible.

7.             Consider whether an oral report at the conclusion of the investigation is sufficient

While there may be instances in which, due to complexity and the nature of allegations involved, a written report is necessary, the authors believe that there may be times when an oral report delivered to a board is better than a written report for “a written report may be easier to follow and appear to be the logical conclusion to an investigation, it is an expensive and time-consuming endeavor, and it comes with great risk.” The authors indicate three reasons for this position.

First, it is much easier to inadvertently waive the attorney-client privilege if a written report is created and in the wrong hands, such a written report may well create “a road map to a plaintiff” in any shareholder action. Second, once those findings and conclusions are written they may become “set in stone. If later information comes to light that impacts the report’s conclusions, altering the conclusions may undermine the credibility of the entire investigation. So, retaining flexibility to change the findings if further information is later learned is a real advantage of an oral report.” Third, and finally, “it takes time to prepare a well-written and thorough report. When an internal investigation must be conducted quickly, spending time to prepare a written report may not be an efficient use of time.” For all of these reasons, and perhaps others, an oral report presented to the board and documented in the Board of Director meeting minutes may be sufficient.

The authors conclude their piece by stating, “By keeping in mind the issues addressed above, the board will be better prepared for the investigation and readily able to exercise good judgment throughout the review. A well-conducted investigation by the board may spare the company further disruption and costs associated with follow-on investigations by the regulators, or at the very least minimize the company’s exposure.” I would only add that by following some of the prescriptions set out by Bayless and Albarrán your Board might also avoid the fate that befell Lord Carnarvon and the Curse of the Mummy’s Tomb.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

February 17, 2014

Board Investigations and the Curse of the Mummy’s Tomb – Part I

King TutOn this day in 1923, the tomb of King Tut was opened. It created a worldwide stir that has in many ways continued down into the 21st century. Clearly, the boy ruler influenced Steve Martin , (How’d you get so funky?, Funky Tut). Moreover, when the King Tut exhibit first toured the US in the 1970s, it sold out everywhere that it went. And, of course, there was the Curse of the Mummy’s Tomb, which led to some great Universal classic horror pictures. This curse may have killed the dig’s benefactor, Lord Carnarvon who died just months after entering the tomb in November 1923, but the archeologist who discovered King Tut, Howard Carter, seemingly outlived the curse, dying at the age of 64 on the eve of World War II.

I thought about the techniques employed by these two archeologists in the Curse of the Mummy’s Tomb when I read an article in the Corporate Board magazine, entitled “Successful Board Investigations” by David Bayless and Tammy Albarrán, partners in the law firm of Covington & Burling LLP. Why the Curse of the Mummy’s Tomb? It is because if a Board of Directors does not get an investigation which it handles right, the consequences can be quite severe. Over the next two posts I will explore the article by Bayless and Albarrán. Today in Part I, I will review the author’s five key objectives, which they believe a board must pursue to ensure a successful investigation. Tomorrow. in Part II, I will review the authors seven considerations to facilitate a successful board investigation.

The authors recognize that the vast majority of investigations will be handled or directed by in-house counsel. However, if and when such an investigation is needed, it is critical that it be handled with great care and skill. The authors note that “While this task is fraught with peril, there are a number of steps a board can take to ensure that the investigation accomplishes the board’s goals, which will enable it to make informed decisions, and withstands scrutiny by third parties” because it is this third party scrutiny, in the form of regulators, government officials, judges/arbitrators or plaintiffs’ counsel in shareholder actions, who will be reviewing any investigation commissioned by a Board of Directors. The authors believe that there are five key goals that any investigation led by a Board of Directors must meet. They are:

Thoroughness - The authors believe that one of the key, and most critical, questions that any regulator might pose is just how thorough is an investigation; to test whether they can rely on the facts discovered without having to repeat the investigation themselves. Regulators tend to be skeptical of investigations where limits are placed (expressly or otherwise) on the investigators, in terms of what is investigated, or how the investigation is conducted. This question can be an initial deal-killer particularly if the regulator involved views an investigation insufficiently thorough, its credibility is undermined. And, of course, it can lead to the dreaded ‘Where else’ question.

  • Objectivity - Here the authors write that any “investigation must follow the facts wherever they lead, regardless of the consequences. This includes how the findings may impact senior management or other company employees. An investigation seen as lacking objectivity will be viewed by outsiders as inadequate or deficient.” I would add that in addition to the objectivity requirement in the investigation, the same must be had with the investigators themselves. If a company uses its regular outside counsel, it may be viewed with some askance, particularly if the client is a high volume client of the law firm involved, either in dollar amounts or in number of matters handled by the firm.
  • Accuracy - As in any part of a best practices anti-corruption compliance program, the three most important things are Document, Document and Document. This means that the factual findings of an investigation must be well supported. For if the developed facts are not well supported, the authors believe that the investigation is “open to collateral attack by skeptical prosecutors and regulators. If that happens, the time and money spent on the internal investigation will have been wasted, because the government will end up conducting its own investigation of the same issues.” This is never good and your company may well lose what little credibility and good will that it may have engendered by self-reporting or self-investigating.
  • Timeliness - Certainly in the world of Foreign Corrupt Practices Act (FCPA) enforcement, an internal investigation should be done quickly. This has become even more necessary with the tight deadlines set under the Dodd-Frank Act Whistleblower provisions. But there are other considerations for a public company such as an impending Securities and Exchange Commission (SEC) quarterly or annual report that may need to be deferred absent as a timely resolution of the matter. Lastly, the Department of Justice (DOJ) or SEC may view delaying an investigation as simply a part of document spoliation. So timeliness is crucial.
  • Credibility - One of the realities of any FCPA investigation is that a Board of Directors led investigation is reviewed after the fact by not only skeptical third parties but also sometimes years after the initial events and investigation. So not only is there the opportunity for Monday-Morning Quarterbacking but quite a bit of post event analysis. So the authors believe that any Board of Directors led investigation “must be (and must be perceived as) credible as to what was done, how it was done, and who did it. Otherwise, the board’s work will have been for naught.”

To help manage these five issues the authors have seven tangible considerations they suggest that a Board of Directors follow to help make an investigation successful. Tomorrow I will review and scrutinize these seven considerations.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

February 3, 2014

Internal Investigations: Doing One can be a Compliance Best Practice

US NavyThe US Navy contract scandal took an interesting twist recently when one of its contractors, Inchcape Shipping Services, which had been suspended from doing business with the Navy for “conduct indicating questionable business integrity”, was reinstated as reported in an article in the New York Times (NYT), entitled “Audit Planned in Fraud Case as Navy Reinstates Shipperby Christopher Drew and Danielle Ivory. They reported, “The move came after a federal judge questioned whether the service had presented enough evidence to justify the suspension.”

The suspension seems to have been based upon a 2008 internal investigation by the company itself which it turned over to the Navy in late 2012, when a federal judge ordered the company to give Navy investigators a copy of an internal company audit from 2008 into some of the questionable billings. However, “after Inchcape challenged its suspension in December, the main evidence that the Navy presented was that 2008 audit. James F. Merow, a judge on the Court of Federal Claims, said that it did not appear that the Navy’s suspension office had “conducted any meaningful investigation” of other documents “despite having had time to do so.””

The article said that “Faced with the possibility that the judge might dismiss the suspension, records show, the Navy agreed to lift it in exchange for promises from the company to follow federal rules, refund overcharges, and hire independent monitors and auditors.” Further, in addition and in exchange for lifting of the suspension, “the company has agreed to pay for an independent audit that could help the Justice Department determine how much it may have overcharged the government.”

The rather curious fact about this agreed upon audit is that the Navy has known the allegations of over-charging since 2010. Further, the Navy had subpoenaed the company’s records back in 2011. However, the Navy had not gotten around to auditing those subpoenaed records. Drew and Ivory reported that “Former federal contracting officials said that the need to hire an outside auditor also showed how little the Navy had done to get to the bottom of the accusations against Inchcape since they first surfaced in 2010. They quoted Charles Tiefer, a professor at the University of Baltimore School of Law and a former member of the federal Commission on Wartime Contracting in Iraq and Afghanistan for the following, “To wait for the Navy to do a serious audit is like waiting for Godot. Considering that the Navy has sat on its hands for years, getting an accounting from a private firm is a sign of desperation.” Rather curiously when “Asked why they had not conducted their own audit, Navy officials said they had not had “full access” to the documents subpoenaed from Inchcape.”

I thought about how devastating it would be if a corporation, which had access to its own records, waited two years to begin an investigation of allegations of “conduct indicating questionable business integrity” or violations of the Foreign Corrupt Practices Act (FCPA). The FCPA Guidance says “An effective compliance program should include a mechanism for an organization’s employees and others to report suspected or actual misconduct or violations of the company’s policies on a confidential basis and without fear of retaliation. Companies may employ, for example, anonymous hotlines or ombudsmen. Moreover, once an allegation is made, companies should have in place an efficient, reliable, and properly funded process for investigating the allegation and documenting the company’s response, including any disciplinary or remediation measures taken.” From this I believe that the FCPA Guidance requires that companies not only have “in place” an efficient [and] reliable process for investigating an allegation, but that the investigation be properly funded as well.

Moreover, as with the Navy, the inclusion of specialized counsel to handle the investigation may be appropriate as it is viewed as a best practice. There are several reasons to bring in an outside investigation firm. Initially, the investigation must be perceived as fair. If your employees do not believe that the investigation is fair and impartial, then it is not fair and impartial. Further, those involved must have confidence that any internal investigation is treated seriously and objectively. You need to also consider the relationship between the investigation firm and the company, which hired it. If a company utilizes its regular outside counsel to perform the investigation and the results turn out favorably for the company, the regulators may ask if the investigation was a “whitewash”. If a regulatory authority, such as the Securities and Exchange Commission (SEC) or Department of Justice (DOJ) cannot rely on a company’s own internal investigation, it may perform the investigation all over again with its own personnel.

Additionally, if there are serious allegations made concerning your company’s employees engaging in criminal conduct, a serious response is required. Your company needs to hire some seriously good lawyers to handle any internal investigation. These lawyers need to have independence from the company so do not call your regular corporate counsel. Hire some seriously good investigative lawyers. I believe that there is another reason to hire outside counsel. It is also important because, no matter what the outcome of your investigation, you will most probably have to deal with the government. If the investigation does reveal actionable conduct, your company will need legal counsel who is most probably an ex-DOJ prosecutor or ex-AUSA to get your company through that process. Even if there is a finding of no criminal activity, you will need very competent and very credible counsel to explain the investigation protocol and its results to the government.

So why did the Navy not perform any adequate investigation of Inchcape Shipping before suspending them after having the company’s records for over two years? Did the Navy not have the technical expertise to read, review and analyze the Inchcape Shipping billing records? Are US Navy auditors too busy with other allegations of fraud and corruption to hav e reviewed the documents subpoenaed from Inchcape Shipping? No one knows the answer but in the realm of private sector corporations it required that the company have the ability to investigate itself or bring in outside counsel who can perform the investigation. Under any definition of a best practices compliance program, such a resource is a requirement.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 6, 2013

The Rogue Employee Myth: Prevention and Detection in a FCPA Compliance Program

I cannot think of any criminal enforcement actions against a corporation involving the Foreign Corrupt Practices Act (FCPA) where there was a lone wolf employee engaging in bribery and corruption on his or her own. There might well be some internal investigations and even self-disclosures to the Department of Justice (DOJ) of such conduct but the public usually does not know about them since the DOJ would issue a Declination under such circumstances. The only publicly announced Declination where the company was identified was the Morgan Stanley Declination. In that matter, a Managing Director, Garth Peterson was prosecuted for his individual action in violating the FCPA. But from the information made available, it appears that the company uncovered Peterson’s conduct, investigated and self-reported it to the DOJ.

One of things that Donna Boehme and Jim McGrath regularly rail against is the claim that violations of the FCPA, UK Bribery Act and other anti-corruption laws are the result of some ‘rogue employee’ out there, dreaming up ways to engage in bribery and corruption to obtain or retain business. Organizations such as the US Chamber of Commerce want to limit corporate liability for the criminal actions of their employees saying it is not fair for a company to pay for the sins of these alleged rogue employees.

While I recognize the US Supreme Court may soon make all of the above moot by deciding that corporations have the same rights, obligations and duties of real persons, those individuals making the claim of rogue-ness do not seem to contemplate how much work and effort must go into any ongoing bribery scandal which would result in a FCPA violation and how much is attributable to the company. First if the company, explicitly or implicitly, communicates that the bottom line, quarterly numbers or anything like that is the most important action an employee will be evaluated on, guess what, their numbers, and employees will always find a way to make their numbers. Further, if employees can either manipulate or over-ride a company’s internal controls to help fund or hide the payment of bribes, it is the fault of the company not having robust controls in the first place.

Remember Paul McNulty’s Three Maxims? (1) What did you do to prevent it? (2) What did you do to detect it? (3) What did you when you found out about it? If a company’s internal controls are so porous that employees can slide the payment of bribes through the system, I would say that you have failed to answer Maxim 1 in the affirmative. If your auditing or monitoring is so poor that you cannot find any evidence of bribery and corruption because you didn’t want to (See: Wal-Mart’s initial investigation into its Mexican subsidiary) or because the auditing and monitoring is so poor (See: GSK in China where they somehow missed $500MM in payments to ‘travel agents’); you have also failed to answer McNulty Maxim 2 in the affirmative.

Yesterday I wrote about psychopaths in the guise of Chief Executive Officers (CEOs). I do not think there could be a better example of this than Bernie Madoff. His grandiosity extended to attempting to claim to federal investigators that his multi-decade, multi-billion dollar fraud and Ponzi scheme was all his work alone, that no one else in his company was involved or even knew about it. That outsized claim is being put to the test over the next couple of months in a courtroom in New York where five former employees are currently on trial for participating in this massive fraud.

In fascinating testimony Frank DiPascali, a former top lieutenant to Madoff, reported in a Wall Street Journal (WSJ) article, entitled “Madoff’s Cold Play Outwitted Auditor” by James Sterngold, the schemes used to defraud customers and fool auditors and regulators. Initially, he noted that NONE of the trades recorded in the company’s books and records ever took place and that “a number of staff members spent most of their time producing large volumes of fake documents to convince customers there were earning attractive returns.” To put an explanation point on his testimony, when asked if Madoff’s staff created trades out of thin air, he responded, “Literally, yes.” To confuse and misdirect an auditor from KPMG, when the accounting firm demanded to see “detailed daily trading logs to confirm that the firm was actually engaged in trading”, Madoff’s staff not only created the fake logs but put them in the refrigerator to “cool them down”. Another time, the staff tossed them around “like a medicine ball to make them look used and crinkled.” All of this was presented as evidence in the trial which indicates that more people had to be involved in the fraud.

The clear lesson for the compliance practitioner from the Madoff employees’ trial testimony to-date is that there cannot be one person or the ubiquitous ‘rogue employee’ who decides to engage in bribery and corruption. There has to be more than one person. To circumvent a company’s internal controls takes work. For in any criminal FCPA enforcement matter, it is because the company involved had such weak internal controls that such circumvention could occur in the first place. But more than this circumvention, it means that the company did not employ sufficient systems to detect such bribery and corruption. And if the documentation you are reviewing is cold to the touch that may now constitute a red flag.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

December 4, 2013

The Weatherford FCPA Settlement, Part III

Yesterday, I reviewed the conduct which Weatherford International Limited (Weatherford) engaged in over a period from 2002-2011 in connection with its Foreign Corrupt Practices Act (FCPA) investigation, noted the deficiencies in its compliance program and its internal controls and even how the company intentionally impeded the investigations of both the Department of Justice (DOJ) and Securities and Exchange Commission (SEC). Today, I want to look at how the company changed course in mid-stream during the investigation, brought in a top-notch and well respected lawyer as its Chief Compliance Officer (CCO), created a best-in-class compliance program; all of which saved the company millions of dollars in potential fines and penalties.

  1. I.                    DOJ Fine Calculation

To resolve the criminal aspects of this case, Weatherford agreed to pay an $87.2 million criminal penalty as part of a Deferred Prosecution Agreement (DPA) with the DOJ. There was also another $65.6 million paid to the SEC. However the figure paid to the DOJ was at the very bottom range of a potential criminal penalty. The range listed in the DPA was from $87.2 to $174.3 million. In coming up with this range under the Federal Sentencing Guidelines, it is significant for the actions that Weatherford did not receive credit for during the pendency of the investigation. The company did not receive a credit for self-reporting. The company only received a -2 for its cooperation because prior to 2008 the company engaged in activities to impede the regulators’ investigation.

So the fine range could have been more favorable to the company. But the key is that Weatherford received the low end of the range. How did they do this?

A.     New Sheriff in Town

One of the key things Weatherford did was bring in Billy Jacobson as its CCO and give him a seat at the table of the company’s Executive Board. He was a Federal Prosecutor in the Fraud Section, Criminal Division, US Department of Justice. He also served as an Assistant Chief for FCPA Enforcement Department so we can assume he understood the FCPA and how prosecutors think through issues. (Jacobson also worked as a State Prosecutor in New York City, with my former This Week in FCPA co-host Howard Sklar, so shout out to Howard.) Jacobson was not hired directly from the DOJ but after he had left the DOJ and had gone into private practice. There is nothing that shows credibility like bringing in a respected subject matter expert and giving that person the tools and resources to turn things around.

But more than simply bringing in a new sheriff, Weatherford turned this talk into action by substantially increasing its cooperation with the government, thoroughly investigating all issues, turning over the results to the DOJ and SEC and providing literally millions of pages of documents to the regulators. The company also cleaned house by terminating officers and employees who were responsible for the illegal conduct.

B.     Increase in Compliance Function

In addition to establishing Jacobson in the high level CCO position, the company significantly increased the size of its compliance department by hiring 38 compliance professionals and conducted 30 anti-corruption compliance reviews in the countries in which Weatherford operates. This included the hiring of outside consultants to assess and review the company’s compliance program and beefing up due diligence on all third parties, including those in the sales and supply chain, joint venture (JV) partners and merger or acquisition (M&A) candidates. The company also agreed to continue to enhance its internal controls and books and records to prevent and/or detect future suspect conduct.

If you have ever heard any of the current Weatherford compliance professionals speak at FCPA conferences, you can appreciate that they are first rate; that they know their stuff and the company supports their efforts on an ongoing basis.

C.     Best in Class Compliance Program

During the pendency of the investigation, Weatherford moved to create a best practices compliance program. They appear to have done so and agreed in the DPA to continue to maintain such a compliance program. Under Schedule C to the DPA, it set out the compliance program which the company had implemented and continued to keep in place, at least during the length of the DPA. It included the following components.

  1. High level commitment from company officials and senior management to do business in compliance with the FCPA.
  2. A substantive written anti-corruption compliance code of conduct.
  3. Written policies and procedures to implement this code of conduct.
  4. A robust system of internal controls, including accounting and financial controls.
  5. Risk assessments and risk reviews of its ongoing business.
  6. No less than annual assessments of its overall compliance program.
  7. Appropriate oversight and responsibility of a Chief Compliance Officer.
  8. Effective training for all employees and relevant third parties.
  9. An effective compliance function which can provide guidance to company employees.
  10. A robust internal reporting system.
  11. Effective investigations of any reported compliance issue.
  12. Appropriate incentives for employees to do business ethically and in compliance.
  13. Enforced discipline for any employee who violates the company’s compliance program.
  14. Suitable due diligence and management of third parties and business partners.
  15. A correct level of pre-acquisition due diligence for any merger or acquisition candidate, including a risk assessment and reporting to the DOJ if the company uncovers and FCPA-violative conduct during this pre-acquisition phase.
  16. As soon as practicable, Weatherford will integrate any newly acquired entity into its compliance regime, including training of all relevant new employees, a FCPA forensic audit and reporting of any ongoing violations.
  17. Ongoing monitoring, testing and auditing of the company’s compliance function, taking into account any “relevant developments in the field and the evolving international and industry standards.”

D.    Monitor

Weatherford also agreed to an external monitor. However, the term of the monitor is not the entire length of the three-year DPA; the term of the monitor is only 18 months. The monitor’s primary function is to assess the company’s compliance with the terms of the DPA and report the results to the DOJ at least twice during the terms of the monitorship. After this 18 month term the DOJ will allow the company to self-report to the regulators. It should be noted that the term of the external monitor can be extended by the DOJ.

II.                Conclusion

It certainly has been a long, strange journey for Weatherford. I should note that I have not discussed at all the Oil-For-Food aspect of this settlement, which was an additional $100MM penalty to the company. However, with regard to the FCPA aspects of the matter, there are some very solid and telling lessons to be drawn from this case. First and foremost is that cooperation is always the key. But more than simply cooperating in the investigation is that a company should take a pro-active approach to putting a best-in-class compliance program in place during, rather than after the investigation concludes. Also, a company cannot simply ‘talk-the-talk’ but must come through and do the work to gain the credit. The bribery schemes that the company had engaged in and the systemic failures of its compliance program and internal controls, should serve as a good set of examples for the compliance practitioner to use in assessing a compliance program.

The settlement also sends a clear message from both the DOJ and SEC on not only what type of conduct will be rewarded under the US Sentencing Guidelines, but what they expect as a compliance program. One does not have read tea leaves or attempt to divine what might be an appropriate commitment to compliance to see what the regulators expect these day.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Next Page »

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 4,530 other followers