FCPA Compliance and Ethics Blog

September 5, 2014

Board of Directors and FCPA Oversight – An Internal Control Under SOX, Part I

Sam HoustonToday we begin by honoring the political process and a politician extraordinaire for on this day in 1836, Sam Houston was elected as the first President of the Republic of Texas. One of the most interesting characters from the early-to-mid-19th century, Houston was born in Virginia in 1793, moved with his family to rural Tennessee as a teenager and later ran away and lived for several years with the Cherokee tribe. Houston served in the War of 1812. He practiced law in Nashville and from 1823 to 1827 served as a US congressman before being elected governor of Tennessee in 1827. He was extensively interviewed for Alex De Tocqueville’s seminal work Democracy in America.

A failed marriage led Houston to resign from office and live again with the Cherokee who officially adopted him. In 1832, President Andrew Jackson sent him to Texas to negotiate treaties with local Native Americans for protection of border traders. Houston arrived in Texas during a time of rising tensions between US settlers and Mexican authorities and soon emerged as a leader among the settlers. In 1835, Texans formed a provisional government, which issued a declaration of independence from Mexico the following year. Houston was appointed military commander of the Texas army.

Houston served as the Republic of Texas President until 1838, then again from 1841 to 1844. Houston helped Texas win admission to the United States in 1845 and was elected as one of the state’s first two senators. He served three terms in the Senate and ran successfully for Texas’ governorship in 1859. As the Civil War loomed, Houston argued unsuccessfully against secession, and was deposed from office in March 1861 after refusing to swear allegiance to the Confederacy. He died of pneumonia in 1863.

This political process angle informs your anti-corruption compliance program through the passage of Sarbanes-Oxley (SOX). Yesterday, I was at a presentation, where James Doty, Commissioner of the Public Company Accounting Oversight Board (PCAOB) spoke. One of the questions was put to him was regarding the function of a Board of Directors under SOX, which I thought had some significant implications for Foreign Corrupt Practices Act (FCPA) compliance. He was asked if the Board or its sub-committee which handles audits was a part of a company’s internal financial controls. He answered that yes, he believed that was one of the roles of an Audit Committee or full Board. I had never thought of the Board as an internal control but the more I thought about it, the more I realized it was an important insight for any Chief Compliance Officer (CCO) or compliance practitioner.

In the FCPA Guidance, in the Ten Hallmarks of an Effective Compliance Program, there are two specific references to the obligations of a Board. The first in Hallmark No. 1 , which states, “Within a business organization, compliance begins with the board of directors and senior executives setting the proper tone for the rest of the company.” The second is found under Hallmark No. 3, entitled “Oversight, Autonomy and Resources”, where it discusses that the CCO should have “direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors (e.g., the audit committee).” Further, under the US Sentencing Guidelines, the Board must exercise reasonable oversight on the effectiveness of a company’s compliance program. The Department of Justice’s (DOJ) Prosecution Standards posed the following queries: (1) Do the Directors exercise independent review of a company’s compliance program? and (2) Are Directors provided information sufficient to enable the exercise of independent judgment? Doty’s remarks drove home to me the absolute requirement for Board participation in any best practices or even effective anti-corruption compliance program.

Board liability for its failure to perform its assigned function in any compliance program is well known. David Stuart, an attorney with Cravath, Swaine & Moore LLP, noted that FCPA compliance issues can lead to personal liability for directors, as both the Securities and Exchange Commission (SEC) and DOJ have been “very vocal about their interest in identifying the highest-level individuals within the organization who are responsible for the tone, culture, or weak internal controls that may contribute to, or at least fail to prevent, bribery and corruption”. He added that based upon the SEC’s enforcement action against two senior executives at Nature’s Sunshine Products, “Under certain circumstances, I could see the SEC invoking the same provisions against audit committee members—for instance, for failing to oversee implementation of a compliance program to mitigate risk of bribery”. It would not be too far a next step for the SEC to invoke the same provisions against audit committee members who do not actively exercise oversight of an ongoing compliance program.

Further, the SEC has made clear that it believes a Board should take a more active role in overseeing the management of risk within a company. The SEC has promulgated Regulation SK 407 under which each company must make a disclosure regarding the Board’s role in risk oversight which “may enable investors to better evaluate whether the board is exercising appropriate oversight of risk.” If this disclosure is not made, it could be a securities law violation and subject the company, which fails to make it, to fines, penalties or profit disgorgement.

I believe that a Board must not only have a corporate compliance program in place but actively oversee that function. Further, if a company’s business plan includes a high-risk proposition, there should be additional oversight. In other words, there is an affirmative duty to ask the tough questions. But it is more than simply having a compliance program in place. The Board must exercise appropriate oversight of the compliance program and indeed the compliance function. The Board needs to ask the hard questions and be fully informed of the company’s overall compliance strategy going forward.

Lawyers often speak to and advise Boards on their legal obligations and duties. However the insight I received from the Q&A with James Doty drove home a different, yet very valuable point to me. If a Board’s oversight is part of effective financial controls, then the failure to do so may result in something far worse than bad governance. It may directly lead to a FCPA violation and could even form the basis of an independent FCPA violation.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

February 9, 2012

IP Rights under the FCPA

For many US companies conducting business internationally, Intellectual Property (IP) is a key business component. Not only is the development of new IP critical to many businesses, for continued growth strategies, but IP protection is now a central business interest. This significance was recognized as far back as 2002 by the US Congress in the passage of the Sarbanes-Oxley Act (SOX), which required, among other things, that companies must incorporate systematic programs for protecting and monitoring IP assets as a part of an overall SOX compliance program.

IP in relation to anti-bribery and anti-corruption programs under the Foreign Corrupt Practices Act (FCPA) were recently explored in an article by authors Doug Sawyer and T. Markus Funk, in an article entitled “The IP Practitioner’s ‘Cheat Sheet’ to the FCPA and Travel Act: Introducing the IP FCPA Decision Tree” published in the BNA Bloomberg Patent, Trademark & Copyright Journal (January 27, 2012). The thesis, as presented by the authors, is that with so many companies going global, IP is routinely and simultaneously “owned and litigated in multiple jurisdictions.” As such it poses significant risk for anti-bribery and anti-corruption program scrutiny as “the tactics used to register, challenge or enforce those IP rights in foreign jurisdictions must be carefully viewed” under the FCPA.

IP Anti-Corruption Red Flags

IP rights by their nature are created by a government. Within this context, the authors note that there are several IP Red Flags which should be noted and followed up on if they appear. IP Red Flags include some of the following: a patent being allowed unusually quickly; an opposition to a trademark being granted before the entire process has been completed; and a foreign customs official robustly enforcing company A’s anti-counterfeiting agenda, while ignoring company B’s agenda. Compounding these Red Flags is the knowledge of the company, whether it is a US public or a private equity owner. Under the FCPA, both the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) interpret a principal’s ‘‘knowledge’’ constructively to include circumstances where the company fails to exercise due diligence by, for example, following up on Red Flags. More ominously, the UK Serious Fraud Office (SFO), in its Press Release announcing the Mabey and Johnson enforcement resolution under the Proceeds of Crime Act, said the following:

The second, broader point is that shareholders and investors in companies are obliged to satisfy themselves with the business practices of the companies they invest in. This is very important and we cannot emphasise it enough. It is particularly so for institutional investors who have the knowledge and expertise to do it. The SFO intends to use the civil recovery process to pursue investors who have benefitted from illegal activity. Where issues arise, we will be much less sympathetic to institutional investors whose due diligence has clearly been lax in this respect.”

Anti-corruption Pitfalls in the IP Context

The authors detail some of the specific pitfalls a company may face in registering or in otherwise protecting their IP rights in the international context. While noting that the FCPA prohibits payments of ‘anything of value’ such as “gifts, cash, unreasonably high commissions,” paid directly a company or through foreign business partners, “to foreign officials in order to ensure IP registration, or to oppose registration or enforcement of other companies’ IP.”; the authors caution that often times IP investments which are made abroad “frequently go through foreign transaction partners who ‘know the local system’.” Compounding this problem is the fact that many foreign countries “require the retention of one or more foreign associates, facilitators, and intermediaries to effectively register and enforce a robust IP program.” Lastly, the authors write that even when “accommodating seemingly simple requests from a customs official to pay for costs, such as transportation required in sending officers on an anti-counterfeiting operation, requires a determination of whether the payment is a legal facilitating payment under the FCPA.” Of course facilitation payments are not legal under the Bribery Act so the issue is even more problematic.

Prevention

The authors correctly note that having an anti-bribery and anti-corruption program which meets both the DOJ’s 13 point minimum best practices is critical. The pitfalls listed out above, which certainly point towards training of your own employees on what is and is not permissible, is key for protection. Under the FCPA, the question of who is a foreign governmental official can be vexing. However, in the IP context, such an analysis should be straightforward as such rights are only granted by a government, any dealing around IP rights creation and enforcement should be assumed to involve a foreign governmental official. Clearly the FCPA requires training on what actions are not permissible.

In addition to a thorough vetting, contracting with and management of any foreign business partners your company might utilize in the IP context, companies “must be ever vigilant when hiring third parties or local counsel to help to register, or oppose the registration of, their IP.” Likewise, IP owners should be equally aware that any actions in relation to government officials or third parties to aid the granting process, or ‘‘motivating police and prosecutors, must do so in a manner that does not violate the FCPA” or local laws.

As companies move towards IP as much of the basis of their business values, increasing pressure will build for registration and protection of these rights. Anti-corruption laws such as the FCPA make clear that there can be no corruption when obtaining or enforcing these rights. Your company would do well to perform an anti-corruption risk assessment on your IP program to ensure it is not caught with any of the problems detailed by the authors.

Decision Tree

I would also commend you to this article for another reason. They have included a most excellent, decision making tree which you can use in analyzing anti-corruption issues in the IP context. I could not cut and paste it into this article and post on the WordPress.com site so you will have to download the article to review and use it. However I would suggest that you take the time to do so as it presents a visual manner to think through and analyze the issues raised in their article.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 4, 2012

From Whistleblower to RICO Claimant

The holiday season is past and many of us have returned to work. However, if you are a Chief Compliance Officer (CCO) there is a gift that you may wish to give yourself, it is “The Whistleblower’s Handbook – A Step-by-Step Guide to Doing What’s Right and Protecting Yourself” authored by Stephen Martin Kohn, Executive Director of the National Whistleblowers Center. I do not suggest that CCO’s purchase this volume for their own protection, although the former Chief Executive Officer (CEO) of Olympus might have been able to use it before he was fired by the Olympus Board last October. No, I suggest that CCOs purchase this because many others in your company may well do so and it is the best single volume collection of all laws, rights and obligations related to whistle-blowing that I have come across.

I thought about Kohn’s book when I came across a couple of whistleblower related items last month. The first one was an article in the December 28, 2011 edition of the Wall Street Journal (WSJ), entitled “Internal BNY Mellon Documents Show Panicby Jean Eaglesham and Michael Siconolfi. In the article they report on some of the emails and other documentary evidence that whistleblower Grant Wilson was able to obtain during the two year period that he was operating “as a government informant” while employed by Bank of New York Mellon (BNY). The WSJ obtained this evidence through an open-records request. Wilson was part of a group which brought a series of whistleblower lawsuits against BNY, which have led to several states, and the Manhattan US attorney, filing civil suits against BNY. Eaglesham and Siconolfi also reported that “the bank’s [BNY] foreign-exchange traders grew concerned about a leaker” and in an earlier WSJ article, entitled “Secret Informant Surfaces in BNY Currency Probe”, reporter Carrick Mollenkamp stated “BNY Mellon sought to discover the insider’s identity and to fight the lawsuits.”

I quote that final line because of a December 15, 2011 Court of Appeals decision from the Seventh Circuit Court of Appeals, styled “DeGuelle v. Camilli et al”, which is a whistleblower retaliation claim. As reported by Richard Renner, in an article entitled “Major Victory for Whistleblowers in Seventh Circuit Says Retaliation is a RICO Violation, in the Whistleblowers Protection Blog, the Court of Appeals found valid a claim for damages under the Racketeer Influenced and Corrupt Organizations Act (RICO) for the retaliation against a whistleblower who provides information about corporate fraud to law enforcement officers under Sarbanes-Oxley Act (SOX).  SOX itself makes it a felony to retaliate against whistleblowers who bring forward such information.

The SOX provision in question states that Congress made it a crime to:

“knowingly, with intent to retaliate, take[] any action harmful to any person, including interference with the lawful employment or livelihood of any person, for providing to a law enforcement officer any truthful information relating to the commission or possible commission of any Federal offense[.]” 18 U.S.C. 1513(e).

The novelty and significance of the Seventh Circuit decision is that it held “When an employer retaliates against an employee, there is always an underlying motivation. In this case, for example, the motivation was to retaliate against DeGuelle for disclosing the tax scheme. Retaliatory acts are inherently connected to the underlying wrongdoing exposed by the whistleblower.”

This means that any company which terminates or in any other way retaliates against a whistleblower may have engaged in a violation of RICO, which itself is a criminal statute. This becomes relevant to Foreign Corrupt Practices Act (FCPA) whistleblowers through the Dodd-Frank Whistleblowers provision. In excerpts from the final Securities and Exchanges Commission (SEC) comments, they stated “Employees who report internally in this manner will have anti-retaliation employment protection to the extent provided for by Section 21F(h)(1)(A)(iii) of the Exchange Act, which incorporates the broad anti-retaliation protections of Sarbanes-Oxley Section 806, see 18 U.S.C. 1514A(b)(2).” In other words, if a person reports internally to a company or externally to the SEC of a FCPA violation and there is retaliation against that person, a RICO claim may arise.

Ladies and Gentlemen, this is scary stuff so your company had better be ready and have a robust investigative protocol in place when an internal report is made. And train, train, train and really, really, really mean it when your company says that it will not retaliate against an employee for making an allegation of a FCPA violation.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 4,830 other followers