Will the UK Let the Light of Day Shine Into Its Regulatory Process?

Should the regulators process be shrouded in mystery or should there be disclosure into the light of day? That is a question currently before authorities in London. As reported in the Financial Times (FT) column Inside Business, in a piece entitled “UK regulators must judge the right time to go public”, Brooke Masters reported that the UK Financial Services Authority (FSA) cannot provide the public details about a matter under investigation “until its internal decision maker, the Regulatory Decisions Committee, has heard the allegations and the defence of the accused and come down in favour of enforcement action.” There is currently legislation in front of Parliament which would allow a newly constituted financial regulatory agency, the Financial Conduct Authority, to go public with “warning notices” before a case gets to the Regulatory Decisions Committee. Masters cites advocates of this legislation who “say this would make the UK more like the US, where the Securities and Exchange Commission [SEC] can make public charges it has filed with a judge or administrative proceeding.” Apparently representatives of British banking interests are desperately fighting to keep such proceeds secret.

The Con

Master’s presents several arguments why regulatory investigations should remain secret. She quoted Lord Flight who claims that “allegations can blacken reputations and harm innocent investors.” He even pointed an accusatory finger at the head of the state of New York’s Department of Financial Services’ (DFS) Benjamin Lawsky who made allegations that Standard Chartered “hid $250 billion of transactions with Iran in breach of US sanctions, a charge that caused a one-day 16 per cent fall in the bank’s share price.” The bank insisted that they were “blindsided” by the allegations and indeed there were only $14 million in transactions which violated either US or New York state law. Of course we all now know that Standard Chartered also settled with the DFS for $340 million within days of these accusations being made public.

The Pro

Masters cites to un-named British Ministers who argue that “the public deserves to know when government regulators believe a major institution or prominent figure has committed wrongdoing. Further, timely announcements by the FSA or other appropriate regulators would “allow investors to move their money or protect themselves from similar misdeeds.” She poses the question of “Wouldn’t you want to know that a broker was facing charges of selling unsuitable investments before you – or even more pointedly, an elderly relative – gave him money?” Next she notes that “Quick enforcement also helps restore faith in the financial system. It is quite frankly a joke that nearly four years after HBOS failed, we still don’t know whether the FSA thinks anyone there did anything improper.”

Masters concludes her piece with a look at the SEC “Wells Notice” procedure, which is a private warning by the SEC to companies and individuals that the SEC wants to bring a case against them and this document invites the company or individual to respond directly to the SEC. This process allows the party or parties in question to respond or to work out a settlement. Masters believes that “the practice has worked well, especially for investors, who often get an early heads up about potential problems because most public companies disclose when they have received such a notice.” She believes that this interim step would be useful to give companies “a private right of reply before throwing open the doors.” But Masters makes clear her final position by concluding that she does not believe the UK government should “give in to the City’s efforts to keep the disciplinary process shrouded in mystery.” In other words, the light of day should shine into these dark crevices of nefarious activity.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Earl Scruggs: Banjo, Bluegrass and the Fight against Corruption and Bribery

Last Thursday, Earl Scruggs died. He was one of the musician’s most responsible for my development in learning about, and appreciating, different styles of music. For musicians, he basically invented and then popularized the 3 finger picking style on the 5 string banjo. For popular culture, he is probably best known for his work with guitarist Lester Flats, including the timeless hit “Foggy Mountain Breakdown”, the theme song from the movie Bonnie and Clyde, and for “Ballad of Jed Clampett” from the 1960s television show, The Beverly Hillbillies. However, for me, it was after he split with Lester Flats and started the Earl Scruggs Revue, with his sons and several other musicians. In the Revue, he fused rock, country, blues, folk and jazz with bluegrass in a way that I still find fresh and powerful today.

So what is the lesson of Earl Scruggs for the compliance practitioner? It is this, even if you develop a completely new style that makes you one of the foremost experts in an area, you can still evolve. Further, the style you use may have significant effects on other styles, even in the fight against bribery and corruption. For the compliance practitioner, this comes to mind with some news out of the world of anti-money laundering. We began the week with the notice from the UK Financial Services Authority of the agreed upon penalty with Coutts, a UK private banking entity. As reported in The Telegraph, in an article entitled “Coutts agrees to settle FSA fine for reduced fee”, Coutts was fined £8.75m (just over $14MM) “and severely censured by the UK’s Financial Services Authority (FSA) for failing to undertake sufficient anti-money laundering checks on their customers.” The Telegraph reporter Mike Goldman, quoting from the FSA report, wrote “The failings at Coutts were serious, systemic and were allowed to persist for almost three years,…Coutts was expanding its customer base during the Relevant Period and staff were incentivised in part to increase the number of customers taken on. As such, it was important that there were appropriate systems and controls in place, including with respect to the risk of money laundering. The weaknesses in Coutts’ controls resulted in an unacceptable risk of handling the proceeds of crime.”

On the heels of this enforcement action, the FSA followed last Thursday with the release of a report that included a review of 15 British banks who lacked sufficient anti-corruption and bribery checks. In an article in the New York Times (NYT), entitled “British Banks Called Weak In Checking Corruption”, Julie Werdigier reported on a FSA report which reviewed certain British banks during the second half of 2011. The review is a part of the FSA’s ongoing efforts “to improve the controls of ethical business behavior among financial institutions with offices in London.” The selection of the banks for review was based upon the high risk nature of the countries in which they were operating.

The FSA Director was quoted in a statement as saying, “Despite the high profile of the issue, the investment banking sector has been too slow and too reactive in managing bribery and corruption risk.” Further, the FSA found policies and procedures for gifts and entertainment were found to be lacking as well as the capacity for checking the backgrounds of prospective employees. The FSA also noted that gifts were not always correctly recorded and that it found instances of inappropriate hospitality.

The importance of having a robust anti-money laundering program was once again made clear last week when the Milan Branch of JPMorgan Chase closed a Vatican-held bank account based upon the suspicion of money laundering. In an article in The Daily Beast, entitled “JPMorgan Chase Closes Vatican Bank Account”, reporter Barbie Latza Nadeau discusses Chase’s decision to close the account “on speculation that the account is being used for less-than-immaculate financial deeds…after Vatican bankers were “unable to respond to a series of requests about questionable money transfers.” This was a continuation of bad news for Vatican banking as early this month, the US Department of State listed the Vatican as a “jurisdiction of concern for its money-laundering practices.”

Lastly, we take note of a French effort in the fight against global corruption. As reported in the Wall Street Journal (WSJ), in an article entitled “French Seize Assets of African Official”, France’s “top court allowed Transparency International to proceed” with a lawsuit against the son of the President of Equatorial Guinea. The son, while employed as the Minister of Agriculture of the country with an annual salary of $100,000, had the following items seized, “valuable paintings, vintage wines and multimillion dollar cars.” When his home was raided earlier in the year, the French officials found “a sauna, a movie theater, a nightclub, a beauty parlor, a spacious bathroom with gold-plated faucets, a wine cellar, and several other rooms decorated with marble statues and Fabergé eggs, according to court documents. Investigators seized all of the furniture that could be carried out, added a person familiar with the matter.” Ominously, the government of Equatorial Guinea warned the group’s lawsuit would “rupture relations” and that French companies would pay the price “from this situation.”

Just as Earl Scruggs led a musical revolution, first in bluegrass with his new picking style, then in expanding the boundaries of the genre, the fight against bribery and corruption is widening. If you are a compliance practitioner, you should take note of these international developments and have your company ready to respond.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

RISK-BASED COMPLIANCE

A recent benchmarking survey of Third Party Codes of Conduct was conducted by the Society of Corporate Compliance and Ethics (SCCE) and reported on by Rebecca Walker. The findings indicated that a majority of companies with an otherwise robust compliance program do not extend this to third parties with which they conduct business. The findings revealed the following: 53% of companies do not disseminate their internal codes of conduct to third parties; only 26% require third parties to certify to their own codes; and just 17% of the respondents have any third party codes of conduct.

For those companies which now desire to evaluate their third party business partners for Foreign Corrupt Practices Act (FCPA) compliance, how, and perhaps where, do they begin? The approach that appears to be gaining the most traction both with regulators and learned commentators is to develop a risk based approach to FCPA compliance. There is no specific Department of Justice (DOJ) guidance on any one specific process for a risk based compliance system. However, there is sufficient guidance in other FCPA and analogous compliance areas, such that direction can be provided to US and foreign companies in this area.

Writing in the FCPABlog, Scott Moritz of Daylight Forensic & Advisory suggested that a risk-based approach based upon the regulatory programs in Anti-Money Laundering (AML) governance. In the AML areas, the concept is that certain parties, including vendors, represent a higher compliance risk than others. Geography, nexus to government officials, business type, method of payment and dollar volume – are all risk indicators.

This risk-based approach was commented upon, favorably by the DOJ, in Release Opinion 08-02. In this Release Opinion the DOJ reviewed and approved Halliburton’s proposed acquisition of the UK entity Expro. The DOJ spoke directly to a risk based approach by that Halliburton had agreed to provide the following:

. . . a comprehensive, risk-based FCPA and anti-corruption due diligence work plan which will address, among other things, the use of agents and other third parties; commercial dealings with state-owned customers; any joint venture, teaming or consortium arrangements; customs and immigration matters; tax matters; and any government licenses and permits. Such work plan will organize the due diligence effort into high risk, medium risk, and lowest risk elements.

This risk-based approach has also been accepted by UK’s Financial Services Authority (FSA) in its settlement of the enforcement action against the insurance giant AON earlier this year. As a part of the settlement AON agreed to the following:

AON…designed and implemented a global anti-corruption policy … limiting the use of third parties … whose only service to AON is assisting it in the obtaining and retaining of business solely through client introductions in countries where the risk of corrupt practices is anything other than low. These jurisdictions are defined by reference to an internationally accepted corruption perceptions index. Any use of third parties not prohibited by the policy must be reviewed and approved in accordance with global anti-corruption protocols.

How does a company implement this guidance? Scott Moritz suggests that key to any risk-based approach is “the strategic use of information technology, tracking and sorting the critical elements — including risk-ranking, as well as enhanced due diligence and ongoing monitoring of high-risk parties proportionate to their risk profiles.”

The uses of a risk based compliance system can be myriad. The Release Opinion 08-02 system was in response to an international acquisition. Such systems can also be used to rank and assist in the evaluation of business partners or supply chain vendors. But, however such a system is used, the clear import from the DOJ, FSA and learned commentators is that some type of rational system should be put in place and followed.

RISK-BASED DUE DILIGENCE FOR SUPPLY CHAIN VENDORS UNDER THE FCPA

Quick, as the Compliance Professional within your organization, which department or group of your company spends the most money annually? Did Supply Chain immediately come to mind? Probably not. Now just as quickly, how much of your compliance efforts are focused on the Supply Chain within your organization? Other than perhaps financial due diligence, such as through Dun & Bradstreet or quality control through your QHSE group, the Supply Chain probably does not command your Compliance Department attention as do other types of third party business partners such as agents, distributors and joint venture partners. This may be coming to an end as most Compliance Professionals recognize that third parties which supply goods or services to a company should be scrutinized similarly to other third party business partners.
There are several methods that could be used to assess risk in the area of supply chain and vendors. The approach suggested by the UK’s Financial Services Authority (FSA) in its settlement of the enforcement action against the insurance giant AON would refer “to an internationally accepted corruption perceptions index” such as is available through Transparency International or other recognized authority. The approach suggested by the Department of Justice, in Release Opinion 08-02 would provide categories of “High Risk, Medium Risk and Low Risk”. Finally, writing in the FCPABlog, Scott Moritz of Daylight Forensic & Advisory LLC has suggested an approach that incorporates a variety of risk-assessment tools, including, “the strategic use of information technology, tracking and sorting the critical elements”.
This commentary proposes an approach which would incorporate all three of the above cited analogous compliance areas into one risk-based assessment program for supply chain vendors. Based upon the assessed risk, an appropriate level of due diligence would then be required. The categories suggested are as follows:
1. High Risk Suppliers;
2. Low Risk Suppliers;
3. Nominal Risk Suppliers; and
4. Suppliers of General Goods and Products.
A. High-Risk Suppliers
A High-Risk Supplier is defined as a supplier which presents a higher level of compliance risk because of the presence of one or more of the following factors:
1. It is based in or supplies goods/services from a high risk country;
2. It has a reputation in the business community for questionable business practices or ethics; or
3. It has been convicted of, or is alleged to have been involved in, illegal conduct and has failed to undertake effective remedial actions.
B. Low-Risk Suppliers
A Low-Risk Supplier is defined as an individual or private entity located in a Low-Risk Country which:
1. Supplies goods or services in a Low-Risk Country;
2. Is based in a low risk country where the goods or services are delivered, it has no involvement with any foreign government, government entity, or Government Official; or
3. Is subject to the US FCPA and/or Sarbanes-Oxley compliance.
C. Minimal-Risk Suppliers
A Minimal-Risk Supplier is an individual or entity which provides goods or services that are non-specific to a particular job or assignment and the value of each transaction is USD $10,000 or less. These types of vendors include office and industrial suppliers, equipment leasing companies and such entities which supply such routinely used services.
D. Suppliers of General Goods and Products
A Supplier of General Goods and Products is an individual or entity which provides goods or services that are widely available to the general public and do not fall under the definition of Minimal-Risk Supplier. These types of vendors include transportation, food services and educational services providers.