The Seven Deadly Sins for a Compliance Program

In an article in the October/November issue of Society of Corporate and Compliance Ethics Magazine (SCCE), entitled “The seven biggest mistakes companies make that erode ethical culture and destroy reputation”, author Eric Feldman reviews his version of the Seven Deadly Sins for a company’s compliance and ethics program. While noting that the “most severe consequences of corporate ethical lapses can be mitigated, even avoided, by proactive care and feeding of a corporate culture” when a compliance crisis arises it may well be “too late to put the genie back in the bottle.” However, by following his seven prescriptions, it may well be the difference between a “bump in the road or falling into quicksand” when the government comes knocking.

1.      Putting the Code of Conduct on your Shelf

A Code of Conduct is not solely a reference tool, like a dictionary. An effective Code of Conduct is a “manifestation of a company’s core values.” In the words of Lanny Breuer, it is a living document and should be regularly updated, not sitting on the shelf for many years, without any updates. Recommendation- Demonstrate leadership and tone at the top.

2.      Ignoring your Company’s Culture

Feldman defines compliance as adherence to “laws, rules and regulations” and ethics as a guiding set of “core principles that “guide a company’s behavior”.” Put another way, does your company only “talk the talk” of ethics or more importantly does it “walk the walk” as well? Recommendation – Corporate focus on regular assessment and improvement of ethical culture.

3.      Worshiping at the Altar of Highest Grade Point Average

Interestingly, Feldman believes that companies which proudly proclaim that they hire only the “best and the brightest” may be setting themselves up for a big compliance problem. His root cause analysis, Gen X’ers and Gen Y’ers have more problems with “résumé credibility” than older workers. He notes that integrity needs to be a high basis in employee recruitment. Recommendation – Incorporate an ethics component into your hiring and interview process.

4.      Letting the Money Talk

There needs to be a clear compensation system based on reference to how an employee conducts business. This is true both for monetary compensation and promotion in the organization. Recommendation – System of sanctions for ethical violations and rewarding those who do business in an ethical manner.

5.      The Parent Trap – Do as I say, not as I do

This relates to Point 2. Your company needs to have in place a compensation and promotion system which rewards good ethics and compliance. I often use the example of the following: some Regional VP (outside the US – you pick the foreign region) is alleged to have said the following, “If I violate the Code of Conduct, I may or may not get caught; If I violate the Code of Conduct and get caught, I may or may not be disciplined; If I miss my numbers for two months, I will be fired.” If that is the reality, guess what, the Regional Vice President (VP) will make his or her numbers. Recommendation – Values based ethics training.

6.      Ethics in the Corner

Feldman writes that nothing speaks volumes louder than creating a company Chief Compliance Officer (CCO) and not giving sufficient clout within an organization to get the job done. This will certainly be true if the government comes knocking. If the CCO is not high enough up in the organization or does not have the budget to accomplish the compliance mission, employees will clearly see this and react accordingly. Recommendation – A CCO who has both the authority and the budget to get the job done.

7.      Shooting or Ignoring the Messenger

Here Feldman is referring to the employee who reports ethical misconduct and suffers retaliation. Although every company says they never retaliate, the sad truth is very different in corporate America. This leads to too many employees staying silent about “fraud and misconduct striving in their organizations.” Worse yet is when the government comes knocking and they tell the investigator, that they were afraid to report the misconduct. Recommendation – An anonymous hotline that earns employee credibility.

Feldman’s seven deadly mistakes provide an excellent framework for any company to assess  their overall compliance program from a high level. While perhaps not rising to the level of “sins”, the answers will allow the compliance practitioner to be ready to respond if the Department of Justice comes a calling.

=======================================================

My This Week in FCPA colleague Howard Sklar begins a 4 part webinar series on “A Brave New World FCPA and UKBA: Take Steps to protect your organization now” next week. Registration and information is available at http://ht.ly/7ewKI. 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

The Bribery Act and DPAs: Transparency is the Key

The debate now ongoing in the UK about whether Deferred Prosecution Agreements (DPA) should be a tool available to prosecutors in the Serious Fraud Office (SFO) and Crown Prosecutors is an important issue that should be well reasoned and thoroughly vetted. However, from where I sit in the US, I believe that the ability to enter into a DPA is a powerful tool that advances the interests of prosecutors, the judiciary and the public. Based on the reasons I will set out below, I believe that the UK should incorporate such a tool into those mechanisms available to the SFO and Crown Prosecutors to resolve cases brought under the Bribery Act.

The key issues that law makers in the UK must resolve is how to incorporate the concept of a DPA into a system which only allows prosecutors the option of bringing criminal charges or declining to do so coupled with a judiciary system that has unfettered discretion to accept or reject any settlement agreement brought before it. In an article entitled “The US Model for Deferred and Non-Prosecution Agreements” Mike Volkov phrases the question as “For UK policy makers, the balance between judicial review and prosecutorial discretion is one which has to be resolved before any new policy can be enacted.”

The primary reason for both the prosecution and a company which violates the Bribery Act entering into a DPA is certainty. The one thing I learned in almost 20 years of trying cases in the US (civil side only) is that nothing is certain when you leave the final decision to an ultimate trier of fact who is not yourself, whether that trier of fact be a jury, judge or arbitrator. The most important thing for a company is certainty and that is even more paramount when a potential criminal conviction looms over its corporate head. Certainty is equally critical for the prosecution. No matter how ‘slam dunk’ the facts are, or appear to be, once a prosecutor turns over the final decision in a case to another trier of fact; the prosecution has also lost certainty in the final decision. Every corporate defendant which goes to trial can and should raise all procedural and factual defenses available to it. No prosecutor can ever be 100% certain that it will win every court ruling or that a guilty conviction will be upheld on appeal.

However, a DPA can bring certainty. For a company certainty in its rights and obligations, for the prosecution the same is true. The key then is how to achieve this certainty through the judicial process where the judicial system has other interests to protect. These interests include the right of judicial review and protection of the public interest. The key is how to reconcile these competing interests.

One of the suggestions in the Bribery Act debate on this issue is to allow a judicial representative to be a part of the negotiations between companies and prosecutors before a final DPA is agreed to by the parties. The judicial representative could provide guidance on what might be acceptable under a final judicial review when the DPA is submitted to a court for acceptance and Entry of Judge. To forestall any claim of conflict of interest, the reviewing court would be a different judge than the judge who provided the guidance in the pre-court review stage.

However, I would not advocate such an approach for several reasons. I believe that the judiciary has a different role which is to ensure that laws are followed and administered justly and to safeguard that the public interest is represented in any settlement which results in a DPA. For one judicial representative to assist in the crafting of the DPA and another judicial representative to rule upon the DPA demeans from this role. While not enshrined in a written constitution as in the US, there is a distinction between the prosecution, which is a function of the executive branch and the judiciary, which is a function of the judicial branch. While the UK has a different form of democracy than the US, parliamentary vs. representative democracy, the executive and judicial functions remain separate and distinct. Next, no matter how independent the final reviewing judge is, the fact that another judge assisted in fashioning a DPA would factor into any judicial analysis and usually a reviewing judge respects the rulings and decisions of another judge, at least at the trial court level. This respect would most probably continue in the court review of DPAs negotiated with the help of another member of the bench.

Nevertheless, I still argue that DPAs still should play an important role in the resolution of Bribery Act cases. However, I would not urge early judicial involvement but that the key to certainty is transparency. The transparency comes into play in the crafting of the DPA, which should include a full analysis of the penalty to which the parties agreed to in the DPA. Here guidance might be taken from the US Department of Justice’s (DOJ) approach to list out the factors and the attendant scoring in each DPA. This scoring can go up or down depending on many factors which are now discussed in each DPA. Further the underlying factors and scoring are based upon the US Prosecutors Guidelines which are also publicly available.

It is through this transparency that a court can determine if the law, here the Bribery Act, has been fairly or justly administered. A court can then also use this transparency to ensure that the interests of the British public are also properly taken into account. The fact that the Bribery Act is a new law should not prevent a thorough analysis of such factors. The prosecution can simply do what lawyers are trained to do; review the prior law to provide guidance or look at other similar laws for guidance.

I understand the response that a DPA brought before a court under such a scenario that I have listed above is still open to judicial rejection. However, I believe that most courts will follow precedent, if such precedent is used in a well-reasoned manner and presented logically to a court. As for the argument that such an approach may well lead to higher fines or greatly penalties being levied, I would respond that such higher fines or greater penalties should have then been agreed to in the first place.

A DPA can be, and is, a powerful tool in the arsenal to fight bribery and corruption. The US DOJ has used it successfully, I would argue, for many years, to the benefit of the US public. I would also urge that such a tool become available to the SFO and Crown Prosecutors in their fight against bribery and corruption. However, the maintenance of judicial independence is a key component of any democracy. This judicial independence can continue in a manner consistent with the certainty brought by DPAs and court oversight and approval through transparency.

This article originally appeared in thebriberyact.com.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Everything Old is New Again: Alcoa and Olympus

Two articles this week spoke about the continuing struggle companies have with the issue of agents and other third party representatives and the potential liability under the Foreign Corrupt Practices Act (FCPA).  In an article in the Wall Street Journal (WSJ), entitled “Kickback Probe at Alcoa Heats Up”, reporter Dionne Searcey takes a look at the arrest of two figures in the bribery investigation of Alcoa’s activities in Bahrain in connection with the government owned manufacturing company known as Alba. In an article in the New York Times, entitled “Acquisitions at Olympus Scrutinized,” reporter Hiroko Tabuchi reviews “a tale of deals and advisors, with puzzling results.” Both cases present novel twists and turns that, if you told someone the facts, you would be accused of making up both stories.

Alcoa

This case involves allegations that Alcoa overcharged Alba by “hundreds of millions of dollars” for purchases of alumina. Alcoa and its representative, Victor Dahdaleh then paid kickbacks to the former Alba Chief Executive, Bruce Hall. Both Hall and Dahdaleh were arrested over the past two weeks. One of the more interesting facts about this matter is that it was brought to light in 2008, when Alba filed a lawsuit in federal district court in Pennsylvania, the corporate home of Alcoa.

According to the FCPA Professor Alba alleged in the lawsuit, “that Alcoa and its employees or agents (1) illegally bribed officials of the government of Bahrain and (or) officers of Alba in order to force Alba to purchase alumina at excessively high prices, (2) illegally bribed officials of the government of Bahrain and (or) officers of Alba and issued threats in order to pressure Alba to enter into an agreement by which Alcoa would purchase an equity interest in Alba, and (3) assigned portions of existing supply contracts between Alcoa and Alba for the sole purpose of facilitating alleged bribes and unlawful commissions. As reported by the FCPA Blog, “Just weeks after Alba sued Alcoa, the U.S. Justice Department intervened in the case” and asked for a stay to investigate “possible criminal violations of the FCPA and other laws by Alcoa and its executives and agent.” The trial court granted the stay.

The WSJ article provided further information on the alleged actions of Dahdaleh. Searcey reported that he “set up a company that acted as an intermediary for Alcoa, a move that officials at the metals company supported”. Further Dahdaleh’s company “used Alcoa’s logo on its letterhead in communications with Alba”. Although Alcoa had a commercial relationship directly with Alba, at some point Dahdaleh’s company acceded to this business relationship.

Olympus

This case may join News Corp as yet another case that keeps on giving. It is not often (as in never) that a former Chief Executive Officer (CEO) claims he was fired for being a whistleblower. However, on October 14, 2011 Olympus Chairman, Tsuyoshi Kikukawa, dismissed the former head of the company, the Briton Michael C. Woodford, citing cultural differences in management styles. However, Mr. Woodford later said he had been fired after raising questions about a series of acquisitions made by Olympus at what he said were inexplicably high prices or involving disproportionately pricey advisory fees. Woodford later provided documents to the Serious Fraud Office (SFO) and is reported to be to meeting with the US Federal Bureau of Investigation (FBI).

As reported earlier in Dealb%k, in an article entitled “2 Japanese Bankers at Heart of Olympus Fee Inquiry”, reporter Ben Protess said that two persons, Hajime Sagawa and Akio Nakagawa, were alleged to have received $687 million payout by Olympus for advising Olympus on the 2008 takeover of a British company, the Gyrus Group. The money went to a “tiny unknown firm run by Mr. Sagawa and Mr. Nakagawa…the bulk of the fee later went to a Cayman Islands company that also had ties to at least one of the men.”

Dealb%k said the fee in question was over 30 times the norm on Wall Street for such transactional advice. After the “deal closed and the fees were paid, both firms closed up shop.” Dealb%k, citing securities lawyers and corporate governance experts, said that “federal authorities will probably examine whether the steep fees point to deeper ties between Olympus and the bankers, or even kickbacks to Olympus officials involved in the deal.”

Lessons Learned

Both matters provide clear lessons for the compliance practitioner.

• Detection. If there were ever two cases that screamed out for Paul McNulty’s maxim No. 2 “What did you do to detect it”, these were the poster children. From Alcoa, it is clear that your company must absolutely, positively have the right to audit your agent AND then exercise that right. If Alba’s federal court suit allegations are anywhere close to hitting the mark, an audit would have picked this up.

From the Olympus matter, if any of your company’s agent sends its money to the Cayman Islands or Jersey, for example, do not walk but charter a plane and get there as fast as you can to audit the agent’s books and records.

• Due Diligence, Due Diligence and then more Due Diligence. What was the size of these agents companies? Dahdaleh formed a company to act as Alcoa’s agent for sales to Alba. Sagawa and Nakagawa were characterized as a “tiny, unknown firm”. Do you think this would have turned up in any credible due diligence investigation on either of these agents or their companies? I would say absolutely.
• Amount of Commission. Any agent who receives a commission which ranges in the neighborhood of more than 30 times the norm for such transactions is receiving way too much money for whatever services he or she is rendering. The Department of Justice is beginning to look at  any commission amount because any commission so far out of line can provide money which can be used to pay a bribe or kickback.

•  Agent Oversight. Lastly, where were Alcoa and Olympus in managing these agent relationships? Any best practice should include an Oversight Committee to review agent commission rates and payments.
•  CEOs and Whistleblowers. And finally, it is never a good thing to fire your CEO because he wants to blow the whistle on potentially criminal conduct and then say it is due to ‘cultural differences”. Strike that—it is never a good thing to fire your CEO because he wants to blow the whistle on potentially criminal conduct—period.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Tommy Can You Hear Me: Can the FCPA Be a Trigger for Civil Unfair Competition?

I was lucky to see Roger Daltrey perform the rock opera Tommy this past weekend. For those of you who do not know the story line, it is about a boy who becomes deaf, dumb and blind due to a trauma but later regains all three senses, largely through looking into a mirror. I thought about the metaphor of looking into a mirror but seeing something different while reading an article in the most recent issue of the ABA Business Torts Litigation Section Newsletter, entitled “Use of the FCPA in State-Law Unfair Competition Cases”, Edward Little, Jr. explores the question of whether the Foreign Corrupt Practices Act (FCPA) can serve as the basis for a predicate act for civil liability under state unfair competition laws. He makes a powerful case that such lawsuits may be the next frontier for FCPA cases.

Little begins with a background review of the FCPA and then moves to cases currently en vogue which use a FCPA violation as a trigger to prove a violation of additional civil relief under other state or federal laws. He notes the prime example is currently shareholder derivative actions where shareholders are essentially “standing in the shoes of the company and alleging that the directors harmed the company by engaging themselves in FCPA violations or failing to take steps to prevent violations by subordinates.” Although settled after Little’s article was published, the most recent prime example of this phenomenon was the settlement of the SciClone Pharmaceutical case, which was announced last week.

Little next noted that the violation of the FCPA may provide a basis for civil liability under federal or state anti-trust laws, “especially when it is proved that the foreign bribery had an anti-competitive effect within the United States.” Little pointed to the example of two Phillip Morris subsidiaries which bribed officials in several South American countries “to obtain price controls on tobacco.” There was also a recent FCPA/anti-trust enforcement action against Bridgestone which may provide such a trigger.

Little turned to state unfair competition laws which, if based on the Revised Uniform Deceptive Trade Practices Act, can “provide severe penalties for violations of federal and state laws when committed in trade or commerce.” These penalties can include treble damages and attorneys’ fees. He pointed to a currently pending litigation matter styled “Newmarket Corp. v. Innospec, Inc. Civil Action No. 10-503-HEH (E.D Va.)” in which Newmarket has brought claims under the Sherman Act, the Robinson-Patman Act and the state of Virginia Business Conspiracy Act. This state law makes illegal “combinations of two or more persons for the purpose of willfully and maliciously injuring another in his…business…”

Little concludes his article by stating that since the FCPA does not provide a private right of action, companies damaged by conduct made illegal under the FCPA “will likely turn to state law remedies” to seek redress. This can be especially so where the recalcitrant party admits to guilt and obtains a Deferred Prosecution Agreement (DPA). He ends by stating that “plaintiffs have a strong incentive to argue that the bribery of foreign officials has harmed them domestically and [such conduct] constitutes unfair competition that broad state statutes were designed to prevent.”

Most states have some type of law which broadly declares that “unfair methods of competition are…unlawful.” If a company admits to guilt under the FCPA the facts of liability are laid out in the DPA. There is some discussion of the amount of bribes paid, usually referencing both the monetary value of the contract or other business obtained through the conduct, which laid the predicate for the FCPA violation. Lastly, there is often a specific amount of money identified as profit disgorgement that is remitted to the government. Doesn’t this sound something like “Did the defendant engage in illegal conduct which impacted the plaintiff?” and “If so, what are the plaintiff’s damages?”

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Back to the Future – A Review of Opinion Release 04-02

One of the complaints made about the Department of Justice (DOJ) is that companies are not made aware of the requirements of a best practices compliance program. However, since the summer of 2010, the DOJ has appended to each Deferred Prosecution Agreement (DPA) released an ‘Attachment C’ which lists and provides detail about is current thinking on what it believes to be a minimum best practices compliance program.

Additionally since at least 2004, the DOJ has provided very public guidance on what should compose a best practices compliance program. In Opinion Release 04-02, the DOJ reviewed the proposal by an investment group which was acquiring certain companies and assets from ABB Ltd. Certain assets being acquired by the investment group, ABB Vetco Gray Inc. and ABB Vetco Gray (UK) Ltd., had previously pled guilty to violations of the Foreign Corrupt Practices Act (FCPA).

The investment group desired to protect itself from further liability, to the extent possible, by proposing to the DOJ a comprehensive best practices compliance program. While the DOJ noted that this compliance program was not a shield against future violations, the DOJ would not “intend to take an enforcement action [against the investors] for violations of the FCPA prior to their acquisition from ABB.”

I recently read the components set out in Opinion Release 04-02 and compared then with the recent DPA Attachment C, best practices. I have put together the following chart to compare them.

04-02 Requirement	13    Point Minimum Best Practices
Clearly articulated policy of standards and procedures against violations of FCPA	1. Code of Conduct. To ensure against FCPA violations
B. Assignment of one or more corporate officials to report to the Compliance Committee of the Board of Directors	6. Senior Management Oversight and Reporting. Assignment of one or more senior corporate executives for implementation & oversight of compliance program and they shall report to Board of Directors.
C. Effective communications to shareholders (Private Equity owners) of FCPA training and annual certifications.	8. Training. A company shall effectively communicate compliance program through training and annual certifications.
D. Hotline reporting system to report suspected violations.	9(b)-internal and confidential reporting system.
E. Appropriate disciplinary procedures for violations of FCPA or compliance policy.	10. Discipline. A company shall institute appropriate disciplinary procedures to address violations compliance policy or ant-corruption laws.
F. Procedures to ensure company forms business relationships with reputable and qualified business partners.	No equivalent
G. Extensive pre-retention due diligence and post-retention oversight of agents and business partners; maintenance of complete files thereon	11(a) Properly documented risk-based due diligence and regular oversight of agents and business partners.
H. Clearly articulated procedures which ensure that discretionary authority is not delegated to persons who the company knows have a propensity to engage in illegal or improper activities.	No equivalent
I. A management review committee to monitor agents	No equivalent
J. Inclusion of compliance terms and conditions in all agent contracts.	12. Compliance terms and conditions which should be included in every agent agreement
K. Financial and accounting procedures designed to ensure that accurate books and records are maintained.	7. Internal controls including financial and accounting procedures which should ensure that the company has accurate and fair books and records, which cannot be used for or conceal bribery.
L. Independent audits by outside counsel and auditors at no longer than 3 year intervals to ensure effective compliance program implementation.	5. Annual Reviews. No less than annually, a company should review and update as appropriate to ensure continued compliance program effectiveness. 12. Ongoing Assessment. Period review and testing of compliance program to evaluate it and improve the program’s effectiveness.

This comparison demonstrates the substantive policies that the DOJ has consistently advocated, since at least 2004. The items which do not have any current equivalents under recent best practices have to do with the FCPA violations of the ABB Vetco Gray entities which the investment group was acquiring. Nevertheless, they are still good suggestions to follow in your company’s compliance program. It is a good idea to review the source material that is available to you. Sometimes to know where to go, you have to know where you have been.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Against An FCPA Compliance Defense

Ed. Note-I had attempted to write a piece on this subject for some time. However, I after I saw this posting lasting week by Howard Sklar in his column in Forbes.com, I found this piece much better than I could have ever articulated my thoughts so I have abandoned my efforts. With Howard’s permission, I reprint his posting entitled “Against an FCPA Compliance Defense” posted October 18, 2011, in full. 

There has been a serious push lately to amend the FCPA to include a compliance defense.  A compliance defense, according to the Chamber of Commerce’s Institute for Legal Reform (a chief proponent of FCPA reform), would allow companies to avoid liability “if the individual employees or agents had circumvented compliance measures that were otherwise reasonable in identifying and preventing such violations” (from the Institute’s publication “Restoring Balance: Proposed Amendments to the Foreign Corrupt Practices Act“).  A compliance defense is allegedly needed because “a company can now be held liable for violations committed by rogue employees, agents or subsidiaries even if the company has a state-of-the-art FCPA compliance program.”  This past summer, the House Judiciary Committee held a hearing (watch the video orread the transcript) to discuss FCPA enforcement and the amendments suggested by the Chamber of Commerce.  The “rogue employee” quote comes from the testimony of Hon. Michael Mukasey, former Attorney General of the United States, at that hearing. Concerns about a rogue employee aside, I am against an FCPA compliance defense.

I believe a compliance defense would not in fact be effective in giving companies the additional clarity or comfort in the design or implementation of their anti-corruption compliance program that Attorney General Mukasey advocates.  I also believe that a compliance defense could lead to unintended and adverse consequences that could seriously degrade the effectiveness of anti-corruption programs, and perversely lead to more risk and less effective risk mitigation.

I can see the appeal, however.  First, the UK Bribery Act has a purported compliance defense (as does the Italian anti-bribery law).  Second, corporations feel, rightly or wrongly, that their efforts at compliance don’t generate the benefit with the Department that they deserve.  As a consequence of this perceived lack of return on investment, corporations might feel an aversion to deep investigations of misconduct:

The system now in place has conflicting incentives.  On the one hand, an effective compliance program can hold out a qualified promise of indeterminate benefit should a violation occur and be disclosed.  On the other hand, if all that can be achieved is a qualified and indeterminate benefit, there is a perverse incentive not to be too aggressive lest wrongdoing be discovered, and there is a resulting tendency of standards to sink to the level of the lowest common denominator, or at best something that is only a slight improvement over it.  This Catch-22 policy doesn’t really serve anyone’s interest. (Mukasey’s written statement).

In his written testimony, Mukasey also emphasizes that the Department has taken other steps to induce and provide positive reinforcement to efforts to develop and implement an effective compliance program.  He writes, “[t]he absence of a compliance defense tells corporate America, in effect, no compliance effort can be good enough—even if you did everything we required, we still retain the right to prosecute purely as a matter of our discretion.”  I respectfully disagree.  It’s not that “no compliance effort is good enough.”  Corporations regularly get significant credit for having effective programs.  Corporations even get credit for promising to implement more effective ones (Alcatel and Johnson & Johnson come to mind).

Credit for good compliance is, in fact, mandated by the DOJ’s own prosecution guidelines.  The “Principles of Federal Prosecution of Business Organizations,” the Department of Justice’s official policy on what they consider when instigating a prosecution of a company, includes a requirement that prosecutors consider “the existence and effectiveness of the corporation’s pre-existing compliance program.”  Mukasey is correct that the Department’s actions underscore the importance of effective compliance.  In fact, the Department goes so far as to describe—in detail—exactly what they want companies to implement.  In each of the recent Deferred Prosecution Agreements, there is an appendix (colloquially referred to as “Schedule C,” after it’s place in the overall DPA) that lays out twelve elements to an effective compliance program.  More important than even Schedule C, however, is the information that trickles out of the DOJ on cases they decline to prosecute.  One element that is common among declinations is the existence of a robust compliance program.

A reasonable question follows from this discussion: if the Department places such emphasis on compliance, and everyone agrees that a company that does its utmost should get credit, up to getting a pass on prosecution, what does it hurt to embody that in legislation?

At best, in my opinion, making compliance an affirmative defense is useless.  Companies cannot and will not raise affirmative defenses.  The reason for this is simple: for a company to raise an affirmative defense, it has to actively defend itself in an FCPA litigation.  Corporations cannot afford to fight these cases through to the stage where an affirmative defense becomes relevant.  Doug Bain, the former General Counsel of Boeing, put it best when describing the effect on Boeing if it were to be indicted:

So what’s the impact if we get indicted or convicted?

Besides the normal fines and that kind of stuff, there’s a presumed denial of export licenses, and that would be both on the commercial and the government side. In a moment, I’ll give you an idea of why we are concerned about that one.

We can get re-suspended or all of IDS (Integrated Defense Systems) can be debarred.

We can lose our security clearances.

And one nasty little thing is that the Bureau of Alcohol, Tobacco and Firearms, which has an almost explicit prohibition on possessing explosives. For those of you who are at BCA [Boeing Commercial Airplanes], you might remember that every single door on an airplane has actuators that are triggered by explosives.

[Read the whole speech; it’s worth the time.]

Even if a company wins eventually, oftentimes the damage is done: see, e.g., Arthur Andersen.

A company, therefore, cannot rely on a defense that requires it to fight.  What companies are left with is an argument to the Department during negotiation that “if we were to fight the case, we could rely on the affirmative defense.”  Why a company would rather make that kind of aggressive argument over a more cooperative, “look at our wonderful compliance program,” I don’t know.  In either case, it’s up to the Department to decide how much weight to give the compliance program.  Plus, legislating the defense would allow the Department, at its discretion, to ignore the compliance program during negotiations, and in fact use the defense as a sword.  “If you think your program is so great, raise that as an affirmative defense,” knowing that it’s not a realistic possibility for companies.  I believe the Department is reasonable, and wouldn’t invoke that often, but there are contentious negotiations and situations where the Department has lost confidence in the company’s forthrightness, and I could imagine the Department taking a harder stance.  Plus, there’s no way that legislation would be completely prescriptive.  Even in the Chamber of Commerce’s own formulation, the company’s program would have to be “reasonable” in its design.  Who would decide what’s “reasonable?”  The Department would; and we’re back to “who’s on first?”

Even worse than weakening a company’s bargaining position with the Department, the affirmative defense could give companies a false sense of security that, combined with other recent regulations, can seriously degrade internal risk management.

A company’s decision to self-disclose takes numerous factors into account: factual, contextual, and political.  Most corporate internal investigations—the vast majority—never see the light of day.  Companies receive allegations through some internal channel (or external channel that doesn’t bring the matter to a regulator’s attention), investigate the case internally, and either find no substantiation, or discover real issues but then institute mitigation actions and call it a day.  It’s difficult to describe the level of resistance internally to making a self-disclosure to the Department that’s truly voluntary.  Getting a call from a reporter asking for comment, and then calling the Department isn’t what I’d call “truly voluntary.”  Making a truly voluntary disclosure is a Herculean task.  First, your anti-corruption compliance officer needs to convince the Chief Compliance Officer.  Then the CCO needs to convince the General Counsel.  Then the decision goes to senior business management and the Board of Directors.  Everyone knows that it’s a disclosable event.  And so everyone is looking for an excuse not to disclose (one person I know called it “putting six bullets in a six-shooter and pointing it at your leg.”  Inevitable, inescapable pain follows).  Even in today’s world, the task is near impossible.  An affirmative defense would give an additional excuse not to disclose.  “Sure, it might be a violation,” the argument goes, “but we can rely on our effective compliance program as an affirmative defense.”  And yet often the business’ evaluation of effectiveness and the Department’s is, to put it gently, at odds.  Compliance is a cost center into which companies regularly underinvest.

Further, no compliance officer would ever say that a program is fully “effective.”  It would eviscerate, for all time, any attempt to enhance the program.  Or at least to enhance it in a way that actually costs money.  So there would be documents out there that talk about areas in which the program is not fully effective.  The Department would look at those documents and could use them as leverage to deny the company any benefit for their program.  Nor would any outside counsel—even the ones I like—ever certify a compliance program as “effective” without a huge number of caveats that would make the “certification” all but meaningless.

The other huge loss is that the company would get no benefit for efforts to enhance the program.  Remember, Alcatel got a huge benefit for its promise to stop using third-party agents.  Where would that fit in?  Ah, you say, but the Department would still take that into account.  Really, who says?  As I said before, once the effect of an effective compliance program is defined by statute, the Department can rely on that definition also.  The Principles of Prosecuting Business Organizations was made by the Department, and it can be altered by the Department.  And is subject itself to a pre-emption argument.  Or even less: an argument that the legislative branch has defined what “taking into account” means, and that it’s fulfilled by considering the affirmative defense.  And aren’t we then back to exactly what the Chamber now is saying is insufficient?

But who’s to say that the Department would get their hands on the document saying the program isn’t fully effective?  Please welcome to the conversation Sen. Dodd and Congressman Frank.  The Dodd-Frank Act’s whistleblower provisions, more than anything else they do, throw the self-disclosure calculus I was discussing earlier into mathematical discombobulation.  The SEC is already seeing 1-2 legitimate complaints every day through the Whistleblower Office.  And practitioners are seeing whistleblowers coming into the SEC with multiple inches of documents.  Companies can no longer afford the false confidence they had that investigations, once closed, would stay closed.  Remember, conducting a thorough investigation takes time, but the whistleblower has 120 days in which to report the misconduct to the SEC.  That’s too short a window to conduct a real investigation.

So now where are we?  We have a company whose own internal documents say their program isn’t fully effective, conducting a slipshod investigation, in complete denial about the chances of their investigation becoming public, and making disclosure decisions based on an affirmative defense that (a) they can’t actually use; (b) the Department knows they can’t actually use; and (c) doesn’t give them credit for the work that they’re doing to improve.

How is that better, exactly?

Nor do I give any weight to the fact that the UK Bribery Act has a compliance defense.  The UK Act’s defense of “adequate procedures” is designed to address a type of liability we don’t have here: strict liability for corporations.  A corporation can avoid liability for “failure to prevent bribery”—a section with no scienter requirement—by showing the presence of an effective program.  [n.b. I don’t know why people say that “failure by a corporation to prevent bribery” is a strict liability offense, then in the next breath talk about the defense to that very offense: perhaps they’re unclear on the definition of “strict liability”].  Corporate liability in the US is based on concepts ofrespondeat superior.  An employee acting for the corporation’s benefit can bring liability to the corporation.  But the vast majority of cases involving corporate criminal liability include knowledge and active participation by senior management.  We simply don’t see, for the most part, situations where criminal liability attaches to someone without knowledge.  At least not in the FCPA context.  This inconsistency with the knowledge requirement is the first argument made by the Open Society Foundations in their excellent rebuttal to the Chamber’s white paper.  (And although Mike Koehler takes them to taskfor failure to distinguish between respondeat superior and the third-party payment know-or-should-have-known scienter requirements, I don’t think that invalidates the rest of their argument like Prof. Koehler does.)

I could actually more see a compliance defense added to the books-and-records provisions enforced by the SEC.  It’s more analogous to the UK Bribery Act’s defense, and there is no knowledge requirement for violations of the books-and-records provisions.  But there’s also no criminal liability without that knowledge.  Perhaps it’s theoretically possible, but it just doesn’t happen, and the Department has better things to do with its limited resources.

I see the appeal of a compliance defense, but I just don’t think people have thought through the collateral consequences, the real-world consequences of what it would mean internally for corporations and for their relationship with the Department.

This article was originally posted in Forbes.com.

————————————————————————————————–

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. 

Around the World for Your Compliance Program

In the October issue of the Harvard Business Journal, in an article entitled “How ‘Mystery Shopping’ Helped Spark a Turnaround”, Office Depot’s President Kevin Miller wrote about his experiences as a ‘mystery shopper’. He began this tour to determine if the high customer satisfaction scores the Office Depot was achieving were correct. To do so Miller toured 70 Office Depot stores in over 15 states as a ‘mystery shopper’. It turned out that customers did have high satisfaction over the products and services that they were asked to rate, however, this high satisfaction did not drive sales. It turned out that Office Depot was measuring the wrong things. Miller then began to assess what customers needed and turned that information into sales.

The recent Watts Water Technologies settlement with the Securities and Exchange Commission (SEC) regarding internal controls violation of the Foreign Corrupt Practices Act (FCPA) of a subsidiary in China was a reaction to the background facts. One of the things that struck me was how the allegations of FCPA violations initially came to the attention of the General Counsel during the course of FCPA training for senior members of the Chinese subsidiary. Watts’ “corporate counsel became aware of potential FCPA violations at [the Chinese subsidiary] through conversations with…sales personnel who were participating in the training.” This point reinforced to me one of the most important things that a compliance practitioner can do, which is get out into the field.

I have often heard my colleague Mary Shaddock Jones, former Assistant General Counsel and Director of Compliance for Global Industries (GI), speak about her experiences in traveling across the world to train the third party business representatives of GI. She often talks about the personal relationships she was able to build with both the people and companies because she took the time, effort and money to come to their area of the world and put on training. But she also speaks of the questions, observations and ideas that these parties would give to her. It also allowed her to have an ‘ear on the ground’ as a front line member of GI’s compliance department.

The same holds true for employees who receive compliance training. When I was in the Halliburton Legal Department, one of my assignments was to travel overseas to put on contract training. At every training session, which was announced well in advance, employees would bring to me questions, comments or concerns that they had been saving up and did not ask over the phone or via email, for whatever reason. Such queries might be asked over lunch, dinner, or some other more relaxed social setting before or after the formal training. This taught, and continues to drive home to, me that lawyers and compliance department members need to get out of the office and out into the field.

While web-based compliance training certainly has its function in a multi-national corporation with thousands of employees, it cannot and does not take the place of live, in-person training. The Legal Department of Watts Water Technologies learned the value of this lesson first hand. If certain of the employees who received the compliance training had not spoken to the Legal representative of their concerns, the company might not have started down the path which led to a civil penalty only for FCPA violations.

Near the end of his article, the President of Office Depot stated, “I still try to visit stores as frequently as possible. It’s really the only way to know how your business is doing.” The same is true for the Compliance Department. You can take all the metrics you like, but you have to get out into the field to understand what is truly going on in your company. You need not traverse the world in 80 days but you do need to get out and meet folks. An additional point might be [with apologies to Tip O’Neill] “All compliance is (mostly) local.”

————————————————————————————————–

I have been honored to be nominated as one of the Top 25 Business Blogs of 2011 by LexisNexis. If you would like to support my nomination, please comment on the announcement post on our Corporate & Securities Community

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Watts Water: Don’t Get Caught on the (FCPA) Slow Boat to China

Last week, the Securities and Exchange Commission (SEC) instituted a Cease and Desist Order again Watts Water Technologies, Inc. (WWT) and one of its employees, Leesen Chang (Chang). The Order was to obtain certain civil penalties and fines for conduct of WWT and Chang concerning violations of the books and records and internal control provisions of the Foreign Corrupt Practices Act (FCPA) for its China operations. As noted by the FCPA Professor, “The Watts enforcement action is yet another example of an FCPA enforcement action focused on Chinese Design Institutes.” WWT paid a fine of $200,000, agreed to disgorge profits of $2,755,815 and paid prejudgment interest of $820,791. Chang paid a fine of $25,000.

The violations revolved around the WWT China subsidiary, Watts Valve (Changsha) Co., Ltd. (CWV) which did business in China and purchased another Chinese company Changsha Valve in April 2006. This Chinese company was consolidated in CWV. In 2010, WWT sold CWV to a Hong Kong entity. Chang was the Vice President (VP) for sales of CWT from 2006-2009.

The Violations

There were two forms of bribery set forth in the Cease and Desist Order. First CWV made payments directly to employees of a Chinese Design Institute. According to the FCPA Professor, Chinese Design Institutes are “typically state-owned enterprises that provided design engineering and technical integration services that can influence contract awards by end-user state-owned customers.” These direct payments were made to influence design institutes to recommend CWV be awarded the sale of products for Chinese state enterprises. The second form of bribery was that CWV paid “sales-related expenses such as travel, meals, entertainment” of the Chinese Design Institute. Lastly, CWV employees made direct payments to Chinese Design Institute for sales made by CWV.

These payments for such sales-related expenses were made by CWV employees out of their sales commissions and hidden on the CWV books and records as employee expenses. The commissions paid directly to the Chinese Design Institute for sales made by CWV employees were also hidden on the books and records of CWV as its employees commissions. Chang knew about these payments and attempted to block the US Company, WWT, from discovering them or correcting the false entries into CWV books and records.

Discovery and Remedial Measures

The discovery of the above issues began with the WWT General Counsel (GC) becoming aware of an enforcement action against another company for unlawful payments to a Chinese Design Institute. This led to FCPA training for certain CWV management who disclosed some of the above information. WWT instituted an internal investigation and self-disclosed to the SEC.

The Cease and Desist Order listed several remedial measures taken by  WWT, one of which included changing the incentive based compensation. There was also the creation of an enhanced compliance program including policies and procedures, specifically including a Travel and Entertainment Expense Reimbursement Policy for the company’s Chinese subsidiaries. Additionally there were enhanced due diligence procedures for foreign business partners. WWT conducted a thorough world-wide FCPA anti-corruption audit. Lastly, it was noted that WWT hired a Director of Legal Compliance to head up the company’s compliance efforts going forward.

Lessons Learned

• The primary lesson learned in this enforcement actions is that it does not matter how much of a company’s revenue a subsidiary may represent, a FCPA violation is a FCPA violation. Here it was specifically noted in the Cease and Desist Order that the Chinese subsidiary’s revenues were “approximately 1% of Watts gross revenues.” A very expensive lesson indeed.
• The second lesson is that if a VP of Sales, in any region, resists translating company expense accounts into English, do not run but sprint to those areas, with all possible haste, to secure the records because that VP is most probably hiding something that can you get in big, big trouble.
• Next is that a company must use several varied resources to continually assess and re-assess its risk profile. The actions which led to the WWT investigation began because the GC saw that another company was involved in an enforcement action involving a Chinese Design Institute. This is not something traditionally listed as an area to be assessed. However, if a competitor is involved in an enforcement action or a company that is using a sales model very similar to that used by your company, you should re-assess the risk to your company accordingly.
• The final lesson I would suggest is the absolute necessity of in-person training for high risk employees or those company employees in high risk countries. It was through the in-person FCPA training that the WWT learned about the violative conduct. If this training had been video or web-based such disclosure may never have happened.

The Watts Water enforcement action provides concrete information for the compliance practitioner to review and re-assess your compliance program and risk profile to determine if your company has any risks which you are not currently seeing.

For a copy of the SEC Cease and Desist Order, click here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Wolfsberg Anti-Corruption Guidance

In a recently released White Paper by the Wolfsberg Group, entitled “Wolfsberg Anti-Corruption Guidance”, a group of internal banks, together with Transparency Internal and the Basel Institute on Governance, issued guidance on anti-corruption and anti-bribery procedures which financial institutions should institute to ensure that their employees “adhere to high standards of integrity.” The White Paper is designed to provide banks and other financial institutions with a process and procedure which they can follow which will create a “best practices” anti-corruption and anti-bribery compliance program. However, the White Paper is also designed to prevent “misuse of financial institutions” and take a “multi-party approach to combating corruption.” This last statement may portend a greater involvement by financial institutions in evaluating a company’s anti-bribery and anti-corruption program. Finally, the Wolfsberg Group White Paper lays out excellent principles outlining the general parameters of a best practices compliance program which any non-financial institution may draw upon to create or enhance its own compliance program.

The Wolfsberg Guidance provides the full component of a minimum anti-corruption and anti-bribery program. Such a program should include the following.

• The program should be developed by senior management and endorsed by the Board of Directors.
• A written policy and procedures which should address commercial and public corruption and bribery. It should include both actual bribery and offers of bribery.
• A clear delineation of the risks associated with public officials including a definition of ‘public officials’ which meets international standards.
• Internal communication of the full compliance program to all appropriate employees and to relevant third parties.
• Roles and responsibilities should be allocated to persons senior in the organization to ensure implementation.
• An independent unit within the company, such as compliance, legal or other department should be charged with providing day-to-day resources on the compliance program to all employees and third parties who may seek assistance.
• A firm commitment to the compliance program should be publicly communicated.

The White Paper notes that the overall compliance program framework should be informed by a Risk Assessment. However, more than simply an initial risk assessment should be performed. A financial institution should regularly re-assess their internal corruption and bribery risks in connection their client risk. This means, for a non-financial institution, such a re-assessment should also be performed to evaluate ongoing and new geographic risks, transactional risks, third party risks, along with any new laws, regulations or new best practices should also be evaluated.

The White Paper recognizes that third parties pose a serious risk for corruption and bribery. Therefore, an appropriate level of due diligence should be performed prior to retaining such entities. However, ongoing monitoring should also be performed, which should include transactional monitoring and management, remuneration monitoring and, finally, monitoring of the third parties’ activities and expenses. This third party monitoring should extend to vendors in the procurement process and joint ventures principal investments and acquisitions.

The White Paper states that accurate policies and procedures should be maintained for political contributions and charitable donations. These should include pre-approval for such activities and full transparency with such contributions and donations are made. One of the key factors is to avoid the appearance of impropriety and to mitigate any risk of conflict of interest.

The White Paper makes it clear that a key component of any compliance program is clear procedures for gifts, entertainment and travel. Recognizing that financial institutions operate in an atmosphere where a wide variety of business entertainment is routinely offered, the White Paper emphasizes that business hospitality should take into account the recipient’s role and responsibility but most importantly be proportional. Further, when a governmental official is involved, there must be an accounting for the “applicable laws and regulations to which the public official is subject, but domestically and those which have an extra-territorial reach.” When such arrangements involve road shows or other events occurring over several days, “it behooves financial institutions to ensure that they have clear contractual arrangements with their clients and any third parties participating in the road show” [for payment arrangements]. Lastly, a clear escalation procedure should be created, delineated and communicated to relevant employees before certain gifts, entertainment or travel can be offered.

The White Paper states that financial institutions should establish a whistleblowing system, as an integral part of a compliance program. The system should be fully confidential, where legal. All whistleblower reports should be “diligently acknowledged, recorded, screened” and investigated.

All of the components of a compliance program should be communicated “effectively both internally and to appropriate third parties.” Obviously this starts with “Tone at the Top” with messages from senior management, including the Board of Directors. Substantively, the White Paper suggests that training should also include reference to applicable internal policies and procedures, present potential scenarios that may arise and a clear explanation of employees’ duties under applicable laws, regulations and the compliance program.

The White Paper suggests that a rigorous system of internal controls be implemented to serve as the “four eyes principle” of monitoring and surveillance. Monitoring should be ongoing as business circumstances change. Such monitoring should not include institution employees only but also third parties, where appropriate. Post transaction monitoring is appropriate to assess adherence to internal processes and procedures. Lastly, there should be a general prohibition against cash payments.

The White Paper identifies compliance terms and conditions with third parties as one of the mechanisms to manage risk, going forward. Generally speaking a contract should not be entered into unless an appropriate level of due diligence is performed; thereafter, key stakeholders should be queried to determine if the risk profile is acceptable to them. Only then should such a contractual arrangement be entered into with robust compliance terms and conditions.

The Wolfsberg Group White Paper is an important addition to the compliance world of thought leadership on what should constitute a minimum best practices compliance program. While it focuses on bank and other financial institutions, it cannot help but be adapted as a guide for all other businesses. For such non-banks, it can also be used as a checklist that companies can used when presenting their compliance programs to banks or other financial institutions during the loan or refinancing process. This final point may be its most useful in the long run.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Who Ya Gonna Call?

Ed. Note-today we have a guest post from our colleague Russ Berland.

The Dodd-Frank whistleblower law enables the SEC to pay out between 10 percent and 30 percent of any recovery from a violation of a securities law to a whistleblower.  Under Dodd-Frank, a whistleblower is an eligible person who provides original information or original analysis to the SEC about a violation of federal securities laws that leads to a successful enforcement action with monetary sanctions of at least $1,000,000.  As you can imagine, there are a lot of “magic words” in this definition that courts will be sorting out for a long time.  The law also provides substantial protections for whistleblowers, including reinstatement, double back wages, attorneys fees and litigation costs.  But it is still early in the common law life of the Dodd-Frank whistleblower law and rules.  The final regulations became effective on August 12, 2011, and we are just now beginning to see case law interpreting its requirements.

One of the first issues to surface is retaliation for whistleblowing.  What if a person clearly experiences retaliation, but may not fit the legal definition of a whistleblower?   Imagine this situation:

An employee of a company discovers that the CEO is embezzling funds from the company by paying money to a firm that is solely owned by the CEO.  This employee reports his findings to the company’s president, who in turn reports it to the company’s independent directors.  The independent directors hire a prestigious law firm to investigate the alleged embezzlement. The attorneys discover that the CEO was in fact embezzling money through his solely owned vendor.  Later, the CEO stages a coup to override the independent directors.  Instead of losing his own job, the CEO fires the employee and denies severance.

In this scenario, is the fired employee — who blew the whistle on his CEO and later experienced retaliation — a whistleblower under Dodd-Frank?   One court has said “No.”  Patrick Egan sued Tradingscreen, Inc. (10-cv-08202-LBS S.D.N.Y. Sept 12, 2011) and alleged this set of facts.  But when the U.S. Court for the Southern District of New York was presented with his complaint, they said that even if everything Egan said in his complaint was taken to be true, he still could not sue as a whistleblower under Dodd-Frank.

What had he done wrong?  What was his fatal flaw?  According to the Court, his mistake was that he had not reported his concerns directly to the SEC.  That was it.  Even if Egan had reported this to his management and the independent directors, believing that they would have to disclose it to the SEC, that was not enough.  Even if Egan had cooperated with the prestigious law firm in its investigation of the CEO, believing that they would have worked with the independent directors in reporting it to the SEC, that was not enough.  Even if the media became aware of the issues and through them, ultimately the SEC became aware of Egan’s concerns, that is not enough (but that’s another case –  Tides v. Boeing Co., 644 F.3d 809, 815 (9^th Cir. 2011)).  Mr. Egan had to report directly to the SEC or hire a lawyer to go to them on his behalf.  When Egan could not say in his complaint that he had called the SEC, he was done: no lawsuit, no reinstatement, no double back wages, no litigation costs and no attorneys fees.

So the lesson here is simple.  If a whistleblower wants to be a “real” whistleblower under Dodd-Frank, they have to call somebody, specifically the SEC.  And in these Internet-friendly days, the SEC even has a website that Mr. Egan could use to easily file his whistleblower report with the SEC if he ever finds himself in this situation again.

Russ Berland is Of Counsel at the law firm of Stinson Morrison Hecker LLP and can be reached at via phone at 816.691.3180 and via email at rberland@stinson.com. 

————————————————————————————————–

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication.