FCPA Compliance and Ethics Blog

January 17, 2012

Sustaining Your FCPA Compliance Program: Six Key Principles

As compliance programs mature within an organization, one of the ongoing challenges is continuing to sustain the momentum of the program. I found some guidance in an article in the winter 2012 issue of the MIT Sloan Management Review, entitled, “Six Principles of Effective Global Talent Management” co-authored by the following group of researchers, Gunter Stahl, Ingmar Bjorkman, Elaine Farndale, Shad Morris, Jaap Paauwe, Philip Stiles, Jonathan Trevor and Patrick Wright. The article’s focus is how companies can build and sustain a pipeline of talented employees. They found that the key was adhering to six fundamental principles, which I believe are a good set of principles for a company that wants to sustain and grow the viability of its Foreign Corrupt Practices Act (FCPA) compliance program.

1.      Alignment with Strategy

This is more than simply ‘Tone at the Top’. This means that you need to tie your compliance program to your overall corporate strategy. This could mean that your company will only engage with businesses and individuals in the sales chain which will avow to do business in an ethical manner. Your company can continue this policy into the supply chain as well. Many companies now recognize the reputational risk, in addition to the financial risk of not only having a FCPA violation, but having a business partner, up the sales chain or down the supply chain, sustain a FCPA violation while working on its behalf.

2.      Internal Consistency

This means that your company should be consistent with its compliance message across all disciplines of the company. Training alone will not succeed; there should be incentives for conducting business in a  compliant manner, just as there should be sanctions for those employees who do not follow the company’s Code of Conduct or compliance program. Put another way, “the processes and metrics must make sense together.” If your company rewards high sales persons, who cut corners and do not conduct business in an ethical manner, the message you send is that compliance does not matter.

3.      Cultural Embeddedness

This focuses on the values of the company. A culture of compliance must become part of your company’s DNA. This begins with hiring persons who share similar values regarding compliance and then continuing to nurture those values through training, assessment, incentives and mentoring. Just as the value of doing work in a safe manner, can be driven into a company’s DNA, the same came occur with embedding a culture of compliance.

4.      Management Involvement

For any program to succeed in a company there must be management buy-in of the underlying concepts. This means that the business units of a company need to feel that doing business in a compliant manner is not simply required by the legal or compliance department, but it is good for the company’s business and for the employees personally. Making business unit leaders and members responsible for compliance invests them in the ownership of it. An example is with agents; if a business unit wants to use a new agent or distributor, they need to be able to justify it to their management from the business case so that they will all be invested in having the best group of agents and distributors, who will do business in a  compliant manner.

5.      A Balance of Global and Local Needs

Clearly the FCPA has requirements that impact the way US companies can do business in an international setting. However, some countries have legal requirements which may bump up against the requirements of the FCPA. One example is that certain countries/regions, i.e. the Middle East, require a local agent or representative. Another example might be a local content requirement which necessitates companies to utilize in-country businesses to supply certain goods or services. Yet another might be a state owned enterprise which has a compelled giving component. All of these speak for the need of companies to have flexibility to deal with both the FCPA and general anti-corruption risks.

6.      Branding Differentiation

This principle suggests that a company moves aggressively to demonstrate its commitment to a culture of compliance, within its industry. One clear example is Apple, which annually publishes its Supplier Responsibility Report. In this report Apple reviews its audits of its suppliers on a variety of issues that affect its business relationships with its suppliers, including anti-corruption compliance. By making such a report public Apple demonstrates to itself, and others, its commitment to the compliance process. If your company is an industry leader in compliance, this will drive employee incentives to do business in an ethical manner.

I believe that by incorporating these six principles into your compliance plan going forward, you can continue to sustain the momentum that you achieved with the initial program rollout or subsequent enhancements. My colleague Stephen Martin says that a compliance officer should have a 1, 3 and 5 year compliance plan which can be used as a touchstone for continued growth and assessment. By incorporating these six concepts into your plans going forward, I believe that you will be able to move and grow your program so that compliance and ethics become a part of the way your company does business.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 16, 2012

The SFO Speaks in the Mabey & Johnson Case: Private Equity – Are You Listening?

As reported by thebriberyact.com, on January 13, 2012, the UK Serious Fraud Office (SFO) announced the final piece of the Mabey & Johnson (M&J) case, in which the company’s sole shareholder Mabey Engineering (Holdings) Limited agreed to pay back dividends gained as a result of corruption of  M&J obtain Iraqi bridge-building contracts. SFO Director Richard Alderman lauded it as “the final act in an exemplary model of corporate self-reporting and co-operative resolution”. I hope that every compliance officer of a private equity company read the report by the Bribery Act guys because this is a remedy which may soon be aimed directly at your company.

To recap this case, as reported in the SFO Press Release, entitled “Shareholder agrees civil recovery by SFO in Mabey & Johnson”, said that M&J has worked with the SFO since the beginning of 2008 when M&J self-reported certain instances of corruption it had identified as a result of an internal investigation. Following the self-disclosure and subsequent co-operation with the SFO’s investigations, the company pled guilty to charges of corruption and breaches of United Nations sanctions and was convicted at Southwark Crown Court in September 2009. Since the self-disclosure, the company has introduced new management, implemented anti-bribery and corruption procedures and appointed an independent monitor. The SFO noted that “the company is viewed by the SFO as having conducted itself in an exemplary way through its self-referral, extensive co-operation with the authorities and the transformation of the company.”

However, there is now one additional remedy that the SFO used against M&J. The sole shareholder of M&J, Mabey Engineering, agreed to pay a penalty of £131,201 under the Proceeds of Crime Act. The sum represents the dividends which the parent company collected from the contracts at the center of the UN Sanctions prosecutions. The company will also pay costs in the amount of £2,440.

Director Alderman is quoted as saying:

“There are two key messages I would like to highlight.  First, shareholders who receive the proceeds of crime can expect civil action against them to recover the money.  The SFO will pursue this approach vigorously.  In this particular case, however, the shareholder was totally unaware of any inappropriate behaviour.  The company and the various stakeholders across the group have worked very constructively with the SFO to resolve the situation, and we are very happy to acknowledge this.

The second, broader point is that shareholders and investors in companies are obliged to satisfy themselves with the business practices of the companies they invest in.  This is very important and we cannot emphasise it enough.  It is particularly so for institutional investors who have the knowledge and expertise to do it. The SFO intends to use the civil recovery process to pursue investors who have benefitted from illegal activity.  Where issues arise, we will be much less sympathetic to institutional investors whose due diligence has clearly been lax in this respect.”

Commenting on these statements, thebriberyact.com said, that with these remarks, Director Alderman “took the opportunity to fire a warning a shot across the bows of institutional shareholders and the higher standards the SFO will expect of them”. I usually do not disagree with thebriberyact.com guys. However, here I think they were way too subtle, because even if a shareholder did not know about illegal conduct, the SFO will go after the proceeds of the criminal activity. This is not the situation where a recalcitrant company agrees to disgorge profits, which is a standard Securities and Exchange Commission (SEC) remedy. This is a situation where a shareholder who received dividends was required to return its money.

Director Alderman goes on to imply that institutional shareholders will be held to a higher standard. The “broader point is that shareholders and investors in companies are obliged to satisfy themselves with the business practices of the companies they invest in. This is very important and we cannot emphasise it enough.” Think about that statement for a minute. If you are a private US equity company, with a UK portfolio company which sustains a Bribery Act violation and prosecution, you may well have to return profits, even where you did not have knowledge of the violative conduct.

More importantly for private US equity companies, how long do you think it will take for the Department of Justice (DOJ) to incorporate this form of remedy into a Foreign Corrupt Practices Act (FCPA) enforcement action? I can give you the answer; NOT LONG. The SEC enforces the books and records component of the FCPA against publicly listed companies. Most equity companies are privately held so profit disgorgement may not be available in an enforcement action against a portfolio company. Nevertheless, based on the Mabey case, the DOJ may well seek return of dividends, profits or other monies which went from a portfolio company to its private equity owner.

Over the past week, there has been intense media discussion regarding private equity due to the GOP primary. These discussions have even reached the FCPA compliance commentariati with an article by Matt Ellis, writing in his blog FCPAméricas, entitled “Mitt Romney, Private Equity, and the FCPA.” The lawyers at the DOJ read the papers like everyone else and they see this increased scrutiny and this scrutiny, coupled with this new development by the SFO, will put this type of enforcement remedy squarely in front of US regulators. If you are a private equity company, you need to heed Director Alderman’s warning that “This is very important and we cannot emphasise it enough”; you will be “obligated to satisfy [yourself] with the business practices of the companies [you] invest in.” It does not get any more straight forward than that.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 13, 2012

DOJ Should Release FCPA Declination Opinions

Welcome to the Washington Legal FoundationEd. Note-I was asked by the Washington Legal Foundation if I would pen an article expressing my views on why the DOJ/SEC should release Declination Opinions. The following is the article and can be downloaded from their website by clicking here. Please note as I wrote it for the Washington Legal Foundation, they, not I, hold the copy-write. 

In an area like Foreign Compliance Practice Act (FCPA) enforcement, where guiding caselaw is largely non-existent, compliance practitioners must rely on the actions and decisions of federal enforcement agencies for information. Such information is available in the form of enforcement actions, the release of Deferred Prosecution Agreements (DPAs) and Non-Prosecution Agreements (NPAs), and hypothetical fact patterns presented to the Department of Justice (DOJ) through its Opinion Release procedure. But one highly valuable source of guidance has been kept from regulated entities and their counsels: DOJ and Securities and Exchange Commission (SEC) “declination” decisions, opinions which are drafted when the agencies decline to prosecute an individual or organization.  A change is needed in this counterproductive policy.  The release of substantive information on declinations would help foster greater compliance with the FCPA by providing practitioners with specific facts of circumstances where investigations did not result in an enforcement action.

The Issue Regarding Declinations.  In an article by Miller & Chevalier attorneys James G. Tillen and Marc Alain Bohn, “Declinations During FCPA Boom” the authors reported that since 2008, there have been “at least twenty‐five formal declinations by the DOJ and/or SEC involving twenty companies, nearly all of them publicly‐listed. We also identified several additional cases that might represent declinations, but for which we could find no explicit confirmation of a decision to decline prosecution.” However, these raw numbers do not provide information as to the reasons for the declinations as “it is often unclear why a government investigation has closed without enforcement. It could be that no violations were found to have occurred, that no basis for jurisdiction existed, that enforcement authorities elected to do nothing in deference to a foreign investigation, or that the declination itself represents a benefit in recognition of a company’s voluntary self‐disclosure, remediation and/or cooperation.”

Tillman and Bohn believe that the majority of cases where DOJ or SEC issued declinations were matters in which a company self-reported a potential FCPA violation. Such information would seem to add credence to the oft-stated DOJ position that a company should always self-report. The authors also noted that were such information made publicly available, it could be better quantified and then corporations would understand that self-disclosure can provide a measurable benefit. Others, including Professor Mike Koehler, have called for the public release of the facts and circumstances around the DOJ/SEC decisions not to prosecute companies that self-disclose what they believe are FCPA violations.

DOJ Response.  Why would DOJ not provide substantive information regarding declinations? One possible answer, Tillen and Bohn wrote, came from a June 2011 House Judiciary Committee on the FCPA, where DOJ representative Greg Andres explained that the government does not disclose this information “in large part because we don’t want to penalize a company or an individual that’s been investigated and not prosecuted”

suggesting “[t]here may be some prejudice from that.” Interestingly, soon after the conclusion of the House Judiciary Committee hearing, Chairman James Sensenbrenner and Representative Sandy Adams sent Andres a letter and requested information on DOJ declinations.  The letter stated, “Please provide to us information on cases that been brought to the attention of DOJ, but your agency decided, for one reason or another, not to investigate or pursue prosecution within in the last year along with the rationale for those decisions.”

As reported in The FCPA Professor blog in a post entitled DOJ Declines to Get Specific in Declination Responses, DOJ responded to the request. Assistant Attorney General Ronald Weich wrote that “the Department has declined to prosecute corporate entities in several cases based on particular facts and circumstances presented in those matters, and taking into account the available evidence.”  He also provided several examples of matters DOJ has declined to prosecute where “some or all of the following circumstances existed”:

1. A corporation voluntarily and fully self-disclosed potential misconduct;

2. Principals of a corporation voluntarily engaged in interviews with DOJ and provided truthful and complete information about their conduct;

3. A parent corporation voluntarily and fully self-disclosed information to DOJ regarding alleged conduct by     subsidiaries;

4. A parent company conducted extensive pre-acquisition due diligence of potentially liable subsidiaries, and engaged in significant remediation efforts in acquiring the relevant subsidiaries;

5. A company provided information to DOJ about the parent’s extensive compliance policies, procedures, and internal controls, which the parent had implemented at the relevant subsidiaries; and

6. A company agreed to a civil resolution with the SEC, while also demonstrating that a declination was appropriate for additional reasons; a single employee, and no other employee, was involved in the provision of improper payments; and the improper payments involved minimal funds compared to the overall business revenues.

Proposal.  Imagine the guidance which DOJ could have provided if any or all of the above six instances cited in Weich’s letter was made available to companies and compliance practitioners. A model to follow for doing this already exists at DOJ. Its Opinion Release procedure offers a specific opinion on whether a certain set of hypothetical facts, based upon a written submission, would lead to a FCPA enforcement action.

In the declination process, DOJ is handling a much broader and more significant amount of information. A self-disclosing company has investigated or will investigate a matter, most likely with the aid of specialized outside FCPA investigative counsel. DOJ has the opportunity to review the investigation and suggest further or other lines of inquiry. Company personnel are made available for DOJ interviews, if appropriate. In short one would have actual facts and detailed oversight by DOJ, which in the case of a declination to prosecute, would provide substantive guidance on why it did not believe a FCPA violation had occurred in the face of a company’s good faith belief that it had violated the FCPA.

DOJ’s reasoning for refusing to release declination opinions is misplaced. While DOJ is appropriately concerned with the release of names or other substantive identifiers of any company which receives a declination, such information can be easily removed or scrubbed. In Opinion Releases, DOJ identifies the industry, geographic location, and other specific facts which are of great benefit to compliance practitioners. DOJ could easily do the same with declinations while still providing its reasoning for declining to prosecute.

The substantive portions of declinations, excised of company-specific information, would greatly increase FCPA enforcement transparency. This, in turn, would inspire greater FCPA compliance through a better understanding of how DOJ interprets the law with the specific facts presented to it.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

January 12, 2012

When the FCPA Professor Writes, You Should Read It

As many compliance practitioners are aware, the FCPA Professor (in real life, Professor and Ironman Triathlete Mike Koehler) writes a daily blog on all things relating to the Foreign Corrupt Practice Act (FCPA) from the legal perspective. It is a great resource and one that you should put on your daily reading list. However, as a professor he also writes lengthier, law review articles, with his in-depth analysis and commentary. This month we are treated to an excellent law review article entitled “Big, Bold and Bizarre: The Foreign Corrupt Practices Act Enters a New Era”. Coming in at a hefty 50 pages, it is his analysis and commentary of “using 2010 FPCA enforcement actions, related developments and how big FCPA enforcement has become.” It is an excellent and most welcomed resource for the compliance practitioner who needs a solid review of where the FCPA enforcement year has been and what it may portend for the future.

The Professor divides his article into four parts. In Part I, he reviews the specifics of FCPA enforcement in 2010, what he terms the “big, bold and bizarre.” In Part II, he reviews the increased scrutiny of the FCPA, by courts who faced increased legal challenges due to increased individual prosecutions, Congressional scrutiny and business and legal commentary. In Part III, he reviews some legal developments related to the FCPA, such as Dodd-Frank and debarment legislation. In Part IV, he takes a look at the FCPA road ahead.

Big, Bold and Bizarre

A. Big. The Professor lists some of the raw numbers generated through FCPA enforcement actions. The Department of Justice (DOJ) and Securities and Exchange Commission (SEC) garnered almost $1.8 billion in fines, penalties and profit disgorgement through FCPA enforcement actions.
B. Bold. Here the Professor recounts that the DOJ “continued to push the envelope as to enforcement theories in two specific areas.” The first is regarding the definition of who is a ‘foreign official’ under the FCPA and the second revolves around the interpretation of “obtain or retain business” and facilitation payments under the FCPA.
C. Bizarre. Here the Professor looks at both general fact patterns and some specific enforcement actions. Generally, he notes that in the majority of DOJ enforcement actions, the eventual DOJ fine or penalty was at an “amount below the minimum range suggested by the [US] Sentencing Guidelines.” He also discussed some of the specific matters he believed had “bizarre patterns” such as Innospec, BAE, Digi International and the Giffen prosecution.

Increased Scrutiny

While noting that the increased scrutiny actually began in Q3, 2009 with the release of the Chamber of Commerce Whitepaper and Senate Judiciary Committee hearing, 2010 brought a more thorough debate in both Congress and the private sector. This included the House Judiciary Committee hearing in June as to whether the FCPA should be made less robust to facilitate job creation, judicial scrutiny in the form of some high profile individual prosecutions, where federal district courts had to directly confront challenges to the FCPA on what are ‘instrumentalities’ under the Act and who is a foreign governmental official. In the private sector, the Chamber of Commerce kept up its attack on the FCPA as anti-competitive and there was also bar and NGO commentary on the FCPA.

FCPA Related Developments

Obviously the passage of Dodd-Frank had a very large impact on the 2010 FCPA discussion. The Professor noted that “Many predict that Dodd-Frank’s whistleblower provisions will greatly increase the number of FCPA enforcement actions.” In addition to his Dodd-Frank discussion, he reports on the passage of the ‘Overseas Contractor Reform Act’ by the House, which would have debarred any company from doing business with the US government if it sustained a final judgment of a FCPA violation. However, the legislation was not passed by the Senate so it died in the last session.

The Road Ahead

The Professor concludes his article by noting that “the years ahead will likely see more of the same big, bold and bizarre developments as 2010.” One development he believes should continue is the increase in the scrutiny of the FCPA, both by Congress and continuing review and commentary by others, such as the Professor (and I). While noting that some have viewed discussion about FCPA reform as akin to “paving the way for business to go on a bribery binge”; the Professor clearly believes in the value of continued discussion and debate on how to achieve the goals of the FCPA is appropriate and necessary.

The article is well worth your time to read and see where we have been and where we might be going. If you needed one article to give you the information to provide to management on FCPA enforcement, trends and commentary from last year; this is it. While you may, or may not, disagree with the Professor’s conclusions, you cannot have a better resource from which to review the facts.

The FCPA Professor’s website has several nifty features, one of which is a Jobs Board
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.
© Thomas R. Fox, 2012

January 11, 2012

Compliance Due Diligence Checks – The Reference Interview

A compliance evaluation is becoming a more common component of the employee selection and hiring process. Many companies now specifically include background checks (or due diligence in compliance parlance) when hiring senior managers or others who will hold high levels of authority for a company. Many practitioners feel that a reference is not of value because prospective candidates will only list references who they believe will provide glowing recommendations of character. This leads to a pro forma reference check. However, in an article in the January-February issue of the Harvard Business Review, entitled, “Gilt Groupe’s CEO on Building a Team of A Players” author Kevin Ryan explodes this misconception by detailing how he views the entire hiring process and specifically checking references.

In the hiring of personnel, Ryan details the three steps his company takes: (1) Resume review; (2) In-Person interview; and (3) Reference checks. Ryan believes that resumes are good for establishing “basic qualifications for the job, but not for much else.” He believes that the primary problem with in-person interviews is that they are skewed in favor of “persons who are well spoken [or] present well.” For Ryan, the key check is through references and he says that “References are really the only way to learn these things?”

Ryan recognizes that many people believe that reference checks are not of great value because companies cannot or will not give out much more information than confirming dates of employment. However, he also believes that “the way around it is to dig up people who will speak candidly.” He also recognizes that if you only speak to the references listed on a resume or other application, you may not receive the most robust appraisal. Ryan responds that the answer is to put in the work to check out references properly. Ryan believes this is one of the key strengths of search firms and that companies should emulate this practice when it comes to reference checks.

He notes that anyone who has worked in an industry for any significant length of time will have made many connections. Invariably some of these connections will be acquainted with you or those in your current, and former, company. Ryan gave the following example: A longtime friend who was employed at another company called and said that he had been asked by his hiring partner to find out “the real story” on a hiring candidate by asking Ryan his candid opinion of the candidate. Ryan’s response was “Don’t hire him.” Lest you think that such refreshing honesty no longer exists when informal employment references are provided, you are mistaken. In my past corporate position, I was charged in performing compliance due diligence on senior executives and I spent time doing what Ryan suggested, calling acquaintances that I knew and asking such direct questions. More than 75% of the time, I got direct responses.

Ryan believes that you must invest your company in the hiring process to get the right people for your company. The same is true in compliance. You do not want people with a propensity for engaging in corrupt acts working for, or leading, your company. As far back as Opinion Release 04-02 the Department of Justice (DOJ) realized this was an important part of an overall compliance program when it approved a proposed compliance program which had the following requirement:

Clearly articulated procedures which ensure that discretionary authority is not delegated to persons who the company knows have a propensity to engage in illegal or improper activities.

So give the reference check some respect, for if you respect it, it can be a valuable and useful tool for you and your compliance program.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 10, 2012

Using KPIs to Measure Your FCPA Compliance Program

One of the ongoing questions faced by compliance practitioners is how to measure the effectiveness of your company’s Foreign Corrupt Practices Act (FCPA) compliance program. In an article in the December 2011 issue of the SCCE Magazine, entitled, “How does your compliance program measure up?” author Danielle Herrick explores this question. She concludes that the best manner “to measure colleague knowledge and adherence to policies and procedures is through the development of a comprehensive compliance monitoring program.” Herrick sets out a six point plan which not only contain clear metrics but can also be “used to foster continuous improvement” in your company’s compliance program.

  1. Agreed upon scope and strategy. This is more than simply buy-in from management. There are several approaches which you can take and consistency in your approach is a key to obtaining measurable results.
  2. Core program. Herrick believes that the broadest range of policies and procedures which apply to all employees across the globe should be the foundation of your company’s monitoring program. This should include your Code of Conduct and the policies and procedures of your compliance program.
  3. Standard tools and templates. These are important not only to achieve consistency but also due to the upfront cost of development. If you can develop and utilize the same measuring tools and reporting templates this will decrease costs and increase efficiencies over monitoring cycles.
  4. Reporting. Herrick states that “By assigning numeric results to key performance indicators, you can easily manage the effectiveness of your compliance program.” This will also allow you to better track progress over times as well.
  5. Training and communication. This allows the compliance practitioner to engage in further compliance training when performing compliance monitoring. This is a useful tool where computer based compliance training is the norm as it allows the compliance officer to have another opportunity to interact on a more direct level with company employees.
  6. Continuous improvement. Ongoing monitoring provides not only the opportunity but sets the basis for ongoing enhancement to your company’s compliance program. You can utilize the results to effect improvement on a broad based focus or at a more granular level.

Herrick’s approach is a good starting point for any compliance practitioner to design an ongoing monitoring program. As your company’s compliance program matures, further and greater refinement will be not necessary but also more difficult. Management will expect performance measurements of a compliance program, as it would from any other program. I recommend her article to as valuable guide.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 9, 2012

There Won’t Be Any Trumpets Blowing on Judgment Day

For many of us who came of age in the early 1970s Billy Jack was “The Man”. He was about the baddest dude there was, a Vietnam vet who could kung-fu with the best of them. His story was about a man who helps to try to clean up corruption in his local town, but ends up going to jail for stepping over the line, or as is said in the theme song “One Tin Soldier”, by the group Coven, “In the bloody morning after, one tin soldier rides away.” That movie came to mind as I read an article in the January 7, edition of the New York Times, entitled “With Olympus Managers Still Entrenched, an Ousted Chief Drops His Sword by Hiroko Tabuchi.

In this article, Tabuchi reported that the fired Olympus Chief Executive Officer (CEO), Michael Woodford, was dropping his bid to win his old job back in a proxy fight with the current Olympus Board of Directors. Woodford was quoted as saying, “Despite one of the biggest scandals in history, the Japanese institutional shareholders have not spoken one single word of criticism, in complete and utter contrast with overseas shareholders, who were demanding accountability, I’m taking the plane and saying goodbye to Japan as a businessman.” In an article on the BBC online edition, dated January 6, 2012, Woodford was reported to have said that the Japanese cross-shareholding system, “in which many companies and managers have close ties to each other, meant that rigorous corporate oversight was often difficult.”

This is in the face of a damning report by the company itself in which top Olympus executives acknowledged last November that the company had “conducted an effort spanning decades” to cover up $1.7 billion in investment losses in a global scheme that has led to investigations by the authorities in Japan, the United States and Britain. The Times reported that “Investigators are looking into what they say is a scheme that began in the 1990s to hide losses by selling bad assets to funds and other entities and later settling those losses through payments masked as acquisition fees.”

Clearly any semblance of corporate governance to prevent fraud is not at the forefront of the Olympus Board. But if a company is willing to defraud one or more stakeholders, is it a company that you want to sit across the table from and do business with in a commercial setting? What about access to capital? Why should banks trust anything that a company might tell them, even under the pains and penalties of perjury, when they present financial information on the company? As to capital markets for fundraising, Olympus appears to be seeking to raise money on Japanese capital markets, according to the Times “which would dilute the influence of overseas shareholders and make fundamental changes less likely.”

How does Billy Jack’s story relate to Olympus? Billy Jack fought the good fight but at the end of the day, he went to prison. Michael Woodford fought the good fight as well. When he found Red Flags raised in company financial statements and reported them, he was summarily fired. When he tried to engage the company to reform itself after the company admitted to a decades-long fraud, he could not obtain any support from Japanese institutional investors or Olympus bankers. Olympus has even refused to offer Woodford an apology for terminating his employment with the company. Now Woodford has returned to the UK and “is saying goodbye to Japan as a businessman.” So on the bloody morning after, another tin soldier rides away

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 6, 2012

The End is Nigh for Facilitation Payments – Get Ahead of the Breeze

Last summer, an article was published in the University of Pennsylvania, Journal of Business Law, entitled “The OECD’s Call for an End to the ‘Corrosive’ Facilitation Payments and the International Focus on the Facilitation Payments Exception under the Foreign Corrupt Practices Act”. It was authored by Jon Jordan, Senior Investigations Counsel, in the Foreign Corrupt Practices Act (FCPA) Unit of the Securities and Exchange Commission (SEC). In this article, Jordan reviews, at length, the creation of the facilitation payment exception to the FCPA and the international criticism of the US position by the Organization of Economic Co-operation and Development (OECD), Transparency International, the World Economic Forum and TRACE International. The article also contains a discussion of the hidden costs to US companies which still allow facilitation payments under their company compliance regimes. I found this article to be an excellent review of the issue of facilitation payments and a useful guide to the compliance practitioner on how to navigate this knotty problem.

Costs of Facilitation Payments

1. The Bull’s Eye

Jordan notes that the cost of making facilitation payments is often higher than simply the (purportedly) small dollar amount. He believes that once a company starts down the road of making such payments, it may well lead “to higher costs imposed on those companies that choose to engage in that type of activity.” He quotes Alexandra Wrage, President of TRACE International, that having a corporate policy of allowing facilitation payments is like “putting a bull’s eye on your company’s forehead” as the payment of facilitation payments sets “a permissive tone, which leads to more and greater demands.”

2. Books and Records Issues

A second reason detailed by Jordan is the hidden intra-corporate transaction costs in making facilitation payments. There are a “complex matrix of domestic and foreign anti-bribery laws that companies must navigate when making facilitation payments, and steering through that matrix can be a compliance nightmare and a costly legal undertaking.” The clearest example of this situation is the UK Bribery Act, which has no exception for facilitation payments. If your company has a UK subsidiary, or any employees who are UK citizens, you must carve out an exclusion for them from your facilitation payment exception under your FCPA compliance policy. Got that? So not only must you have an entire carve out in your compliance protocols, your internal accounting system, which is required under the FCPA to record internal controls, you must also make sure that no UK citizen or person otherwise under the jurisdiction of the UK Bribery Act, makes such a claim for reimbursement under your company policy.

 3. Customers

The same is true for large UK based multi-national companies with which your company might transact business. The most obvious example in the energy arena is BP, which not only bans facilitation payments, but requires that any company which provides services for them ban facilitation payments made while doing work for or performing services on BP’s behalf. So think through how you would train your employees on how to properly make and record facilitation payments under your FCPA compliance policy with the HUGE EXCEPTION of when they might be performing some work under the 5 year Master Services Agreement with BP. It’s an administrative nightmare.

Is it Legal to Bribe?

Jordan also brings up the issue that there is not any country in which facilitation payments to public officials of that country are permitted under the written law of the recipient’s country. Accordingly, even if a particular facilitation payment qualifies for an exception of the FCPA, it, nevertheless, is likely to constitute a violation of local law – as well as under anti-bribery laws of other countries that also might apply simultaneously – and thus exposes the payer, his employer and/or related parties to prosecution in one or more jurisdictions. While enforcement to date in this area has been limited increased global attention to corruption makes future action more likely. Countries that are eager to be seen as combating corruption are prosecuting the payment of small bribes with greater frequency. Remember the hellish example of UK citizen Bill Smith, who was sentenced to two years imprisonment in an Afghanistan prison for making a ‘facilitation payment’ to get his company’s vehicles out of a Kabul impoundment lot. Apparently, even Afghanistan will fight the corruption of its own government officials, particularly if the fight involves a foreigner.

You Don’t Need a Weatherman

Jordan concludes by stating, “The facilitation payments exception has become a dinosaur remnant of a bygone era…” He advises US companies to get ahead of this issue and ban such payments in their company compliance programs now. This is sound advice. I would, however, add one additional reason for such advice, which is foretold in the intro paragraph to this article.

Who does the author work for and where does he work? Let’s recap: The SEC in the FCPA Unit. The article clearly states, “The Securities and Exchange Commission, as a matter of policy, disclaims responsibility for any private publication or statement of its employees…and do not necessarily reflect the views of the Commission…” Did I mention who the author works for and where he works? You don’t need a weatherman to know which way the wind blows and the direction of that breeze you feel at your back about now is clearly running against allowing the facilitation payments to continue.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 5, 2012

Aon Nets an NPA

In December, 2011, the insurance giant Aon received a Non-Prosecution Agreement (NPA) from the Department of Justice (DOJ) in settling enforcement actions against it by the DOJ and Securities and Exchange Commission (SEC). Aon agreed to total fines and penalties in an amount of $16.3 MM. This is in addition to a fine previously paid to the UK Financial Services Authority (FSA) in January, 2009 of £5.25 MM (approximately $8.2 MM at today’s exchange rate). The Aon resolution has several factors which are of interest and should be noted by the compliance practitioner.

Aon’s Remedial Actions Which Led to the NPA

The DOJ stated that it entered into the NPA based “in part, on the following factors: (a) Aon’s extraordinary cooperation with the Department and the U.S. Securities and Exchange Commission (“SEC”); (b) Aon’s timely and complete disclosure of the facts described in Appendix A as well as facts relating to Aon’s improper payments in Bangladesh, Bulgaria, Egypt, Indonesia, Myanmar, Panama, the United Arab Emirates and Vietnam that it discovered during its thorough investigation of its global operations; (c) the early and extensive remedial efforts undertaken by Aon, including the substantial improvements the company has made to its anti-corruption compliance procedures; (d) the prior financial penalty of £5.25 million paid to the United Kingdom’s Financial Services Authority (“FSA”) by Aon Limited, a U.K. subsidiary of Aon, in 2009, covering the conduct in, Bangladesh, Bulgaria, Indonesia, Myanmar, the United Arab Emirates and Vietnam; and (c) the FSA’s close and continuous supervisory oversight over Aon Limited.”

Non-Bona Fide Travel and Educational Expenses

The primary activity for which Aon was sanctioned was a travel and education fund which was initially designed to provide funds for foreign government employees involved with insurance to travel to educational conferences. However, the funds were also used for personal entertainment of such officials, their wives and families. In one instance, involving a fund in Costa Rica, travel was booked through a travel agency which was owned or managed by the Costa Rican officials who were entertained with monies from the educational and training funds. This was not, as former UCLA student Kyle Sheahen said in his paper, entitled “I’m Not Going to Disneyland: Illusory Affirmative Defenses under the Foreign Corrupt Practices Act”, an instance of the bona fide travel and promotional defense being disregarded. In the Aon enforcement matter, there was either no bona fide educational expense or not one which could be documented from Aon’s internal records.

Books and Records

The largest portion of the Aon fine involved violations of the Foreign Corrupt Practices Act’s (FCPA) books and records requirements. The NPA noted, “With respect to the Costa Rican training funds, although Aon Limited maintained accounting records for the payments that it made from both the Brokerage Fund and the 3% Fund, these records did not accurately and fairly reflect, in reasonable detail, the purpose for which the expenses were incurred. A significant portion of the records associated with payments made through tourist agencies gave the name of the tourist agency with only generic descriptions such as “various airfares and hotel.” Additionally, to the extent that the accounting records did provide the location or purported educational seminar associated with travel expenses, in many instances they did not disclose or itemize the disproportionate amount of leisure and non-business related activities that were also included in the costs.

International Cooperation

This enforcement action was one of the earliest which revealed the level of cooperation on anti-corruption issues by the US and UK governments. In the NPA there was a discussion about how the insurance and reinsurance industry work, particularly with regards to brokers, who are agents. However, there did not appear to be a penalty assessed for Aon’s actions regarding its agent. Nevertheless, this agent issue was the focus of the FSA action, which at the time, was the largest penalty levied by the FSA for overseas corruption. In its Final Notice, dated January 9, 2009, the FSA stated, in part:

(3) The systems and controls failings existed in a number of Aon Ltd.’s major business units and for a period of years. In particular, the failure to monitor payments to Overseas Third Parties allowed a number of suspicious payments to continue to be made for a number of years. Over the course of the Relevant Period, 66 suspicious payments amounting to approximately US$2.5 million and €3.4 million were paid to nine Overseas Third Parties. In addition, a number of other suspicious payments to those Overseas Third Parties were made prior to the Relevant Period (before Aon Ltd became regulated by the FSA).

(4) In failing to have properly assessed the risks involved in its dealings with Overseas Third Parties and to implement effective controls to mitigate those risks, Aon Ltd may have profited from its breach. The commission or brokerage earned by Aon Ltd over the course of the Relevant Period from business that may have been secured or retained as a result of suspicious payments amounted to approximately US$7.2 million and €1 million.

FSA Enforcement Action

It is noteworthy that the DOJ did not bring heavier sanctions against Aon for such conduct but noted in the NPA “(d) the prior financial penalty of £5.25 million paid to the United Kingdom’s Financial Services Authority (“FSA”) by Aon Limited, a U.K. subsidiary of Aon, in 2009, covering the conduct in, Bangladesh, Bulgaria, Indonesia, Myanmar, the United Arab Emirates, and Vietnam; and the FSA’s close and continuous supervisory oversight over Aon Limited.”

There are several key takeaways from the Aon enforcement action. Travel and entertainment are fields for the unwary. There must be a clear and DOCUMENTED business purpose in travel and payment of educational expenses. Remember the three most important things are DOCUMENT, DOCUMENT and DOCUMENT. Beyond that your books and records need to reflect accurate payments for travel, as in who, what, when, where and how; not “various airfare and hotels.” Next, if a government official directs you to use a service provider such as a travel agency, you must perform due diligence on the service provider to ensure that it is not controlled by the government official you are dealing with in your business.

Lastly we offer recognition to the DOJ for taking into account not only the work done by the FSA but also the fine assessed and continuing oversight of Aon by the FSA. This could be an important portent of things to come in ever increasing internationalization of anti-corruption enforcement actions.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 4, 2012

From Whistleblower to RICO Claimant

The holiday season is past and many of us have returned to work. However, if you are a Chief Compliance Officer (CCO) there is a gift that you may wish to give yourself, it is “The Whistleblower’s Handbook – A Step-by-Step Guide to Doing What’s Right and Protecting Yourself” authored by Stephen Martin Kohn, Executive Director of the National Whistleblowers Center. I do not suggest that CCO’s purchase this volume for their own protection, although the former Chief Executive Officer (CEO) of Olympus might have been able to use it before he was fired by the Olympus Board last October. No, I suggest that CCOs purchase this because many others in your company may well do so and it is the best single volume collection of all laws, rights and obligations related to whistle-blowing that I have come across.

I thought about Kohn’s book when I came across a couple of whistleblower related items last month. The first one was an article in the December 28, 2011 edition of the Wall Street Journal (WSJ), entitled “Internal BNY Mellon Documents Show Panicby Jean Eaglesham and Michael Siconolfi. In the article they report on some of the emails and other documentary evidence that whistleblower Grant Wilson was able to obtain during the two year period that he was operating “as a government informant” while employed by Bank of New York Mellon (BNY). The WSJ obtained this evidence through an open-records request. Wilson was part of a group which brought a series of whistleblower lawsuits against BNY, which have led to several states, and the Manhattan US attorney, filing civil suits against BNY. Eaglesham and Siconolfi also reported that “the bank’s [BNY] foreign-exchange traders grew concerned about a leaker” and in an earlier WSJ article, entitled “Secret Informant Surfaces in BNY Currency Probe”, reporter Carrick Mollenkamp stated “BNY Mellon sought to discover the insider’s identity and to fight the lawsuits.”

I quote that final line because of a December 15, 2011 Court of Appeals decision from the Seventh Circuit Court of Appeals, styled “DeGuelle v. Camilli et al”, which is a whistleblower retaliation claim. As reported by Richard Renner, in an article entitled “Major Victory for Whistleblowers in Seventh Circuit Says Retaliation is a RICO Violation, in the Whistleblowers Protection Blog, the Court of Appeals found valid a claim for damages under the Racketeer Influenced and Corrupt Organizations Act (RICO) for the retaliation against a whistleblower who provides information about corporate fraud to law enforcement officers under Sarbanes-Oxley Act (SOX).  SOX itself makes it a felony to retaliate against whistleblowers who bring forward such information.

The SOX provision in question states that Congress made it a crime to:

“knowingly, with intent to retaliate, take[] any action harmful to any person, including interference with the lawful employment or livelihood of any person, for providing to a law enforcement officer any truthful information relating to the commission or possible commission of any Federal offense[.]” 18 U.S.C. 1513(e).

The novelty and significance of the Seventh Circuit decision is that it held “When an employer retaliates against an employee, there is always an underlying motivation. In this case, for example, the motivation was to retaliate against DeGuelle for disclosing the tax scheme. Retaliatory acts are inherently connected to the underlying wrongdoing exposed by the whistleblower.”

This means that any company which terminates or in any other way retaliates against a whistleblower may have engaged in a violation of RICO, which itself is a criminal statute. This becomes relevant to Foreign Corrupt Practices Act (FCPA) whistleblowers through the Dodd-Frank Whistleblowers provision. In excerpts from the final Securities and Exchanges Commission (SEC) comments, they stated “Employees who report internally in this manner will have anti-retaliation employment protection to the extent provided for by Section 21F(h)(1)(A)(iii) of the Exchange Act, which incorporates the broad anti-retaliation protections of Sarbanes-Oxley Section 806, see 18 U.S.C. 1514A(b)(2).” In other words, if a person reports internally to a company or externally to the SEC of a FCPA violation and there is retaliation against that person, a RICO claim may arise.

Ladies and Gentlemen, this is scary stuff so your company had better be ready and have a robust investigative protocol in place when an internal report is made. And train, train, train and really, really, really mean it when your company says that it will not retaliate against an employee for making an allegation of a FCPA violation.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

« Previous PageNext Page »

Blog at WordPress.com.