The FCPA Compliance Strategic Plan – Some Lessons for the Astros

The Houston Astros were swept this week by the St. Louis Cards and are now on a 7-43 run, the worst in the majors since 1943. On the upside, the entire starting nine fielded by the Astros’ on Thursday had only one player, outfielder Ben Francisco, making more than the league minimum (approximately $483,000) and their combined salary was about $4 million less than the one-year deal of $9.75 million that Cardinals starter Jake Westbrook has just signed. So our new Astros owner should have plenty of money for those new American League uniforms he has been secretly working on.

One of the things that my colleague Stephen Martin talks about is the need for strategic planning for your Foreign Corrupt Practices Act (FCPA) compliance program. He suggests a 1, 3 and 5 year strategic plan which you should utilize as a road map for your compliance program in these time frames. Equally important, as a former state and federal prosecutor, he believes that such a document would be an important item to produce to a prosecutor, who might be reviewing your compliance program in the event of a voluntary self-disclosure, a Dodd-Frank or other whistleblower event, which has led your company to receive a subpoena or letter of inquiry or an industry sweep. He believes that such a strategic plan could well lead to the development of credibility for your company and your compliance program in the event of one of the aforementioned eventualities.

I pondered over Stephen’s thought on the subject of a strategic plan recently when I heard the Houston Astros General Manager say that he was not sure what plan he has to make the Astros a winning if not relevant, team again. Basically he said it was a 1, 3 or 5 year plan, or perhaps something else, he just wasn’t sure. With those words of encouragement in mind it would appear that the Astros plan is the following: (1) Year One: Lose to a new set of teams as the Astros will move from the National League to the America League; (2) Year 3: Continue to lose; (3) Year 5: Be all you can be. How is that for a strategic plan?

With the above in mind I was interested to read an article in the Houston Business Journal, entitled “Strategic planning needs constant follow-up to be successful” by Bruce Rector. As with Martin he recognizes that while a strategic plan can serve as guide for your company going forward, it must actually be utilized to garner any use out of it. Rector notes that “if your company and management team have expended the time and resources to pull together a strategic plan, the next logical step is to follow up and keep things on track.” While Rector’s article is not aimed at the compliance arena, I believe that the steps he lays out, translate without difficulty, into steps a compliance officer can take to meet the suggestion laid out by Martin above.

• Review the Goals of the Strategic Plan. This requires that you arrange a time for the Chief Compliance Officer (CCO) and team to review the goals of the Strategic Plan. Rector advises that to the extent possible this should be done in person. The CCO should lead a discussion of the Strategic Plan and determine how this goal in the Plan measures up to its implementation in your company.
• Design an Execution Plan. Here Rector advises that the “Keep it Simple Sir” or KISS method is the best to move forward. This would suggest that for each compliance goal, there should be a simple and straight forward plan to ensure that the goal in question is being addressed. Rector notes that any “plan must be specific with clear tasking and deliverables and a definite timeline for delivery.”
• Put Accountabilities in Place. In any plan of execution, there must be accountabilities attached to them. Simply having a time line is not enough. This means that the persons tasked with the responsibility of performing the tasks be clearly identified, by both the individual so tasked and the actual task they are assigned to complete. Accountability also includes a “follow-up mechanism to ensure that these vital goals are achieved.” This requires the CCO or other senior compliance department representative to put these in place and then mandate a report requirement on how the task assigned is being achieved.
• Schedule the Next Review of the Plan. Most interestingly, Rector recommends a review of the foregoing process on a weekly basis. While noting that this may seem time consuming, he believes that once the group assigned with this responsibility gets “into the rhythm, it can go smoothly.” While I would not necessarily agree that weekly meetings are required, Rector does correctly note that such regularity allows any problems which may arise to be detected and corrected more quickly than if meetings are held at a less frequent basis.

Martin’s guidance that a FCPA strategic plan can be a key part of your overall compliance program is sound advice. However, simply developing a strategic plan is not enough. Rector concludes by stating that “Part of management’s responsibility is to continually reinforce the vision and goals of the company, as set forth in this plan.” This is particularly true in the compliance arena, where assessment and updating are critical to an ongoing best practices compliance program. If you follow the process laid out by Rector, you will put a mechanism in place to demonstrate your company’s commitment to compliance by following through on intentions as set forth in your strategic plan.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

What is Your Integrity Capital?

Compliance practitioners often hear that bribes must be paid in emerging markets to get anything done. Indeed a recent survey by CEB (formerly Corporate Executive Board) of more than 700,000 employees of multinationals around the world, discussed in a Harvard Business Review article, entitled “Greased Palms, Giant Headaches”, by Dan Currell and Tracy Davis Bradley reported that there was a large jump in the payments of bribes, providing or receiving improper gifts and failures to report conflicts of interest in the BRIC (Brazil, Russia, India and China) countries over developed countries. Is bribery really pervasive in those countries or is it simply the perception? On the other hand, as Andre Agassi was found to say “Perception is reality.” Certainly the story by the New York Times (NYT) about Wal-Mart in Mexico paying over $24 million to be the first big box retailer into the Mexican market may lead some credence to that perception. While the authors did not specifically address the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act, they did report that “bribery and corruption is the second leading category of unlawful activity by Western companies in emerging markets”.

However, Currell and Bradley focus their collective attention on the US corporate headquarters in their article. They note that “Our research suggests that one driver originates at headquarters-multinationals’ increasing growth imperative in emerging markets.” While it certainly is a recognized and valid long-term growth strategy to identify and develop new markets, the authors believe that companies are now thinking that they can “meet our targets by increasing revenues quickly in markets” like the BRIC countries. In other words, long-term strategic plans suddenly become “short-term necessities” and this change can increase “the pressure on local employees to make their numbers, tempting some to break the law.”

What is a company to do when short term goals cause pressure, pressure and more pressure for increased revenues? The authors acknowledge that a robust compliance program is a key component for protection against bribery and corruption by employees, but they believe that more is needed. They identify “Integrity Capital” as a key component to “lower levels of misconduct along with higher levels of reporting when employees do witness wrongdoing. Integrity capital is embedded in the culture, not instituted through controls, and it helps shape employee behavior, which could include offering a bribe or defrauding the company.” The authors identify the following as five factors of Integrity Capital:

1. Management takes action when it becomes aware of misconduct. This means that companies “must insist on a swift response to complaints, unbiased investigations” and even “public hangings” of offenders.
2. Employees are comfortable speaking up about misconduct and don’t fear retaliation. While this would seem to be self-evident, it is a sad fact that in many companies, whistleblowers are ostracized or even blamed for the conduct in question. Witness the initial response by Wal-Mart management in the 2005 time frame to allegations of corruption made by an employee with knowledge of the conduct. He was blamed for the conduct at issue. Even in the recent allegations brought to light with EADS, the whistleblowers were marginalized or worse by the company.
3. Senior leaders and managers treat employees with respect. The authors believe that in addition to not mistreating whistleblowers, companies should “praise employees who have the courage to call out wrongdoing.”
4. Managers hold employees accountable. Simply put, if an employee engages in bribery or corruption, they need to be disciplined or discharged. Allowing high revenue generators or high income generating territories or business units to avoid scrutiny and/or sanctions is a clear recipe to destroy the integrity of a compliance program.
5. High levels of trust exist among colleagues. Your employees must believe that the company will take allegations seriously and will act on the information that they provide.

The authors conclude their article with three different concepts which they believe will minimize the occurrences of bribery and corruption within an organization. First, a company should use commonsense observation. If an emerging market shows success in “speeding things along”, such as regulatory approvals for the construction of bricks-and-mortar facilities, this made need to be looked at closer. Since regulatory approvals do not happen quickly in BRIC countries, it may be that the skids were greased with cash to pay bribes. The second is that a company must be proactive in seeking out and obtaining information from employees about allegations of bribery and corruption. The authors “advise companies to also proactively solicit information from frontline employees and to use surveys or online tools to guarantee anonymity” in reporting allegations of bribery and corruption. Lastly, the authors insist that companies have organization justice so that if there are credible reports of misconduct they are not swept under the rug.

Currell and Bradley provide interesting observations which can be used by a compliance professional to evaluate the sufficiency of their compliance program. Their thoughts on things to look for from an emerging market provide solid guidance on searching for potential red flags which might warrant further investigation from internal audit or a FCPA based compliance audit team. There are a number of practitioners and ethicists who talk about the need for ethics in any company culture to compliment a compliance program. The article by Currell and Bradley provides some of their guidance on what that may look like.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012