I had the chance to meet Michael Fine last spring at the Dow Jones Compliance conference in Washington DC. For those of you in the compliance arena who do not know him he has worked as a Consultant to Transparency International (TI) on the export credit agency survey/report “Export Credit Agency Anti-Bribery Practices 2010″; has been involved in Legal/drafting support for World Economic Forum “PACI Principles for Countering Bribery,” a model anti-corruption program for international business; and has made a Comprehensive study of compliance “best practices” at leading multi-national companies including corporate bench-marking reviews. In short he is someone who knows his way around anti-corruption and anti-bribery.
In the September/October issue of the SCCE Magazine we are treated to an analysis by Fine of le affaire Wal-Mart entitled “A teachable moment: FCPA lesson from the Wal-Mart experience.” While several commentators, myself included, have written or spoken about some of the lessons learned from the Wal-Mart Foreign Corrupt Practices Act (FCPA) story which was broken by the New York Times (NYT) on April 21, 2012, I found Fine’s discussion fresh and he put several points together in a manner which is of use to the compliance practitioner as a review of his or her compliance program.
After a review of some FCPA basics, including (1) nationality jurisdiction, (2) subsidiaries, (3) intermediaries, (4) business advantage and (5) exceptions; Fine reviewed some of the basic allegations made in the NYT article for conduct which is alleged to have violated the FCPA. In addition to the allegations of bribes paid, usually in cash, “to expedite store expansion in Mexico, as part of a strategic plan to outpace competitors and establish market dominance”, senior leaders in Bentonville were made aware of the allegations, they sent the investigation back to Mexico so that the very persons alleged to have committed the bribery were charged with investigating the allegations of bribery.
From the allegations made to date, Fine developed a list of issues which any compliance practitioner could use as a guidepost going forward when looking at their company and its compliance program.
- FCPA as a C-Suite Issue. Senior leadership needs to understand that compliance and ethics has to be taken seriously as the FCPA has real bite.
- The right ‘tone at the top’. The worst thing that a senior leader can do when a FCPA issue arises is bury it. That not only puts the company at legal risk but it sends the message that the company does not take compliance seriously, if at all.
- Building out the ‘program’. Wal-Mart had a written policy of zero tolerance for facilitation payments yet there were over 400 instances of payments by the Mexico affiliate, as identified in the NYT article.
- Going where the FCPA risk is – overseas. Even if you operate with affiliates overseas, a compliance and ethics program must be a priority, rather than an expendable extra. Worse for Wal-Mart is that there was an independent Kroll report from 2003, which identified the Mexico affiliates short-comings but it was either buried or ignored at the corporate office.
- Looking beyond the FCPA. Host countries are more likely now, than in the past, to seek legal recourse or open independent corruption investigations. Remember, there is no country in the world which has a law that allows bribery of its governmental officials. Even Mexico is investigating Wal-Mart now.
- Strengthening risk assessment practices. Fine recommends that a company look beyond the Transparency International (TI) Corruption Perceptions Index (CPI) or the World Bank corruption indicators for a corruption specific assessment “keyed to actual business activities…with regular updating for changes in the business or enforcement context…”
- Elaborating expectations. How thin is your policy guidance? Did you train high risk employees on the basic understanding as what constitutes a bribe or how it may differ from a facilitation payment?
- Investigation protocols. Clear investigation protocols need to be in place for conducting an internal investigation but equally importantly they should not be over-ridden when the rubber hits the road as it will “appear self-serving”.
- Board oversight. Not only must the Board be trained on the FCPA but it must take an active role of oversight for high profile cases. Board members need to understand enough so that they can question, probe and otherwise ascertain that the compliance group has sufficient personnel and resources as required under a best practices compliance program.
- Preparing for the inevitable. As Fine notes “most importantly is how an organization responds to a potential FCPA violation.” Or as Paul McNulty might say “what did you do after you detected it?” The Department of Justice (DOJ) will reward good citizenship but only if it is meaningful and timely.
I found Fine’s article a good analysis of the issues facing Wal-Mart. Moreover, a compliance professional can use these to review and evaluate your company’s program quickly. If there are gaps based upon some or all of the Wal-Mart allegations, you should move to remedy them. Whether you use self-evaluation or bring in a third party to perform a risk assessment, the more quickly you evaluate your program, the better shape you will be in from a FCPA compliance perspective.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2012