FCPA Compliance and Ethics Blog

January 31, 2013

How To You Move Ethical Values Down Through Your Company?

What do employees want most in their company’s values? That is a question that has plagued companies for many, many years. I would argue that one of the concepts which should be in the conversation is respect for a company’s ethical values. One of the tasks in any company is to get senior and middle management to respect the stated ethics and values of a company, because if they do so, this will be communicated down through the organization. This topic was explored in a recent article, entitled “If the Supervisors Respect Values, So Will Everyone Else”, in the Corner Office section of the New York Times (NYT), when reporter Adam Bryant interviewed Victoria Ransom, the Chief Executive Officer (CEO) of Wildfire, a company which provides social media marketing software.

Company Values

Ransom spoke about the role of senior management in communicating ethical values when she said “Another lesson I’ve learned as the company grows is that you’re only as good as the leaders you have underneath you. And that was sometimes a painful lesson. You might think that because you’re projecting our values, then the rest of the company is experiencing the values.” These senior managers communicate what the company’s ethics and values are to middle management. So while tone at the top is certainly important in setting a standard, she came to appreciate that it must move downward through the entire organization. Ransom came to realize “that the direct supervisors become the most important influence on people in the company. Therefore, a big part of leading becomes your ability to pick and guide the right people.”

Ransom said that when the company was young and small they tried to codify their company values but they did not get far in the process “because it felt forced.” As the company grew she realized that their values needed to be formalized and stated for a couple of reasons. The first was because they wanted to make it clear what was expected of everyone and “particularly because you want the new people who are also hiring to really know the values.” Another important reason was that they had to terminate “a few people because they didn’t live up to the values. If we’re going to be doing that, it’s really important to be clear about what the values are. I think that some of the biggest ways we showed that we lived up to our values were when we made tough decisions about people, especially when it was a high performer who somehow really violated our values, and we took action.” These actions to terminate had a very large effect on the workforce. Ransom said that “it made employees feel like, “Yeah, this company actually puts its money where its mouth is.””

Ransom wanted to make clear to everyone what senior management considered when determining whether employees “are living up to the company culture.” The process started when she and her co-founder spent a weekend writing down what they believed the company’s values were. Then they sat down with the employees in small groups to elicit feedback. Her approach was to look for what they wanted in their employees. They came up with five.

  • Passion: Do you really have a thirst and appetite for your work?
  • Humility and Integrity: Treat your co-workers with respect and dignity.
  • Courage: Speak up – if you have a great idea, tell us, and if you disagree with people in the room, speak up.
  • Curiosity: They wanted folks who would constantly question and learn, not only about the company but about the industry.
  • Impact: Are you having an impact at the company?
  • Be outward-looking: Do good and do right by each other.

Leadership

Ransom came to realize that as her company’s leader, more was expected from her. Her employees listened to what she said. This is one of the best descriptions of ‘tone at the top’ that I’ve seen. Ransom “started to realize how what you say can have such an influence. You can’t just say things off the cuff anymore, because people take it so much more seriously than you ever meant it. And that can be good and bad. The bad is that you might say something sort of flippant, or you’re trying to be really transparent and honest with the team about the challenges we may have. But that can get passed on down the line and repeated until there’s a panic.”

But equally important was what she does not say. This is because she learned “how comforting what I say can be to the team, even if I’m not giving the answers. I thought at first that I always needed to be able to give them the solution, but I realized that actually that wasn’t needed at all. All that was needed was acknowledging the challenges, and showing that we’re on top of it and we get it.”

Ransom had an equally valuable insight when she talked about senior management and ethical values. She believes that “the best way to undermine a company’s values is to put people in leadership positions who are not adhering to the values. Then it completely starts to fall flat until you take action and move those people out, and then everyone gets faith in the values again. It can be restored so quickly. You just see that people are happier.”

I found the Ransom interview to be quite useful to the compliance practitioner. She makes clear that ‘tone at the top’ is only one key to instituting ethical values throughout your organization. It also means ‘tone in the middle’ and ‘tone at the bottom’. But she points out not only how to establish that tone but more importantly how to walk the walk of ethics and compliance. Her interview also showed the importance of establishing the values that you want in your company. By doing more than simply writing and then announcing them, through her work with small employee groups she was able to get buy-in from everyone. This was more than communication, this was collaboration. If you make your employees feel that they are a part of the process you will have greater success in your mission to bring ethical values to your organization.

============================================================================================

Please join Patrick Taylor, CEO of Oversight Systems and myself tomorrow afternoon for a webinar on Anti Corruption and On-going Transaction Monitoring. The webinar will be at 2 PM EST and is free. For registration and information click here.

============================================================================================

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 30, 2013

Leadership Lessons for the Compliance Practitioner from Abraham Lincoln

The recent film about Abraham Lincoln has focused the nation’s attention once again on the President that many believe was our greatest President. In a recent article in the New York Times (NYT), entitled “Lincoln’s School of Management”, Nancy F. Koehn, a historian at the Harvard School of Business, wrote about Lincoln’s experience in drafting and issuing the Emancipation Proclamation as “one of the best ways to appreciate his strengths as a leader.” I found that Koehn’s article was relevant to the Chief Compliance Officer (CCO) or other compliance practitioner as they tackle the job of instituting or maintaining a culture of compliance throughout an organization.

Stay True to Your Compliance Vision

During the initial period of the Civil War, when the Union suffered a series of military defeats at Bull Run and particularly in the Seven Days’ Battles, Lincoln described his state “as nearly inconsolable as I could be and live.” Nevertheless, Lincoln persevered throughout these dark times due to his “resilience and commitment to preserve the Union.” From this, Koehn believes that business leaders must have the “ability to experience negative emotions without falling through the floorboards.” This can certainly be true in the compliance world. Just as Lincoln’s deep faith nurtured his vision, the CCO or compliance practitioner needs to stay true to their vision of compliance and ethics for their company.

Gather Information from a Wide Range of People

One of the things that Lincoln was good at was “how he gathered advice and information from a wide range of people, including those who did not agree with him. This is important in building a business because you have to listen to customers, employees, suppliers and investors, including those who are critical of what you are doing.” The compliance practice is one business area where there are no trade secrets on how to operate a business. There may be specific issues relating to investigations or similar areas but generally most CCOs and compliance practitioners can find information about the evolving world of best practices from other CCOs and compliance practitioners. Of course there is a wealth of written information available as well. But beyond other CCOs and compliance practitioners, there is information available from the business folks in a company. Just because a business person pushes back on some compliance mandate does not mean they are wrong. Just as Lincoln took advice from those who did not always agree with him, a CCO or compliance practitioner should consider the input that they receive from outside the compliance department.

The Ability to Shift Gears

Koehn wrote that “Lincoln’s ability to shift gears during hard times — without giving up his ultimate goal — is a vital lesson for leaders operating in today’s turbulence. When I teach the case, many executives comment on the importance of shaping one’s tactics to changing circumstances.” Lincoln began drafting the Emancipation Proclamation in late June or early July of 1863. He initially told his Cabinet that he would release it on January 1, 1863. Secretary of State William Seward suggested that the President wait for a Union victory before issuing the Proclamation, “lest it seem the last measure of an exhausted government, a cry for help” to which Lincoln agreed. But after the Union victory at Antietam, Lincoln made the Proclamation public. This dramatically changed the nature of the war from one to save the Union to create a new United States to “one in which slavery was permanently abolished.”

I think that the message for the CCO or compliance practitioner is that you have to be ready to shift gears. One of the frustrations in the compliance practice is that things are constantly in motion if not in flux. But if your commitment to ethics and compliance is the underlying basis of your position, that can be your driving force. As with Lincoln you must communicate your commitment to this larger purpose of doing business with compliance and ethics.

Think Before You Send the Letter or Hit the Send Button

Koehn told the story of Lincoln’s great disappointment after the Battle of Gettysburg when the victorious Union General, George C. Meade, did not follow after the defeated Confederate Army of General Robert E. Lee. Lincoln wrote a letter to Meade expressing his dissatisfaction for Meade’s failure to follow up his victory. Lincoln wrote, “Lee was within your easy grasp, and to have closed upon him would, in connection with our other late successes, have ended the war.” He added: “Your golden opportunity is gone, and I am distressed immeasurably because of it.” But Lincoln did not send the letter. Indeed, “he placed it in an envelope labeled “To Gen. Meade, never sent or signed.” Koehn wrote “Imagine if e-mail had existed in Lincoln’s time and he had hit ‘send’ because he was distressed. The course of history might have taken a very different turn.”

This lesson is forbearance. With the instantaneous ability to communicate around the clock the CCO or compliance practitioner needs to consider the effect of their communications. Here I am not talking about stupid emails, although care should be taken not to engage in that FUBAR as well, but just as with Lincoln, a CCO or compliance practitioner need to face “the challenge of navigating their own and others’ emotions with forethought and consideration.” Sometimes, “the first action that comes to mind is not always the wisest.”

Communicating with Stakeholders

Koehn used the Gettysburg Address as a starting point for a discussion of the need for a CCO or compliance practitioner to communicate. If you desire to make a transformational change, you must communicate with your stakeholders. One thing that Lincoln assuredly did not do was lock himself in an ivory tower or the White House. Lincoln “traveled to battlefields to visit Union troops, and he held open “office” hours in the White House to receive interested citizens — and their countless requests.” Anyone who saw the movie “Lincoln” will remember the scene where he visited Union troops at a hospital, many of whom had lost their limbs in battle. I think that Koehn’s point is that he communicated his vision of what they were sacrificing for the War effort.

This point is absolutely critical for the CCO or compliance practitioner, you have got to put boots on the ground. Sitting in your office and doing the day-to-day work of compliance is simply not enough. First of all, your employee base will appreciate you much more if you get out into the field and will also communicate with you in a much more open manner. But, as important as the above are, this allows you to communicate your vision of doing business with ethics and compliance. This simply cannot be done from your home or corporate office. You must sell your vision to each and every stakeholder in your company.

Leadership Backbone

Koehn found that one of the things that business executives pointed to in any study of Lincoln as a leader was the “strength that Lincoln found to bear the death and destruction of the war and to weather intense opposition and still not relinquish his mission. If there is one point when Lincoln discovered his own leadership backbone, it was surely in conceiving and issuing the Emancipation Proclamation and then committing himself and the country to its broader consequences.” It is important to rise to a challenge if one appears while you are on the watch. Another point Koehn stressed is that the leadership skills Lincoln showed demonstrated that it is the responsibility of a leader “to serve all of the people, and not just one’s self-interest. Lincoln knew that success is best when shared.”

For the CCO or compliance practitioner I think that these points bring up a dichotomy that you must deal with quite often. Sometimes you must say No. You must stand up and tell the business people that you are not doing that deal; you are not flying government officials and their wives to the US in business class or whatever the business guys want to do that violates the Foreign Corrupt Practices Act (FCPA). However, sometimes it is important to understand that you work for a company which is in business to make money. As a CCO or compliance practitioner you can use creative lawyering to satisfy the needs of the business without violating the FCPA.

The best example I can give you is one of last year’s Opinion Release, 12-01, which found that, under the facts and circumstances described in the Opinion Release, a royal family member was not a government official for the purposes of the FCPA. Prior to this Opinion Release I would have said 100 times out of 100 that a royal family member was always a foreign government official under the FCPA. But some very creative lawyer took a question presented to him by a business unit and came up with a way not to violate the FCPA.

Koehn ends her piece with “Lincoln was able to learn and grow amid great calamity. His story, like no other, demonstrates that leaders do not just make the moment; they meet it and, in the process, are changed by it.” I think that the same can be true for any CCO or compliance practitioner. You need to be able to learn and grow to do your job. I hope that your tenure will not be so calamitous as Lincoln’s but his leadership lessons should be guideposts and inspirations to anyone with a difficult job that must listen to a multiplicity of voices.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 29, 2013

Grand Central Station, Mary Jo White and the End of No-Admission Settlements in SEC Cases?

Last week we celebrated one of the world’s great urban architectural marvels, the London Underground. This week we celebrate one a little closer to home. This week is the 100th anniversary of Grand Central Station. In an article this week in the New York Times, (NYT), entitled “Looking Out on the Grand Central, and Looking Back on Saving It”, reporter Clyde Haberman interviewed Kent L. Barwick, former Executive Director of the Municipal Art Society, who was instrumental in the fight to save the Station in the 1970s. I knew about the legal fight that the City of New York had put up after its designation of the venerable landmark had been overturned by a state judge. This landmark case went all the way to the US Supreme Court and ended with a victory for the City of New York and the establishment of the right of a municipality to protect the public environment and its history by historic designation. What I did not know about this process was that one of its most active supporters was Jacqueline Kennedy Onassis, who supported the cause with time, money and effort. It was a classic effort of several processes moving forward on several fronts at once which led to this important legal decision and one of the most compelling journeys in landmark preservation.

This article came to mind when I read another article in the NYT, entitled “Make Them Pay (and Confess)” by reporter Gretchen Morgenson, about President Obama’s nomination of Mary Jo White to head the Securities and Exchange Commission (SEC). Morgenson used the nomination of White to argue that the SEC has not been aggressive enough in its prosecution of financial wrongdoing during the first four years of the Obama Administration. She believes that the no-admission settlement is merely a “slap on the wrist” for companies who are guilty of securities violations involving fraud. I believe that this would include Foreign Corrupt Practices Act (FCPA) violations.

One of the techniques that she argues should be used more often and would have greater impact is requiring companies to admit to facts in settlement agreements. As most compliance practitioners know, the SEC has, in the past, allowed companies to settle without admitting or denying the findings which are the basis for the enforcement actions. Generally the SEC has supported this position arguing that by doing so this helps it “avoid costly, time-consuming litigation that would tax already-stretched resources.” In addition to time-consuming trials, there is always the possibility that the SEC could lose at trial. Further, by having quicker settlements, more victims would be getting restitution faster.

But Morgenson argues that a no-admission settlement does not really qualify as a punishment. In addition to having no precedential value going forward, because there are no facts admitted, she maintains that even the financial penalties are meaningless. This is because ultimately the fines and penalties are paid by the shareholders or the company’s insurance carrier. Such situations are “not much of a deterrent.”

Morgenson points out that Preet Bharara, the United States Attorney for the Southern District of New York, who was hired by Mrs. White when she ran the office, “has made it a priority to require admissions from defendants in civil fraud cases” brought by his office. Bharara has stated that “Such admissions are a way to hold defendants accountable, as well as being an important part of the public record.” By public record, Bharara means that plaintiffs can then use those admissions in shareholder derivative actions against corporations in tag along law suits. Do you think that the plaintiffs’ bar will be salivating over that prospect?

Morgenson discussed several reasons for the reluctance of the SEC to require such admissions of fact. The first and foremost is that you have to be ready, willing and able to go to trial. Bharara handles this in the Southern District with the following comment, “We’re not in the business of bluffing. When people know you’re not bluffing, they come to the table.” However, the SEC itself may not have this same attitude. Morgenson notes that “It won’t be easy to change the mind-set at the S.E.C. from one that regularly allows defendants to avoid culpability.” Other federal agencies such as the Federal Trade Commission also allow corporations to settle civil enforcement actions while not admitting to any facts.

Morgenson acknowledges that it will not be easy for the SEC to change its philosophy. Further, defendants will probably fight this change tooth and nail because they know that the cost of any settlement will increase exponentially if they make such admissions. The aforementioned plaintiffs’ bar will be waiting to jump on any corporations which make such settlements. Morgenson quotes William F. Gavin, Secretary of the commonwealth of Massachusetts and its securities regulator, who admitted that negotiating admissions of liability is challenging due to the fact that the cost of settlements will go up. His response, “Well, that’s kind of the idea – you did something wrong, you should be liable. You’re not going to change practices or behavior if there’s no penalty associated with it.”

Federal judges have also begun to question the use of SEC no-admission settlements. There is the quite well known example of Judge Rakoff and his initial rejection of the Citigroup settlement. A couple of other federal judges also initially rejected no-admission settlements but did so on the grounds that there was not enough evidence to enforce an injunction if there was a breach of the settlement by the defendant. Their concerns were addressed and they all eventually signed off on the SEC settlements. Now, however, Judge Richard Leon has rejected a SEC settlement with IBM, for FCPA books and records violations, as Judge Leon wanted IBM to report to the SEC if it sustained a FCPA violation going forward. IBM, with the SEC standing at its side on this point, said that to do so would be “too burdensome.” Judge Leon has set a hearing date of February 4, 2013 for IBM to present evidence of how they plan to collect the data to show that it is too burdensome. If IBM cannot do so, Judge Leon may well not approve the no-admission settlement.

Morgenson clearly wants Mary Jo White to engage in more and greater enforcement of financial fraud cases. She does not speak to FCPA cases specifically so it is not clear on whether her desire would also include FCPA books and records enforcement actions brought by the SEC when there is no criminal case brought by the Department of Justice (DOJ). However, if no-admission enforcement actions are no longer the norm in SEC financial fraud or other securities actions, this will probably also bleed over into FCPA actions. Judge Leon’s challenge to IBM and to the SEC may also portend an increasingly active judiciary which may delve into the substance of any FCPA settlement agreement with the SEC.

So for you New Yorkers out there, or any of you travelling through New York, I would suggest that the next time that you go through Grand Central Station look up with some wonder and awe at one of the true architectural marvels of the city. You may not do so as I did the first time I went through it but still take a few minutes to think that it was headed for the wrecking ball back in the 1970s, scheduled to be replaced by a skyscraper. Morgenson argues that the SEC should become more aggressive in its prosecution of financial fraud and with her prosecutorial background the agency may well be headed that way.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 28, 2013

Boeing and the Conduct of Due Diligence on Sub-Suppliers

The Foreign Corrupt Practices Act (FCPA) act has language which makes illegal a direct or indirect act which might be used to obtain or retain business from prohibited parties. This has caused companies to begin to look at their suppliers as one area which might give them FCPA exposure. I have been considering the role of suppliers in a compliance program as I followed the issue of the smoldering batteries in the Boeing 787 Dreamliner.

As reported in a New York Times (NYT) article by James B. Stewart, entitled Japan’s Role in Making Batteries for Boeing, the construction of the batteries at issue was outsourced by Boeing to a Japanese company called GS Yuasa. Stewart’s article points out the need for close review of suppliers and what can happen if the quality does not meet the standards required for the project. However, I considered the article from the FCPA perspective. Stewart initially noted that “No one has claimed that GS Yuasa was chosen for the 787 for anything but merit.” But then he goes on to say that “Boeing has long been dogged by suspicion that in return for awarding major contracts to Japanese companies, which also receive subsidies from the Japanese government, the countries airlines buy Boeing aircraft almost exclusively.”

The question all of this raised for me is just how much due diligence should a company engage in for its suppliers? The first thing to note is that GS Yuasa is not a direct contractor to Boeing. The Japanese company is a subcontractor to a French company named Thales, which was contracted by Boeing to supply the electrical system. However, Stewart noted that Boeing approved the Thales/GS Yuasa contract and relationship. Does this mean that Boeing performed any kind of due diligence on GS Yuasa? The article does not specify any of these facts. However, Stewart asks the question of whether the outsourcing of this work was a for the benefit of sales of planes to Japan? He quotes Richard L. Aboulafia who said, “And then there’s Japan. All the normal ways of doing business are upended.” When asked if there might be a ‘quid pro quo’ Aboulafia said, “Yes, absolutely. But no one will talk about it, and no one can prove it.” He went on to say that in Japan “there is a unique relationship between the airlines, the suppliers and the government. The government supported the airlines, the government and the industries and they developed together. The government has enormous influence. They all work together.”

Are these questions which should be explored in due diligence? I think this situation brings up the issue of how far down in the supply chain that a company needs to go in performing due diligence. Many contracts with suppliers require that if there is a sub-supplier that sub needs to go through due diligence. However, in the case of GS Yuasa, Boeing had the right to select the supplier and if you have that right you probably need to perform due diligence on the supplier.

The key question that Stewart raises in his article is whether Boeing is using the hiring of GS Yuasa as leverage to gain sales to the Japanese government. GS Yuasa admitted that the battery component of its company is a money loser, even with the Boeing contract. This obviously raises the question of why the company is in such a business. The company also admitted that it had received subsidies to the tune of $3.5 billion from the Japanese Ministry of Economy, Trade and Industry to “begin mass production of lithium-ion batteries…”.

However, does Boeing has strong supplier relationships with other Japanese companies? In addition to the sales to Japan Air, Boeing works closely with Japan’s Defense Ministry and Boeing was quoted in the article as saying that it had “a long history of working together to meet Japan’s defense needs.” In addition to the hiring of GS Yuasa, Boeing said that its Japanese partners had “designed and developed 35 percent of the 787 airframe structure, including the main box wing, which is the first time Boeing has ever entrusted such a critical design component to another company.”

Stewart penultimately notes that “any questions about GS Yuasa may be premature.” In addition to the investigation of GS Yuasa, both the French company Thales and Securaplane, an American subsidiary of the UK engineering company Meggitt which makes the battery chargers, are also being looked at in connection with the fires aboard the Boeing planes. Stewart does believe the “whatever the outcome, experts said that with so many lives at stake, the design and manufacturing of new aircraft should be based solely on legitimate issues of cost and quality, and the selection process for suppliers should be transparent and untainted by other commercial or political concerns.

To end his article, Stewart quotes Aboulafia who states that “The greatest enemy of good aircraft is people who interfere with the freedom to shop for the highest quality.” I think that the same could be said in conjunction with the FCPA and the Supply Chain.  If a company allows inferior quality into its supply chain through the bribery or corruption that the FCPA is designed to stop it could well allow an inferior product to be constructed. While such actions may not have the catastrophic and very public impact that the apparent battery failures on the 787 have sustained the damage can be severe.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 25, 2013

Chesapeake Lighthouses and Lighting the Way for Compliance

In the winter 2013 issue of the Colonial Williamsburg magazine is an article by Michael Lombardi, entitled “Lighthouses Marked the Shoals of the Commerce Clause”. In this article, Lombardi wrote about four lighthouses authorized by Congress in the late 18th and early 19th century to light the way for sailors in Chesapeake Bay. The four lighthouses were the Cape Henry Lighthouse, the Old and New Point Comfort Lighthouses and the Smith Point Lighthouse. All four still exist today and one, the Old Point Comfort Lighthouse, is still in operation.

I thought about the story of these lighthouses and how they literally lit the way for sailors for over 200 years when I read an article in the Q2 issue of Ethisphere Magazine, entitled “Imagination Working with Integrity: How General Electric Creates a Global Culture of Ethics”, by Michael Price. Price discusses how General Electric (GE) has made “ethics and compliance a benchmark of its operations around the world, and is, in many ways the gold standard that other companies look to when it comes to modeling global compliance and ethics programs.”

I also considered these lighthouses in the context of how GE sets the tone for ethics and compliance and then communicates that commitment throughout its organization. Obviously it all starts at the top and GE is a prime example of this strength. Price noted that GE’s top brass meets annually at a conference where one of the frequent topics was ethics and compliance and the need for integrity in GE. Following this meeting of the GE senior management, they cascade down this commitment to middle management and emphasize the reputational risk to GE should there be a violation of the Foreign Corrupt Practices Act (FCPA) or other anti-corruption statute by the company. The middle managers then further cascade this message down so that it goes through the whole company at regular intervals.

Price made clear that one thing that GE will not tolerate is a manager who fails to take ethics and compliance seriously. This extends to managers who were ignorant of compliance issues in their units. He wrote that GE has “removed people from leadership positions when they didn’t know there was a problem”. GE demands that its management not only be aware of compliance in their units, but to ask “the right questions when they are faced with an uncertain situation”.

As you might expect from a company which has business in over 100 countries, GE has to work with many different cultural norms. It can be that “different cultures have different frameworks for understanding integrity and how to confront unethical conduct.” So, for instance, to overcome some cultural barriers of reporting unethical conduct GE has “five different pathways in which employees around the world can bring their concerns to management’s attention.” These pathways include the following:

  • Employees can talk directly to their managers;
  • Employees can go to talk to people in the compliance function;
  • Employees can go to talk to someone in the legal department;
  • Employees can take their concerns to HR; and
  • Employees can report anonymously to an ombudsman through a variety of channels.

GE provides several types of training in each of these methods and has “Compliance Days” in “which the company discusses compliance issues and reiterates the importance about employees raising concerns about unethical practices.” The article makes clear not only how seriously GE takes compliance but that it believes its commitment to ethical practices makes it stand out as a market differentiator. I would say that ethics and compliance is even a lighthouse for corporate culture at GE, in many ways, leading the way by which GE does business and conducts itself.

I once worked for a major oilfield service company where it was clear that safety was the Number 1 priority. We started every meeting with a safety moment. Each year, there was one day where the entire company stood down and met on safety on a world-wide basis. Both of these techniques emphasized to me not only the importance of safety but that safety was my responsibility as well, even though I was a lawyer doing international transactional work. This was another lighthouse but it was one for safety.

As a recovering trial lawyer who has handled many personal injury lawsuits and then worked in the energy industry, I will always consider safety as Mission Number 1 but I would like to propose that ethics and compliance is Mission 1A in your company. Try some of the techniques that GE uses to communicate its commitment to ethics and compliance. It does not cost anything to have senior management meet with middle management and tell them about the company’s commitment to integrity. It does not cost anything to allow employees to speak with their immediate managers about concerns over unethical practices, go talk to someone in the compliance department or legal department about such concerns or report their concerns to HR. If you do not have an anonymous reporting line, it is about time you invested in one. I do recognize that many companies do not have an ethics and compliance ombudsman but the key concept there might be that by having such an impartial position, employees believe they will be treated fairly.

How about having a compliance moment before every meeting? By having such a moment before every meeting you can not only provide some teachable moments but also drive home the concept that compliance is everyone’s responsibility not just the responsibility of the compliance or legal department. How about a Compliance Day? If you cannot go that far, I would suggest that you hold a series of brown bag lunches where you talk about doing business with integrity through ethical and compliant business practices. You could hold them throughout the company.

One thing I learned as a lawyer is that you are only limited by your imagination. Try to get the message out because compliance is in many ways, the 21st century lighthouse for doing business.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 24, 2013

What is Your FCPA Investigation Protocol?

On Wednesday, at the ACI FCPA Bootcamp, there was an excellent presentation by Jay Martin, Vice President, Chief Compliance Officer (CCO) and the Senior Deputy Counsel for Baker Hughes Incorporated and Jacki Trevino, Senior Manager, Corporate Compliance at Fluor Corporation. I have heard both of them speak and I can assure you that they both know the Foreign Corrupt Practices Act (FCPA) and their compliance stuff. They both also always have a great power point presentation that you can take away from any presentation either one of them makes. Yesterday was no different on either score.

The topic of their presentation was “FCPA Compliance Best Practices: Success Stories of Robust and Effective Anti-Corruption Compliance Programs in High Risk Markets” and as you might guess from such a title, there was a significant amount of information discussed. Today, I wanted to focus on one part which dealt with investigation protocol. I think that one of the key lessons to be drawn from the ongoing Wal-Mart FCPA matter is that back in the 2006 time frame, when the corporate office was made aware of allegations of bribery and corruption regarding its Mexican subsidiary, the corporate office either did not have an investigation protocol in place, or perhaps even worse, it had one and disregarded it when the allegations bubbled up to Bentonville.

Trevino presented the Fluor investigation protocol which consists of the following five steps (1) Opening and Categorizing the Case; (2) Planning the Investigation; (3) Executing the Investigation Plan; (4) Determining Appropriate Follow-Up; and (5) Closing the Case. I recognize that if a case of significant bribery or corruption is uncovered that there may be more or additional steps that you may need to take. However if you follow this basic protocol, you should be able to work through most investigations, in a clear, concise and cost effective manner. Furthermore you should have a report at the end of the day which should stand up to later scrutiny if a regulator comes looking. Finally, you will be able to document, document, and document, not only the steps you took but why and the outcome obtained.

Step 1: Opening and Categorizing the Case. Under this first step, you should categorize the ethics and compliance violation. You should notify the relevant individuals, including those on your investigation team and any senior management members under your notification protocols. After notification, you should assemble your investigation team for preliminary meetings and assessments. This Step 1 should be accomplished in one to three days after the allegation comes into compliance, either through your reporting structure or other means.

Step 2: Planning the Investigation. After assembling your investigation team, you should determine the required investigation tasks. These would include document review and interviews. If hard drives need to be copied or documents put on hold or sequestered in any way, or relationships need to be analyzed through relationship software programs or key word search programs, this should also be planned out at this time. These tasks should be integrated into a written investigation or work plan so that the entire process going forward is documented. Also if there is a variation from the written investigation plan, such variation should be documented and an explanation provided as to why there was such a variation. Lastly, if international travel is involved this should also be considered and planned for at this step. This Step 2 should be accomplished with another one to three days.

Step 3: Executing the Investigation Plan. Under this step the investigation should be completed. I would urge that the interviews not be effected until all documents are reviewed and ready for use in any interviews. Care should be taken to ensure that an appropriate Upjohn warning is issued and that the interviewee clearly understands that whoever is performing the interview represents the company and not the person being interviewed, whether they are the target of the investigation or not. The appropriate steps should also be taken to preserve the attorney-client privilege and attorney work product assertions. This Step 3 should be accomplished in one to two weeks.

Step 4: Determining Appropriate Follow-Up. At this step the preliminary investigation should be completed and you are ready to move into the final phases. In some investigations, it is relatively easy to determine when the work is essentially complete. For example, if the allegation is both specific and narrow, and the investigation reveals a compelling and benign explanation for the conduct alleged, then the investigation typically is complete and you are ready to convene the investigation team and the relevant business unit representatives. This group would decide on the appropriate disciplinary steps or other actions to take. This Step 4 should be completed in one day to one week.

It must be cautioned that at this step, if there are findings of specific or discrete allegations of corruption and bribery, a decision must be made as how to handle such findings going forward.

Step 5: Closing the Case. Under this final step, you should communicate the investigation results to the stakeholders and complete the case report. Everything done in the above steps should be documented and stored, either electronically or in hard copy form together. The case report should be completed. This Step 5 should be completed in one day to one week.

With the growing number of reports to the Securities and Exchange Commission (SEC) Whistleblower program under Dodd-Frank, companies are under increasing pressure to get up and running quickly on any claim of bribery and corruption that is brought forward. By using the Fluor investigation protocol that Trevino has laid out, you will have a ready-made process in place to start from. If your company does not have such a protocol I would suggest that you tailor this process to fit the needs of your company. If your company does have an investigation protocol in place, I would suggest that you review it in need of the one that Trevino has presented to us.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

 

January 23, 2013

The FCPA Guidance on the Ten Hallmarks of an Effective Compliance Program

Many commentators are still mining the Department of Justice (DOJ)/Securities and Exchange Commission (SEC) publication, A Resource Guide to the U.S. Foreign Corrupt Practices Act, (the “Guidance”), which was released last November. I continue to find nuggets to provide to the compliance practitioner, as do others. But as we are a Base 10 culture, today I want discuss the 10 points listed as the ‘Hallmarks of Effective Compliance Programs”. They are a change in style, but not content, from the prior 13 point minimum best practices that the DOJ has in the Deferred Prosecution Agreements (DPAs) since at least November, 2010 and, indeed, from prior information made available by the DOJ.

I.                   Where Have We Been

Beginning with at least the Metcalfe & Eddy Consent and Undertaking, filed in December, 1999, the DOJ has laid out its thoughts on what should go into a Foreign Corrupt Practices Act (FCPA) anti-corruption compliance program. In the Metcalfe & Eddy Consent and Undertaking, the DOJ laid out ten points of an effective FCPA anti-corruption compliance program. This was modified somewhat in Opinion Release 04-02, which laid out a best practices compliance program in 12 points, where the DOJ reviewed the proposal by an investment group who were acquiring certain companies and assets from ABB Ltd. ABB Vetco Gray Inc. and ABB Vetco Gray (UK) Ltd., two of the entities being acquired, had previously pled guilty to FCPA violations. The investment group desired to protect itself from further liability, to the extent possible, by proposing to the DOJ a comprehensive best practices compliance program. While the DOJ noted that this compliance program was not a shield against future violations, the DOJ would not “intend to take an enforcement action [against the investors] for violations of the FCPA prior to their acquisition from ABB.”

In the Panalpina DPA, issued in November, 2010, the DOJ laid out a 13 point minimum best practices compliance program. This number was changed this past summer when the Data Systems & Solutions LLC (DS&S) DPA was announced. In this enforcement action the DOJ listed 15 points on its minimum best practices FCPA anti-corruption compliance program. Then later in the summer, the DOJ moved to a 9 point compliance program in the Pfizer DPA. Even with all these changes in the number, the substance of each compliance program has remained the same.

II.                Where Are We Now? Hallmarks of Effective Compliance Programs

The Guidance cautions that there is no “one-size-fits-all” compliance program. It recognizes that depending on a variety of factors such as size, type of business, industry and risk profile that a company should determine what is appropriate for its own needs regarding a FCPA compliance program. But the Guidance makes clear that these ten points are “meant to provide insight into the aspects of compliance programs that DOJ and SEC assess”. In other words you should pay attention to these and use this information to assess your own compliance regime.

  1. Commitment from Senior Management and a Clearly Articulated Policy Against Corruption. It all starts with tone at the top. But more than simply ‘talk-the-talk’ company leadership must ‘walk-the-walk’ and lead by example. Both the DOJ and SEC look to see if a company has a “culture of compliance”. More than a paper program is required, it must have real teeth and it must be put into action, all of which is led by senior management. The Guidance states that “A strong ethical culture directly supports a strong compliance program. By adhering to ethical standards, senior managers will inspire middle managers to reinforce those standards.” This prong ends by stating that the DOJ and SEC will “evaluate whether senior management has clearly articulated company standards, communicated them in unambiguous terms, adhered to them scrupulously, and disseminated them throughout the organization.”
  2. Code of Conduct and Compliance Policies and Procedures. The Code of Conduct has long been seen as the foundation of a company’s overall compliance program and the Guidance acknowledges this fact. But a Code of Conduct and a company’s compliance policies need to be clear and concise. The Guidance makes clear that if a company has a large employee base that is not fluent in English such documents need to be translated into the native language of those employees. A company also needs to have appropriate internal controls based upon the risks that a company has assessed for its business model. Some of the risks a company should assess include “the nature and extent of transactions with foreign governments, including payments to foreign officials; use of third parties; gifts, travel, and entertainment expenses; charitable and political donations; and facilitating and expediting payments.”
  3. Oversight, Autonomy, and Resources. This section starts with a discussion on whether a company has assigned a senior level executive to oversee and implement a company’s compliance program. Not only must a company assign such a person with appropriate authority but that person, and the overall compliance function, must have “sufficient resources to ensure that the company’s compliance program is implemented effectively.” Additionally, the compliance function should report to the company’s Board of Directors or an appropriate committee of the Board such as the Audit Committee. Overall the DOJ and SEC will “consider whether the company devoted adequate staffing and resources to the compliance program given the size, structure, and risk profile of the business.”
  4. Risk Assessment. The Guidance states that “assessment of risk is fundamental to developing a strong compliance program”. Indeed, if there is one over-riding theme in the Guidance it is that a company should assess its risks in all areas of its business. The Guidance lists factors that a company should consider in any risk assessment. They are “the country and industry sector, the business opportunity, potential business partners, level of involvement with governments, amount of government regulation and oversight, and exposure to customs and immigration in conducting business affairs.” The Guidance is also quite clear that when the DOJ and SEC look at a company’s overall compliance program, they “take into account whether and to what degree a company analyzes and addresses the particular risks it faces.”
  5. Training and Continuing Advice. Communication of a compliance program is a cornerstone of any anti-corruption compliance program. The Guidance specifies that both the “DOJ and SEC will evaluate whether a company has taken steps to ensure that relevant policies and procedures have been communicated throughout the organization, including through periodic training and certification for all directors, officers, relevant employees, and, where appropriate, agents and business partners.” The training should be risk based so that those high risk employees and third party business partners receive an appropriate level of training. A company should also devote appropriate resources to providing its employees with guidance and advice on how to comply with their own compliance program on an ongoing basis.
  6. Incentives and Disciplinary Measures. This involves both the carrot and the stick. Initially the Guidance notes that a company’s compliance program should apply from “the board room to the supply room – no one should be beyond its reach.” There should be appropriate discipline in place and administered for any violation of the FCPA or a company’s compliance program. Additionally, the “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance program, and rewards for ethics and compliance leadership.” These incentives can take the form of a part of senior management’s bonuses or simply recognition on the shop floor.
  7. Third-Party Due Diligence and Payments. Here the Guidance focuses on the ongoing problem area of third parties. The Guidance says that companies must engage in risk based due diligence to understand the “qualifications and associations of its third-party partners, including its business reputation, and relationship, if any, with foreign officials.” Next a company should articulate a business rationale for the use of the third party. This would include an evaluation of the payment arrangement to ascertain that the compensation is reasonable and will not be used as a basis for corrupt payments. Lastly, there should be ongoing monitoring of third parties.
  8. Confidential Reporting and Internal Investigation. This means more than simply a hotline. The Guidance suggests that anonymous reporting, and perhaps even a company ombudsman, might be appropriate to have in place for employees to report allegations of corruption or violations of the FCPA. Furthermore, it is just as important what a company does after an allegation is made. The Guidance states, “once an allegation is made, companies should have in place an efficient, reliable, and properly funded process for investigating the allegation and documenting the company’s response, including any disciplinary or remediation measures taken.” The final message is what did you learn from the allegation and investigation and did you apply it in your company?
  9. Continuous Improvement: Periodic Testing and Review. As noted in the Guidance, “compliance programs that do not just exist on paper but are followed in practice will inevitably uncover compliance weaknesses and require enhancements. Consequently, DOJ and SEC evaluate whether companies regularly review and improve their compliance programs and not allow them to become stale.” The DOJ/SEC expects that a company will review and test its compliance controls and “think critically” about its own weaknesses and risk areas. Internal controls should also be periodically tested through targeted audits.
  10. Mergers and Acquisitions. Pre-Acquisition Due Diligence and Post-Acquisition Integration. Here the DOJ and SEC spell out what it expects in not only the post-acquisition integration phase but also in the pre-acquisition phase. This pre-acquisition information is not something that most companies had previously focused on. Basically, a company should attempt to perform as much substantive compliance due diligence that it can do before it purchases a company. After the deal is closed, an acquiring entity needs to perform a FCPA audit, train all senior management and risk employees in the purchased company and integrate the acquired entity into its compliance regime.

As I commented earlier in this article, the DOJ and SEC have communicated what they believe are the important parts of a risk based, anti-corruption compliance program for many years. I do not think that a compliance defense could be set out any more succinctly. However, I do like things set out in Base 10 and the “Hallmarks of Effective Compliance Programs” is an excellent compilation of where we are and what you need in place to go forward. I recommend this as a good a starting point for any compliance practitioner to implement a new compliance program or to evaluate the state of an ongoing compliance regime so assess your company’s risks and use these hallmarks as a basis to move forward.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 21, 2013

The Tube and Updating Your Compliance Policies

2013 is the 150th anniversary of the London Underground, affectionately known as “The Tube.” It truly is one of the great urban architectural marvels of all-time. The oldest sections of the London Underground completed 150 years of operations on 10 January 2013. The Underground serves 270 separate stations and has 250 miles of track, 45% of which is underground. In 2011, it served over 1.2 billion riders but, like any transportation system, it has to be evaluated and upgraded. For my money, the most useful upgrade would be to air condition the cars as they can become unbearably hot in the summer but that may not be on the top of Prime Minister’s Cameron’s list about now.

I thought about this auspicious anniversary and maintenance of the London Underground when I read a recent article in the Compliance Week magazine by Michael Rasmussen, entitled “Improving Policies Through Metrics”. Rasmussen believes that effective policy management requires that a company must periodically review their policies to ensure that they are relevant and aligned with both current laws and corporate objectives. This is because today’s business environment is dynamic and involves both internal and external factors, so, consequently, as a company evolves and changes its policies need to be updated to reflect these changes.

One of the key components of any best practices compliance regime under any anti-bribery and anti-corruption program is policies. Policies tie together a company, its business environment, the risks it faces and the compliance requirements. Policies are a specific requirement for any anti-corruption/anti-bribery compliance regime. In the recently released Department of Justice (DOJ) Guidance on the Foreign Corrupt Practices Act (FCPA), it stated, “Whether a company has policies and procedures that outline responsibilities for compliance within the company, detail proper internal controls, auditing practices, and documentation policies, and set forth disciplinary procedures will also be considered by DOJ and SEC.” Under the UK Bribery Act, policies are discussed in the Six Principles of an Adequate Procedures compliance program under Principle V – Communication, where it states “The business seeks to ensure that its bribery prevention policies and procedures are embedded and understood throughout the company through internal and external communication, including training, that is proportionate to the risks it faces.”

While I think that most compliance practitioners understand this need for policies one of the things that is not usually emphasized at a company is effective policy management. One technique which can be used is to elevate the policy function to the senior management level. One of my former employers, Halliburton, did this when it created a Vice President for Policies back in 2006. So kudos to Halliburton for leading the industry by creating the position of Vice President for Policies.

Rasmussen believes that at a minimum, policies must be reviewed annually. He recommends that each policy should go through a yearly review process to determine if it is still appropriate. There should be a “system of accountability and workflow that facilitates” any policy review process. The end product should be a decision to “retire the process, keep the policy as it is, or revise the policy.” Rasmussen lists five items that a policy owner should evaluate as a part of the policy review process.

  • Violations. Here Rasmussen believes that information from reporting systems such as hotlines or other anonymous lines as well as internal or external investigations must be reviewed. Not only would such information indicate if a company policy was violated but the follow-up investigation would help to determine how the policy might have failed, whether it was through “lack of awareness, unauthorized exceptions [or] outright violations.”
  • Understanding. Here Rasmussen writes that there should be an analysis of “training and awareness programs, policy attestations” and attendant metrics to determine an appropriate level of policy understanding. He believes that questions to a helpdesk or compliance department could help to discover any ambiguities in a policy that might need to be corrected.
  • Exceptions. If you have a policy it should be followed. If an exception to a policy was granted the reason for the exception should have been documented. If there are too many exceptions granted for a policy, it might indicate that “the policy is inappropriate and unenforceable” and therefore should be revised.
  • Compliance. A policy should govern and authorize internal controls. These internal controls should be reviewed in conjunction with the policy review to determine overall policy effectiveness. This is because “At the end of the day the policy needs to be complied with.”
  • Environment. All the factors around a policy are in flux. This includes a company’s risk profile, its business strategy, laws and regulations. Since a business’ climate is dynamic, a policy should be reviewed in the context of a company’s overall situation and revised accordingly.

If there is a change in a policy it is important that not only the correct change be made but that any change is documented. An audit trail is a key component for a company to internally understand when a change is made and the reason for that change but also to demonstrate to a regulator effective policy management and to present “a defensible history of policy interactions on communications, training, acknowledgements, assessments and related details needed to show the was enforced and operational.” This audit trail should include “key data points such as the owner, who read it, who was trained, acceptance acknowledgements and dates for specific policy versions”. In addition to an audit trail, policy revisions should be archived for referral back at a later time. So, once again, the key message is document, document and document.

Just as best practices in the FCPA compliance arena evolve, so do business practices, markets and risks. If you throw in the complexities from an inter-connected global business milieu, the task becomes even tougher. Business policies are one of the keystones of a company’s communications to its employees on what it expects and what is required of its employees. To keep policies up-to-date and properly take advantage of this valuable tool, policies need to be evaluated and updated as appropriate. If your company fails to do so this takes away from the value of having policies in the first place. I hope that you will use the techniques which Rasmussen has described to help you effectively manage your policies going forward.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 20, 2013

Tribute to Stan The Man and 11 Rules for Compliance Success

Today we honor Stan ‘The Man’ Musial who played 22 seasons for the St. Louis Cardinals (1941–1963) who passed away on Saturday. Musial was a record 24-time All-Star selection and is widely considered to be one of the greatest hitters in baseball history. He compiled 3,630 hits  He also amassed 475 home runs during his career, was named the National League‘s Most Valuable Player (MVP) three times and won three World Series championship titles. Musial was a first-ballot inductee to the Baseball Hall of Fame in 1969. I actually got to see Musial play at the old Colt Stadium, where the Houston Colt 45’s played in before the Astrodome was built and before they became the Astros. My father, who grew up in Tulsa listening to the St. Louis Cardinals and so passed on his passion for the Cards to me. We could even listen to the Cardinals on the radio in Houston as the uber-powerful AM station KMOX broadcast throughout the Midwest and South. Because of this anomaly I am still a fan of baseball on the radio. So today we celebrate one of the very greatest baseball players of all-time.

In the 60s I was given a long-playing album about hitting in which Musial narrated. It came with a book which you were to turn the pages while Stan The Man taught you how to hit. While it might have talked about his unique corkscrew stance, phenomenal eye-hand coordination or bat level when swinging at an off-speed pitch the one thing I have remembered throughout the years was practice and practice and practice. That is how Musial became one of the greatest hitters of all-time.

I was reminded about this when I read an article in this month’s Inc. magazine and entitled “The Rules” by authors Adam Bluestein, Leigh Buchanan, Issie Lapowsky and Eric Schurenberg. In the article the authors interviewed some of the world’s top entrepreneurs “as well as thinkers from business schools to come up with 11 nuggets of hard-earned wisdom and meticulously researched insight” or as the magazine’s cover promised “11 Rules for Success”. I believe that they are a good review for any Chief Compliance Officer (CCO) and present an entrepreneurial way to think about an overall best practices compliance program.

  1. Do less – Evan Williams the co-found of Twitter. Williams believes many things are actually distractions and leaders lack the perspective of focus. I liked this insight from Williams, “When you are obsessing about one thing, you can reach insights about problems that are hard to solve.” As a CCO, you need to step back and take a look at your overall compliance program on at least an annual basis.
  2. Embrace accidents – Tony Hsieh, the Chief Executive Officer (CEO) of Zappos. Here Hsieh is referring to serendipity. I would use the old football adage that when preparation meets opportunity, luck arises. Hsieh believes that if you make enough contacts at some point you will be able to ‘connect the dots’ to create something spectacular. Talk to other compliance professional, go to conferences and events, have dinner with your peers when you are traveling, talk-talk-talk to others in the profession. You never know when one of their experiences may help you.
  3. Choose your playing field – Roger Martin, the Dean of the Rotman School of Management and co-author of Playing to Win: How Strategy Really Works. Martin believes that you must have more than just aspirations or even vision, you must have a strategy. I think this is why my colleague Stephen Martin says it is so important to have a 1 and 3 and 5 year plan for your compliance program. As Roger Martin puts it “The heart of strategy is defining where you are going to play and how you are going to win.”
  4. Fail – Arianna Huffington, the co-founder and Editor-in-Chief of the Huffington Post. Huffington says that she learned from her mother that failure is a “stepping-stone to success, as opposed to the opposite of success. When you fail that way, it changes dramatically what you’re willing to do, how you’re willing to invent and the risks that you’ll take.” In other words, learn from your failures.
  5. Let others lead – Michael Useem, Professor at the Wharton School. Useem emphasizes that leadership is “a team sport.” You should endeavor to build leadership in the ranks of your organization “by empowering people to independently make good decisions.”
  6. Slow down – Danny Meyer, founder and CEO of Union Square Hospitality Group. Meyer believes that a company should move slowly and deliberately. With his business he believes that this strategy allowed his company to “develop a soul”. But more than this it allowed his business to make a name for itself with its customers because they came to know not only what it sold but more importantly what it stood for. In this world, the life of innovation is quite short so Meyer believes that the product differentiator is how a business does something rather than what it sells
  7. Emphasize steady progress – Teresa M. Amabile, Harvard Business School Professor. Amabile studied a large number of employees and found that on their most productive days “they were able to move forward in their work, even if it was just an incremental step forward.” She believes that managers must pay attention and see if employees are making steady progress and if not, why not. She asked, “Do they have clear goals and autonomy about how to pursue those goals? Do they have sufficient resources?”
  8. No tricks – Phil Lubi, founder of Evernote. Lubi believes that you should play to both your strengths and weaknesses. Do not hide behind what he termed “false choice.” Be honest and let investors and your Board of Directors know the truth. By doing so he believes that you will build more durable relationships.
  9. Stop thinking about yourself – John Mackey, co-founder of Whole Foods. Mackay believes that you need to step back and look at the big picture.  For Mackay this came when he recognized that his company’s Board of Directors did not only have a fiduciary duty to the shareholders but was also a stakeholder in the company. His advice to entrepreneurs is to “think about your business and all the relationships it has. You have to develop a feeling for who your stakeholders are and figure out how to make them all winners.”
  10. Don’t discount the role of luck – Michael Maubossin, investment strategist at Legg Mason Capital Management. In a somewhat counter-intuitive analysis, Maubossin believes that you should not only look at companies that succeed but also those that fail. This is because if you only look at company’s which succeed, you will miss those which employ the same strategy but failed. He believes that by recognizing alternative outcomes, and the role of luck, you can keep “your mind open to other possibilities, so you can manage or mitigate them.” This means that you can learn from compliance failures as well as compliance successes. Foreign Corrupt Practices Act (FCPA) enforcement actions usually provide significant information on what got a company into FCPA hot water and this is information that you can learn from.
  11. Don’t be immune to new ideas – Bob Metcalfe, founder of 3Com. Metcalfe believes that “If you have an ongoing business, it’s hard to innovate, because innovation likely threatens what you have.” But he emphasizes that if you are standing still, it is likely that not only are other companies catching up to you, they are also passing you in the business world. In the compliance world, the concept of best practices is constantly evolving. As anti-corruption and anti-bribery compliance programs and criteria evolve, today’s ‘enhanced compliance obligation’ may be tomorrow’s best practice.

The Inc. article provided some interesting insights into what made some of the world’s top entrepreneurs very successful. You might see how these insights could help you improve your compliance program. And while it doesn’t have quite the same rhyming scheme as Paul Simon’s Mrs. Robinson, here’s to you Stan ‘The Man’ Musial. I hope that you enjoy an inning or two at the great game in the hereafter.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 18, 2013

How to Reach Your Audience in Compliance Training – The Use of Charisma

One often hears or reads about complaints that compliance training is dull, nay even boring. I mean, how many times can you expect someone to be lectured to on the riveting subject of the Foreign Corrupt Practices Act (FCPA) or even the UK Bribery Act? Coupled with the legally spellbinding subject, the sessions are often led by lawyers who are training non-lawyers. What can I say; the audience does not always have the appreciation of the subject that I do. I thought about this ongoing conundrum when I came across a recent article in the Financial Times (FT), entitled “The subtle secrets of charisma”, by author Alicia Clegg. The focus of her article was that senior managers, by learning techniques of rhetoric, vocal cadence and gesture, can help make senior managers more like leaders. However, I thought that her tips could also help the compliance practitioner in the more mundane area of compliance training.

In her article, Clegg cited to the example of an Infosys executive who was introducing a “controversial HR policy to his company.” During the talk, he felt that his audience was quite restless and “sensed that he was failing to take his listeners with him.” The Infosys executive was quoted as saying “After the talk, people asked me, privately ‘Do you really think this is the right thing to do?’” “I thought: ‘Well, yes, actually, I do. Isn’t that what I said?’” He had failed to convince. Today, however, the executive would deliver a far different talk. Clegg said that “he would acknowledge his colleagues’ concerns, share his own feelings and perhaps tell a personal story. He might modulate his voice; organise his key points into pithy three-part lists; use metaphors; smile or frown occasionally, while gradually building to a statement of personal conviction or a vision of a better future.” In other words, he would work these concepts of ‘charisma’ into his chat.

Clegg discussed the work of John Antonakis, a professor of organizational behavior at Lausanne University. In a June Harvard Business Review article he published, along with colleagues Marika Fenley and Sue Liechti, entitled “Leaning Charisma”, Antonakis argues, however, that having charismatic qualities can turn a competent manager into someone that others notice and want to follow. Antonakis and his team claim to have identified twelve communication habits, rooted in the principles of “classic rhetoric, that make a speaker appear more authoritative, trustworthy and persuasive – in short, more like a leader. Nine of the techniques are verbal: using metaphors and easy-to-remember three-part lists; telling stories; drawing vivid contrasts; asking rhetorical questions; expressing moral conviction; reflecting an audience’s sentiments; and setting high but achievable goals. The rest are non-verbal: raising and lowering your voice, letting your feelings show in face and hand gestures to reinforce what you say.” Their case for their charisma training runs counter to a recent theme in management ideas that plays down corporate stars in favor of teams.

Clegg writes about old ways of making new points. She says that the modern-day science of persuasion is rooted in three “rhetorical appeals” described long ago by Aristotle. The three are: ethos, logos and pathos.

  • Ethos – establishing your credentials and building rapport. Here you should use “useful ethos techniques include speaking your audience’s language and reflecting their concerns in what you say.” You should recognize that staff are likely to be more interested in what’s changing for them – how will their job be different?
  • Logos – persuading through logic. Under this you should consider “using useful logos techniques include contrasts and rhetorical questions, which can clarify choices by juxtaposing good and bad outcomes and combine reason with emotion; three-point lists are easy to recall and suggest completeness.” As a lawyer, I found comfort that, as stated in the article, using trios of points can add a purposeful edge to your presenting technique.
  • Pathos – persuasion with emotion. Under this technique you should endeavor to use “useful pathos techniques include stories, metaphors, lowering or raising your voice; while gestures and facial expressions can heighten emotional force.” But here one must be careful to respect cultural differences, as “What Asians consider over-the-top, southern Europeans may consider emotionally repressed.”

Clegg cites to other examples of effective rhetoric. She quotes Sam Leith, author of “You Talkin’ to Me?” who says “Effective rhetoric need not be fancy rhetoric.” Rather than cultivating a high-flown style, he advises novices to tune into how their audience thinks, and to listen to how they speak. He identifies General George Patton as a master of the art of persuasive plain-speaking. In the final weeks of World War II, the general exhorted his troops to redouble their efforts with the words “The quicker they are whipped, the quicker we can go home”. This got the audience of his troops on his side because getting home was what mattered to them the most.

Clegg also discussed the well-known technique of repetition. She included Martin Luther King’s ‘I Have a Dream’ speech where King used the device of repeated phrases at the start of successive clauses so that there develops ‘an appreciation of what is easy on the ear is important.” Clegg also discussed the technique of chiasmus, “in which the second half of a statement reverses the order of words in the first − as in “ask not what your country can do for you – ask what you can do for your country”. The words were simple and direct – and their impact all the greater.”

Antonakis argues that these techniques can be taught and, more importantly, learned and that “everyone can improve with practice.” But Clegg cautioned that there is more than simply having commanding rhetoric. A good leader must be a good listener as well. She cites to the work of Harvard academician Rosabeth Moss Kanter who argues in her blog that “it is how well you listen, rather than how well you talk, that persuades people to do things.”

Clegg appropriately ends by noting that no matter how good your rhetorical techniques are, “It is not just what you say, or how you say it, that convinces people you are not phony. You can dress things up with all the anaphora and epistrophe in the world, but if you don’t have a deep sense that something is important you’re not going to persuade anyone.”

So for the compliance practitioner who puts on training there is plenty of good advice on rhetorical techniques that you can use. But, most importantly, don’t be phony.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Next Page »

Blog at WordPress.com.