FCPA Compliance and Ethics Blog

February 28, 2013

Distributors under the FCPA – Post Game Wrap Up

This week we have focused on distributors and how a company might think through ranking the risk, performing due diligence on and, finally, how to manage distributors going forward. This was spurred on by a discussion that David Simon and I had engaged in previously on LinkedIn. In today’s post I will try and wrap up and wrap together our approaches so that you might decide which works best for you and your organization.

But first I must note the passing of one of the most famous Texans of the 20th Century, Van Cliburn, the pianist who won the first-place award at the 1958 Tchaikovsky International Competition in Moscow. His gold medal in the inaugural year of the Tchaikovsky competition, won in Moscow, was viewed at the time as an American triumph over the Soviet Union at the height of the cold war. He became a cultural celebrity of pop-star dimensions and brought overdue attention to the musical assets of his native land. But he gave back as well, starting his own piano competition which also became world famous.

While I had been initially skeptical of David’s approach, as I read his White Paper on the subject and his guest post this week, I became convinced that his approach has merit because it follows what is set out in the recently released Department of Justice (DOJ)/Securities and Exchange Commission (SEC) Foreign Corrupt Practices Act (FCPA) Guidance, which I quote from the introductory section of the Ten Hallmarks of an Effective Compliance Program:

Compliance programs that employ a “check-the-box” approach may be inefficient and, more importantly, ineffec­tive. Because each compliance program should be tailored to an organization’s specific needs, risks, and challenges, the information provided below should not be considered a substitute for a company’s own assessment of the corpo­rate compliance program most appropriate for that particu­lar business organization. In the end, if designed carefully, implemented earnestly, and enforced fairly, a company’s compliance program—no matter how large or small the organization—will allow the company generally to prevent violations, detect those that do occur, and remediate them promptly and appropriately.[emphasis supplied]

Based upon this language, I believe that if a company takes a carefully designed and  reasoned approach to assessing the risk of its distributors and then manages that risk, it is something that meets the above prescription from the FCPA Guidance. While I believe that distributors should be considered the same as agents under the FCPA, I am persuaded that David’s approach meets the cited recommendation from the FCPA Guidance.

I.                   Fox Approach – The Full Monty Approach

While I wish I had thought of that name I have to credit it to Simon. In 2012, there were three enforcement actions which I believe made clear that there were no distinctions between agents and distributors. They were, the Smith & Nephew, Inc., (S&N) Deferred Prosecution Agreement (DPA) for criminal FCPA violations, the Oracle SEC Complaint for books and records violations and the Eli Lilly and Company (Lilly) SEC Compliant for books and records violations. I reviewed the enforcement actions and based upon the deficiencies noted by both the DOJ and SEC, that these enforcement agencies were classing distributors the same as agents or other similar entities in the sales chain.

In the S&N enforcement action, it was clear that S&N had not performed sufficient due diligence on these distributors nor did they document any due diligence that they may have engaged in. In the Lilly case, the policies and procedures in place to flag unusual distributor discounts were deficient as the enforcement action “noted that the company relied on representations of the sales and marketing manager without adequate verification and analysis of the surrounding circumstances of the transactions.” In the Oracle enforcement action it demonstrated that Oracle needed to institute the proper controls to prevent its employees at Oracle India from creating and misusing the parked funds in the distributor’s account and that Oracle needed to audit and compare the distributor’s margin against the end user price to ensure excess margins were not being built into the pricing structure. What I gleaned from these enforcement actions was that the full five steps suggested for agents and other third parties in the sales chain was needed for distributors. They are (1) Business Justification; (2) Due diligence, the level being based on your risk assessment; (3) Evaluation of due diligence; (4) Written contract with compliance terms and conditions; and (5) Management of the relationship going forward.

II.                Simon Approach – The Agency Approach

Simon advocated that a risk analysis should more appropriately based on the nature of a company’s relationships with their distributors. The goal should be to determine which distributors are the most likely to qualify as agents; for whose acts the company would likely to be held responsible.  He argues that it is a continuum of risk; that is, on the low-risk end are distributors that are really nothing more than re-sellers with little actual affiliation with the supplier company. On the high-risk end are distributors who are very closely tied to the supplier company, who effectively represent the company in the market and end up looking more like a quasi-subsidiary than a customer.

Simon looks at agency principles to guide his analysis of whether a distributor qualifies as an agent for FCPA purposes. He argues that factors to consider include:

  • The volume of sales made to the distributor;
  • The percentage of total sales of the distributor’s total business the principal’s product represents;
  • Whether the distributor represents the principal in the market, including whether it can (and does) use the company trademarks and logos in its business; and
  • Whether the principal company is involved in the running of the distributor’s business (such as by training the distributor’s sales agents, imposing performance goals and objectives, or providing reimbursement for sales activity).

Once a company segregates out the high-risk distributors that likely qualify as agents and potentially subject the company to FCPA liability from those that are mere resellers and pose less FCPA risk, FCPA compliance procedures can be tailored appropriately. For those distributors that qualify as “agents” and also pose FCPA risk, full FCPA due diligence, certifications, training and contract language are imperative. For those that do not, more limited compliance measures that reflect the risk-adjusted potential liability are perfectly appropriate.

III.              Athanas Approach – Management of the Relationship

I often say that once you have a business justification, perform and evaluate due diligence on an agent and then ink a contract; your real work now begins as you have to manage that relationship going forward. Athanas set out a plan to assist in that management component under which he provides a framework to help provide a business justification, assess/manage and document any discount offered to a distributor; all of which he calls the ‘Discount Authorization Request’ (DAR) and states as follows:

1.         Capturing and Memorializing Discount Authorization Requests

 Athanas says that it all begins with a DAR. This is so important that he argues a DAR template should be prepared, which is designed to capture the particulars of a given request and allow for an informed decision about whether it should be granted. Because the specifics of a particular DAR are critical to evaluating its legitimacy, it is expected that the employee submitting the DAR will provide details about how the request originated as well as an explanation in the business justification for the elevated discount. In addition, the DAR template should be designed so as to identify gaps in compliance that may otherwise go undetected.

2.         Evaluation and Authorization of DARs

The next step is that channels should be created to evaluate DARs. The precise structure of that system will depend on several factors, but ideally the goal should be to allow for tiered levels of approval. Athanas believes that three levels of approval are sufficient, but can be expanded or contracted as necessary. The key is the greater the discount contemplated, the more scrutiny the DAR should receive. The goal is to ensure that all DARs are vetted in an appropriately thorough fashion without negatively impacting the company’s ability to function efficiently.

3.         Tracking of DARs

Lastly comes the Document, Document, Document component. Once the information gathering, review and approval processes are formulated, there must be a system in place to track, record and evaluate information relating to DARs, both approved and denied. The documentation of the total number of DARs allows companies to more accurately determine where and why discounts are increasing, whether the standard discount range should be raised or lowered, and gauge the level of commitment to FCPA compliance within the company. This information, in turn, leaves these companies better equipped to respond to government inquiries down the road.

IV.              Bringing It All Home

You do not have to dream like Van Cliburn did but you can try other or new approaches. Whether you use the Fox ‘Full Monty’ approach or the Simon ‘Agency’ approach will depend on many different factors unique to your organization. You are only limited by your imagination. There may well be other approaches you can take if they are carefully thought out and well-reasoned.

But whatever approach you take on risk ranking and performing due diligence on your distributors, I would urge you to use Athanas’ DAR system or something similar to it. While it is of the utmost importance that you do so from the compliance perspective, the business reason is even more compelling. A company really does need to know what discounts it is giving to distributors and why they are receiving said discounts.

I hope that you have enjoyed our discussion and dialogue on distributors this week. I wanted to thank, once again, David Simon and Bill Athanas for their most excellent and timely posts. I certainly have learned quite a bit.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

February 27, 2013

What Enforcement Actions Based On Distributor Conduct Teach About Improving FCPA Compliance Programs

Ed. Note-today we have a guest post by our colleague, William C. Athanas, a partner in the law firm of Waller Lansden Dortch & Davis, LLP. In the prior two posts, David Simon and myself posited different approaches to analyzing the risks that distributors present under the FCPA. In this post, Bill suggests an approach for managing the risks that distributors present under the FCPA. 

———————————————————————————————————————————————————————-

In a recent post, Distributors Under the FCPA, Tom Fox detailed three enforcement actions filed in 2012 which show that the actions of distributors can create FCPA liability for the companies that hire them.  The Smith & Nephew, Oracle and Lilly actions summarized in Tom’s post demonstrate the continuing viability of distributor conduct as the basis for FCPA enforcement actions by aligning with previous cases (such as GE InVision and AGA Medical) also grounded on that theory.  Together, those cases make plain that the government perceives no distinction between distributors and any other kind of intermediary used as a conduit for bribe payments.  Tom’s post offers a useful jumping-off point an equally significant and far less apparent lesson:  just because distributors’ actions can give rise to FCPA exposure does not mean that companies are best served by relying on traditional compliance measures to mitigate the risk they present.

FCPA exposure arises when companies pay money – either directly or indirectly – to fund bribe payments.  In the traditional intermediary scenario, the company funnels money to the agent or consultant, who then passes on some or all of it to the bribe recipient.  Often, the payment is disguised as compensation to the intermediary, and some portion is redirected for corrupt purposes.

But distributors are an atypical intermediary, at least where compensation is concerned.  Unlike the standard intermediary relationship, companies generally do not transfer funds to distributors as payment for services rendered.  Rather, as Fox explained in a prior post, What’s in a Name: Agents, Resellers and Distributors under the FCPA, distributors make money by buying goods for one price and selling them for a higher amount.  As a result, the greater the discount provided to the distributor, the more money available to pay bribes.

When companies grant distributors uncommonly steep discounts, bribes can result either: 1) because the distributor is instructed by the company to use the excess amounts to fund corrupt payments; or 2) because the distributor pays bribes on its own, without the express direction or implicit suggestion from the company to do so, in an effort to gain some business advantage.  (Note on this issue the reference in the Resource Guide to the U.S. Foreign Corrupt Practices Act  recently released by the DOJ and SEC, which notes that common red flags associated with third parties include “unreasonably large discounts to third-party distributors”).  The distributor enforcement cases offer lessons to combat the second scenario, which is where legitimate companies require assistance.

Assuming that the company’s desire is not to use its distributors as a conduit for paying bribes, how can it manage the FCPA risk that distributors present?  By installing a distributor discount policy and monitoring system tailored to the company’s operational structure.  In virtually every business, there exists a range of standard discounts granted to distributors.  Under the approach recommended here, discounts within that range may be granted without the need for further investigation, explanation or authorization (absent, of course, some glaring evidence that the distributor intends use even the standard cost/price delta to fund corrupt payments).

Where the distributor requests a discount above the standard range, however, the policy should require a legitimate justification.  Evaluating and endorsing that justification requires three steps:  (1) relevant information about the contemplated elevated discount must be captured and memorialized; (2) requests for elevated discounts should be evaluated in a streamlined fashion, with tiered levels of approval (higher discounts require higher ranking official approval); and (3) elevated discounts are then tracked, along with their requests and authorizations, in order to facilitate auditing, testing and benchmarking.  The basics concepts underlying each step are discussed below.

1.         Capturing and Memorializing Discount Authorization Requests

Through whatever means are most efficient, a discount authorization request (“DAR”) template should be prepared.  While remaining mindful of the need to strike a balance between the creation of unnecessary red tape and the need to mitigate risk, the DAR template should be designed to capture the particulars of a given request and allow for an informed decision about whether it should be granted.  Because the specifics of a particular DAR are critical to evaluating its legitimacy, it is expected that the employee submitting the DAR will provide details about how the request originated (e.g., whether as a request from the distributor or a contemplated offer by the company) as well as explain the legitimate justification for the elevated discount (e.g, volume-based incentive).  In addition, the DAR template should be designed so as to identify gaps in compliance that may otherwise go undetected (e.g., confirmation that the distributor has executed a certification of FCPA compliance).

2.         Evaluation and Authorization of DARs

Channels should be created to evaluate DARs submitted.  The precise structure of that system will depend on several factors, but ideally the goal should be to allow for tiered levels of approval.  Usually, three levels of approval are sufficient, but this can expanded or contracted as necessary.  Ultimately, the greater the discount contemplated, the more scrutiny the DAR should receive.  Factors to be considered in constructing the approval framework include the expected volume of DARs and the current organizational structure.  The goal is to ensure that all DARs are vetted in an appropriately thorough fashion without negatively impacting the company’s ability to function efficiently.

3.         Tracking of DARs

Once the information gathering, review and approval processes are formulated, there must be a system in place to track, record and evaluate information relating to DARs, both approved and denied.  This captured data can provide invaluable insight into FCPA compliance and beyond.  By tracking the total number of DARs, companies will find themselves better able to determine where and why discounts are increasing, whether the standard discount range should be raised or lowered, and gauge the level of commitment to FCPA compliance within the company (e.g., confirming the existence of a completed and approved DAR is an excellent objective measure for internal audit to perform as part of its evaluation of the company’s FCPA compliance measures).  This information, in turn, leaves these companies better equipped to respond to government inquiries down the road.

Rethinking approaches to evaluating distributor activities is but one of the ways that the increased number of enforcement actions and FCPA Guidance have provided insight into how the government interprets and enforces the FCPA.  This information, in turn, allows companies to get smarter about FCPA compliance.  With a manageable amount of forethought, companies who rely on distributors can create, install and maintain systems which allow them to spend fewer resources to more effectively prevent violations.  Moreover, these systems generate tangible proof of a company’s genuine commitment to FCPA compliance, which can be invaluable in responding to a government inquiry.

———————————————————————————————————————————————————————-

Bill Athanas served as a member of the Justice Department’s Fraud Section and later as an Assistant U.S. Attorney in the Northern District of Alabama.  Currently, he is a partner based out of the Birmingham, Alabama office of Waller Lansden Dortch & Davis, LLP.  His practice focuses on white collar criminal defense, including providing FCPA advice and counsel to privately held and publicly traded companies operating in a wide range of industries and geographic regions. He can reached at Bill.Athanas@wallerlaw.com

============================================================================================

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author.

February 26, 2013

Analyzing the Risk of Distributors Under the FCPA-the Simon Approach

Ed. Note-we continue are series on the risk analysis and assessment of distributors under the FCPA and management of that risk. Today, David Simon contributes a guest post where he articulates another approach to the risk analysis of distributors. 

============================================================================================

Tom and I have been engaged in an interesting discussion (interesting to us, as FCPA geeks, anyway) about the FCPA risk posed by distributors and the most appropriate compliance response to that risk.  Tom correctly focuses on the risk posed by distributors and recommends that companies apply “Full Monty” third-party due diligence procedures to distributors to minimize that risk.  Based some work counseling mid-sized companies with limited compliance resources, I have focused on the practical challenges that approach presents, and have proposed an analytical framework for conducting a risk-based approach to assessing FCPA exposure, which can be used to sensibly and reasonably allocate compliance resources.

It seems that everyone agrees on a couple of key points.  First, it is clear that distributors do pose FCPA risk.  Indeed, the majority of enforcement actions over the past several years have involved at least some alleged violations by third parties, including some involving distributors.  Second, there is no question that a company will be held responsible for improper payments made by a distributor if the company actually knows about or participates in the improper payments.

My focus is on FCPA liability for acts of distributors that is premised on “willful blindness.”  A significant benefit from third-party due diligence is protection against a “willful blindness” FCPA charge if a distributor makes an improper payment on the company’s behalf.

Here’s the problem:  Some companies employ vast distributor networks, sometimes including hundreds, if not thousands, of distributors around the world.  Many distributors are more like customers than agents – they merely purchase a product and resell it to others, often in conjunction with other products purchased from other manufacturers.  Is it really practical and  necessary to conduct full FCPA due diligence on every one of those distributors?  Do the U.S. companies in these situations even have the leverage to insist on FCPA representations and warranties in the written agreements, to demand audit rights, and to require certifications by and training of these distributors?  The question thus arises whether U.S. companies are faced with a difficult choice either to accept substantial FCPA risk or to devote disproportionate resources to running an FCPA compliance program that fully vets all distributors.

I think the answer to this question is “no,” and that there is a practical way to minimize the FCPA risk associated with a global distributor network without devoting an unreasonable and disproportionate amount of resources to compliance.  The key, in my view, is to employ a risk-based approach to distributor compliance, focusing on those relationships that pose the greatest FCPA risk.  The U.S. government has endorsed the use of a risk-based approach to FCPA compliance – and the agencies emphasized this point in the recent FCPA Resource Guide — and I see no reason why those principles should not apply equally in this context.

The first step in a risk-based approach is to identify those parts of the distribution network that pose the greatest FCPA risk.  Companies should look at the countries of operation, including their respective reputations for corruption, the end-user base (are there government contacts or state-owned enterprise customers?), the level of government regulation and the amount of interaction with the government, the industry, and other factors that would help assess FCPA risk generally.  Those parts of the world and parts of the company’s operation that pose the greatest risk should get the greatest attention.  Distributors in Norway who sell to private commercial customers will require less scrutiny than those in India who bid on government contracts.

But companies following a risk-based approach should take this risk analysis a step further and focus on the nature of their relationships with their distributors.  The goal should be to determine which distributors are the most likely to qualify as agents, for whose acts the company is likely to be held responsible.  Think about this as a continuum of risk.  On the low-risk end are distributors that are nothing more than re-sellers with little actual affiliation with the supplier company.  On the high-risk end are distributors who are very closely tied to the supplier company, who effectively represent the company in the market and end up looking more like a quasi-subsidiary than a customer.

In order to determine where a distributor falls on this continuum of risk basic principles of agency law are instructive.    The Restatement (Third) of Agency defines agency as “the fiduciary relationship that arises when one person (a ‘principal’) manifests assent to another person (an ‘agent’) that the agent shall act on the principal’s behalf and subject to the principal’s control, and the agent manifests assent or otherwise consents so to act.”  It is this relationship that gives rise to potential FCPA liability for the actions of distributors.

As with liability for a principal in any agency relationship, whether a distributor qualifies as an agent for FCPA purposes should turn on the amount of control a principal exerts over the distributor and whether the distributor is seen to be acting under the authority of the principal.  Factors to consider include:

  • The volume of sales made to the distributor;
  • The percentage of total sales of the distributor’s total business the principal’s product represents;
  • Whether the distributor represents the principal in the market, including whether it can (and does) use the company trademarks and logos in its business; and
  • Whether the principal company is involved in the running of the distributor’s business (such as by training the distributor’s sales agents, imposing performance goals and objectives, or providing reimbursement for sales activity).

Once a company segregates out the high-risk distributors that likely qualify as agents and potentially subject the company to FCPA liability from those that are mere resellers and pose less FCPA risk, FCPA compliance procedures can be tailored appropriately.  For those distributors that qualify as “agents” and also pose FCPA risk, full FCPA due diligence, certifications, training and contract language are imperative.  For those that do not, more limited compliance measures that reflect the risk-adjusted potential liability are perfectly appropriate.

———————————————————————————————————————————————————————-

David Simon, a partner at Foley & Lardner, defends corporations in government enforcement actions, conducts internal investigations, and provides compliance advice and counseling.  He specializes in the FCPA and other anti-corruption laws. He can be reached at DSimon@foley.com

———————————————————————————————————————————————————————-

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. 

February 25, 2013

Distributors Should Be Analyzed As Any Other Third Party Representative in the Sales Chain

Ed. Note-David Simon is a partner at Foley and Lardner and Bill Athanas is a partner at Waller Lansden Dortch & Davis, LLP. Both have practices which include FCPA compliance.  After my recent post on distributors under the FCPA, David and I had a dialogue on how distributors should be reviewed and analyzed under the FCPA. Bill also had some thoughts on the subject. I asked them if they would contribute guest posts with their ideas.

As this is the first time that I have had a dialogue with two other FCPA practitioners based on a post, this week we will have 3 days of discussion and dialogue on distributors. Today, I provide my suggestions on how to risk rank and the manage distributors. Tomorrow, Daivd will contribute his thoughts on a different approach. On Wednesday, Bill will lay out his ideas on the topic. Finally on Thursday I will try to wrap up and weave together our three articles. I hope that you will find this series instructive and useful. I know I certainly have in my dialogues with these two other excellent FCPA compliance practitioners.

In today’s post, I advocate that distributors should be treated as any other third party representative in the sales chain; IE., agents and resellers.

============================================================================================

In 2012, there were three enforcement actions which I believe made clear that there were no distinctions between agents and distributors. They were, the Smith & Nephew, Inc., (S&N) Deferred Prosecution Agreement (DPA) for criminal FCPA violations, the Oracle SEC Complaint for books and records violations and the Eli Lilly and Company (Lilly) SEC Compliant for books and records violations.

These enforcement actions involved three separate bribery schemes which I believe call for three different but overlapping responses. In the case with Lilly, the SEC Complaint noted the following “Lilly-Brazil’s pricing committee approved the discounts without further inquiry. The policies and procedures in place to flag unusual distributor discounts were deficient.” Lastly, as stated by Matt Ellis, the enforcement action “noted that the company relied on representations of the sales and marketing manager without adequate verification and analysis of the surrounding circumstances of the transactions.”

The Lilly enforcement action also makes clear the need for internal audit to follow up with ongoing monitoring and auditing. Internal audit can be used to help determine the reasonableness of a commission rate outside the accepted corporate norm. As stated by Jon Rydberg, of Orchid Advisors, in an article entitled “Eli Lilly’s Remedial Efforts for FCPA Compliance – After the Fact”, the company should be “implementing compliance monitoring and corporate auditing specifically tailored to anti-corruption” for the distributor sales model.

The Oracle enforcement action demonstrates that Oracle needed to institute the proper controls to prevent its employees at Oracle India from creating and misusing the parked funds in the distributor’s account. The Company needed to audit and compare the distributor’s margin against the end user price to ensure excess margins were not being built into the pricing structure. Oracle should have sought to either (1) seek transparency in its dealing with the distributor or (2) audit third party payments made by the distributors on Oracle’s behalf, both of which would have enabled the Company to check that payments were made to appropriate recipients.

What are some of the factors that demonstrate the distributors used by S&N were fraudulent and did not have a legitimate business purpose? It was clear that S&N did not perform sufficient due diligence on these distributors nor did they document any. I would note that the distributor was domiciled in a location separate and apart, the UK, from the sole location it was designed to deliver products or services into, Greece. This clearly demonstrated that the entities were used for a purpose that the company wished to hide from Greek authorities. While it is true that a distributor might sell products into a country different than its domicile, if the products are going into a single country, this should have raised several Red Flags.

However, the biggest indicium of corruption was the amount of the commission paid. The traditional sales model for a distributor has been to purchase a product, take the title, and therefore the risk, and then sell it to an end user. Based upon this sales model, there has been a commission structure more generous than those usually accorded a reseller or sales agent, who is usually only a negotiator between the Original Equipment Manufacturer (OEM) and the end user. This difference in taking title, and risk of loss, have led to a cost structure which has provided a deeper discount of pricing for distributors than commission rates paid to resellers or sales agents. The sales structure used by S&N had pricing discounts of between 26-40% off the list price. Further, this money was used precisely to pay bribes to Greek Doctors to use S&N products.

These three enforcement actions make clear that distributors will be treated like any other representative in the sales chain. This means that distributors need to go through the same rigorous due diligence and review, contracts and management going forward as agents or resellers.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

February 22, 2013

Marine Transport and the FCPA

One of the things that I have been thinking about over the past few months is the application of the Foreign Corrupt Practices Act (FCPA) to the maritime transport industry and more specifically US/UK companies which hire maritime transport to ship and receive products. For example, in the energy industry many companies will hire ships to bring crude oil to their refineries in the US and then ship out refined products such as gasoline, lubricants or other refined petroleum products across the globe. To do so, they usually employ a contract a called charter party. But first a little law for all you non-boat lawyers out there, courtesy of Wikipedia…

A charter party is an agreement between a shipowner and a merchant, by which a ship is let or hired for the conveyance of goods on a specified voyage, or for a defined period. It is an agreement for the use of a vessel between shipowner and charterer whereby a ship is hired; all terms, conditions and exceptions are stated in the contract or incorporated by reference. The charterer takes over the vessel for either a certain amount of time (a time charter) or for a certain point-to-point voyage (a spot charter), giving rise to these two main types of charter agreement.

In a time charter, the vessel is hired for a specific amount of time. The owner still manages the vessel but the charterer gives orders for the employment of the vessel, pays for the fuel and port costs and may sub-charter the vessel on a time charter or voyage charter basis. A spot charter is where  the charterer hires the vessel for a single voyage, and the vessel’s owner (or disponent owner) provides the master, crew, bunkers, supplies, and pays for port costs. A bareboat charter is a subtype of a time charter in which the charterer takes responsibility for the crewing, maintenance, vessel insurance, supplies, and port costs of the ship during the time of the charter, assuming the legal responsibilities of the owner and is known as a disponent owner.

So why would the FCPA apply to all of the above? It is because every time a vessel goes into port there are series of governmental touch points that a ship must go through. Typically these services are handled by a port agent, who is a person or agency responsible for handling shipments and cargo at ports and harbors worldwide on behalf of shipping companies. The port agent can be hired directly by the US company which arranges the shipping or the port agent can be hired by the charter party.

What are some of the tasks of a port agent that have FCPA implications? They may include some of the following: Drawing up, initiating and delivering the required documents (especially for containers), including booking lists, shipping permits, delivery orders all related to the cargo; Fulfilling the necessary formalities regarding the delivery and reception of the goods (customs etc.), Collecting freights for cargoes and passing them along to local port authorities; Arranging for storage bunkers if these are needed; Assisting the master in making the necessary contacts with the local authorities and the harbor authorities; Ensuring a berth for the incoming ship through the local port authorities; Arranging for the pilot and the tugs if necessary, which may be local government employees; Assisting the vessel if there are any government inspections such as for drugs or other contraband, tending to vessel crew that may require to visit a doctor or hospital, waste removal, victualing (groceries); and Drawing up the documents for the customs and harbor services.

The list above certainly sounds like an agent which is dealing with foreign government officials. Even if the US company does not hire the port agent directly but the charter party (owner or vessel charterer) hires the port agent, there still could be FCPA exposure for the US company. This is because the FCPA prohibits payments or anything of value to any person, while knowing that all or a portion of such money or thing of value will be offered, given, or promised, directly or indirectly, to any foreign official, to any foreign political party or official thereof, or to any candidate for foreign political office, for purposes of (emphasis supplied). It is this language of ‘indirectly’ which has gotten many companies into FCPA hot water, certainly by the actions of agents.

All of this means that if your company hires out ships for marine transportation, you should review your management of port agents. As they are clearly agents you may well need to put them through your agent due diligence program. It does not matter if the ship is a non-US flagged vessel or if the charter party is a non-US entity. They all need to be a part of your third party compliance program.

And while you are thinking about your port agents you should also consider the company which you have hired as your charter party. Is that company FCPA or UK Bribery Act compliant? It may well be that the ship’s officers also have to deal with foreign officials in each port in which they enter. They also need to be FCPA compliant.

My final thought is that there may be other entities or persons that your company hires which may well be agents under the FCPA but you are not considering them as such. For the compliance practitioner, this means you should talk to units or persons in your company such as energy traders, your maritime division, your transportation division and your logistics group to determine if you have exposures which you had not previously considered. There may be FCPA exposure lurking out there that you are not aware of and need to evaluate.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

February 21, 2013

How to Introduce Change into Your FCPA Compliance Program (Without Blowing It Up)

Thucydides or Herodotus; Herodotus or Thucydides. Which is your favorite? I admit to vacillating between the two. Thucydides wrote about the end of the Athenian dynasty from the Peloponnesian War and the debacle of the Sicilian Invasion. Herodotus wrote about the beginnings of the Golden Age of the Greek City State through the defeat of the Persian Invasion of Greece. Slogging through both is never easy but it is far and away worth the effort. One of the things that both of these ancient authors wrote about was massive change.

I recently read a book review of a couple of new volumes which looked at these authors and thought about the changes wrought when implementing or enhancing a Foreign Corrupt Practices Act (FCPA) compliance program. In making a large change, most compliance practitioners think of bringing it all to a company in one fell swoop. This is usually based on a Board of Directors or senior management directive to ‘get it done’. Sometimes this can simply be overwhelming to the compliance practitioner or information overload to the troops in the field, particularly those outside the US. However, a recent article in the MIT Sloan Management Review, entitled “How to Change an Organization Without Blowing It Up”, suggests that a different approach might be appropriate. In this article, author Karen Golden-Biddle writes that there is a middle ground between wholesale change and tentative pilot projects which could allow an organization to operate more effectively.

The author believes that “Too often, conventional approaches to organizational transformation resemble the Big Bang theory.” Further, that this “Big Bang transformation attempts often fail, fostering employee discontent and producing mediocre solutions with little lasting impact.” To overcome this she believes that “organizations can seed transformation by collectively uncovering “everyday disconnects” — the disparities between our expectations about how work is carried out and how it actually is. The discovery of such disconnects encourages people to think about how the work might be done differently.”

She suggests that there are three techniques for discovering these disconnects and turning them into a way to “seed transformation from the bottom up.” These three techniques are (1) Work Discovery; (2) Better Practices; and (3) Test Training. I will look at all three and discuss how a compliance practitioner can bring them to bear to help move a compliance program forward.

I.                   Work Discovery – Examine Firsthand the Work Where It Is Actually Conducted

The author states that “instead of assuming that you know if the work process will be successful as it is designed, you should examine it firsthand, “as it is actually conducted.”” This will allow a company to “turn the (inevitable) surprises you uncover into assets.” She advises that senior management needs to actually see how the organization works to understand not only the expectations that they have set but also to uncover disconnects in the process. She cautions that this is not the same as a pilot project but rather should be viewed as part of a larger exploration of how a system might become the best that it can be. Put another way, the initial “design and rollout was always connected with the larger possibility, even though the possibility was in the process of becoming defined.”

For the compliance practitioner, this examination ‘in the field’ allows you to find the  disconnect in the proposed compliance program or changes to facilitate the reconsideration of expectations in the program or understanding of how the program is designed to be conducted, but further allows you to  entertain new possibilities  of how to make the program work better. Compliance professionals can talk through the proposed changes to generate insights and possibilities for change and help company employees understand what the program changes will be and how the compliance program will work in their day-to-day operations.

II.                Better Practices – Instead of Adopting the Best Practices of Others, Screen Your Work Through Those Best Practices in Order to Generate New Ideas

Often times, particularly in the compliance arena, companies will simply review and determine the best compliance practices and then adopt them into their organization. This approach was certainly not suggested by the recently released Department of Justice (DOJ) and Securities and Exchange Commission (SEC) FCPA Guidance, where it stated “When it comes to compliance there is no one-size-fits-all program.” This sentiment was echoed by Golden-Biddle when she recommended that a company should not simply adopt another organization’s best practices, but instead should screen the way work gets done in your company and use those other’s best practices in order to generate new ideas. “In other words, use best practices to generate even better practices.”

However other companies’ best practices can be more effectively used as a discovery technique, enabling people to go beyond replication and discover new methods for meaningful change. The author opines that by studying other companies’ best practices as a discovery technique this will allow employees to compare their expectations of how a new system or program will work as it is currently constituted with what might be offered by the best practice. Further, “this discovery tool imports the unfamiliar in the form of others’ best practices and pairs them with the familiar. Exploring this pairing enables people to move beyond their expectations and tease out new possibilities that are suggested by best practices elsewhere. Overlaying your current practices with someone else’s best practices in this way generates better practices — better than best because they are relevant in highly specific ways to your organization’s work.”

Ways that a compliance practitioner might do this is to ask the following questions. First, what would you do differently as a result of the new compliance practice and what might you wish to incorporate into the company’s compliance practices? Next, is there anything in the new compliance policy that was not included that you believe should have been or are there any issues in the new policy which you did not know how to address when using the new policy?

III.             Test Training – Use Training to Experiment With Emergent Possibilities for the Way Work Will Be Done

This part may be the most intriguing and useful as the author advocates that you can use training to develop new possibilities so that “Instead of locking down standard operating procedures during training, experiment with other, potentially better possibilities for changing the way the work will get done.” Training typically comes at the end of a policy/program revamp or enhancement. However, the use of the phrase “test training” means something different than the usual corporate training. She says that it allows a company to uncover the “disconnects between people’s expectations for how proposed solutions might operate and the actual experience of the solution in experimental settings such as training or trials. This enables people to see and come to understand what they don’t know about the solution as well as to continue to shape it for implementation, often in significant ways.”

This type of testing would allow the compliance practitioner to obtain insights from those in the field on not only what does not work but also what might work better. Consider training on a third party management program. You would usually walk the designated training group through all of the steps your policy would entail. But those in the training test group might suggest new, other or different information that might be relevant to evaluate a third party in the context of compliance. But also such “test training” provides an opportunity to find out what is not being discovered through the third party investigation process and provide the opportunity to suggest a new solution.

Golden-Biddle ends her article with five points that she believes Discovery Techniques can bring to an organization. They are:

  1. Achieve the benefits of transformation without risking wholesale disruption of operations.
  2. Build a culture of continuous improvement that is embraced by leadership and employees throughout the organization.
  3. Avoid the often exorbitant costs of Big Bang transformation associated with wholesale replacement of employees.
  4. Leverage existing employee knowledge and experience for transformation.
  5. Cultivate collective, not just individual, capacity in surfacing disconnects and generating new insights and ideas that seed transformation.

To her list I would add one more but I might put it as Number 1 on the list. It is that you bring your employees into the process. By listening to them and incorporating their ideas on what works and what does work, they not only become invested in the final compliance product but they feel like you care about what they think. That may be the biggest reason to take up some of Golden-Biddle’s Discovery Techniques.

If you want to look at how change blew things up, pick up a copy of Herodotus or Thucydides and settle down for a long winter’s read.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

February 20, 2013

Interview with Scott Moritz

Ed. Note-today we continue with our series on thought leaders and practitioners in the compliance arena. Today, we have an interview with Scott Moritz, who is a Managing Director, Protiviti (www.protiviti.com)

============================================================================================

1. Where did you grow up and what were your interests as a youngster? 

I grew up on the North Shore of Long Island, the youngest of six kids. Our father owned a swimming pool construction company whose workforce at various times consisted of my legendary grandfather, brothers, many cousins, a wide variety of parolees and, for a few summers during high school, me. Since I can remember, I was always fascinated with police work and detective stories and grew up watching TV shows like Baretta, The Rockford Files and Police Story. From an early age, people thought I looked like a cop. When I was 16, some of my knuckleheaded friends brought me along to New York City as “security,” because they wanted to buy fireworks, which were illegal at the time. In fact, I played the security role a lot with my friends, because they always seemed to attract the kind of attention that necessitated someone securing their safety. Our misadventure in the city was my first exposure to a recurring theme in my law enforcement experience: even if something is illegal to make, sell or possess, it is still readily available. In no time, one of my friends was in negotiation with a gang member who took one look at me and said “He’s a cop, get lost.” My undercover career was over before it started.

2. Where did you go to college and what experiences there led to your current profession?

I graduated from Jacksonville University in Jacksonville, Florida with a double major in marketing and management and a minor in psychology. Throughout college, I worked as a bouncer, bartender, DJ and eventually manager at a rock nightclub. As a 5’8” bouncer in Jacksonville, where the average male is 6’3,” I quickly developed negotiation, persuasion, de-escalation and other crisis-related skills. I also had to be able to read body language and know when a  negotiation had broken down, and it was time to take action. I prided myself on how frequently I was able to get people out of the club peacefully. I witnessed more violent crimes, including shooting incidents, in my four years as a nightclub employee than I did in nearly 10 years as an FBI agent.

3. How did you come to join the FBI? What were your duties as an agent?

After college, I applied to take the NYPD entrance exam. At the time, my sister Stacey was an Assistant U.S. Attorney in the Southern District of New York. When I mentioned to her that I had applied to take the police exam, she asked “What about the FBI?” She put me in touch with her friend, who was a Special Agent in the New York Field Office. This was in 1985. I called the number she gave me and a deep, booming voice answered, “TERRORISM!” I was so startled, I nearly fell off my chair! Whatever preconceptions I had in terms of how the FBI might answer the phone, that one didn’t make the mental checklist. I collected myself and had a great conversation with the agent, who encouraged me to apply to the FBI.

The FBI recruitment process is very involved, with many aspects to it, and candidates fall by the wayside at every stage. Back then, there was an initial application, a written exam, the completion of a very detailed application, a panel interview with three FBI Special Agents and finally a background check investigation, and as far as I know, that’s still the case today. Completing the application was quite an undertaking because you had to provide very detailed information about you, your siblings, their spouses, your parents and every roommate you’ve ever had. The application was used as the roadmap for the intensive background investigation that follows.

I entered on duty as an FBI Special Agent in October, 1986. Special Agent trainees lived at the FBI Academy for four months, and academy training was divided equally between academics (minimum passing grade is 85%), physical training/defensive tactics and firearms training.

FBI Special Agents investigate and enforce an incredibly wide variety of criminal violations, counter-intelligence and counter-terrorism. My first assignment was the Memphis, Tennessee field office. At the time, Memphis was a relatively small FBI office, so agents had much broader responsibilities than in the larger field offices where agents tend to be more specialized. For most of my time in Memphis, I was assigned to a White Collar Crime squad, which also had responsibility for the Civil Rights and Fugitive programs. I worked on a wide array of primarily financial crime investigations, including on the bank robbery response team and worked with the narcotics task force. While white collar crime was my primary focus, each agent on the squad carried multiple fugitive cases. The FBI has primary jurisdiction to enforce Unlawful Flight to Avoid Prosecution (UFAP) in support of state and local law enforcement when there is evidence that violent offenders have fled their jurisdictions.

In 1991, I was transferred to NYC and assigned to the money-laundering and asset forfeiture squad.  There, the entire mission was to conduct parallel financial investigations alongside the largest, most complex criminal cases being investigated by the New York FBI. I worked on many organized crime, narco-laundering, and trafficking and white collar crime cases, and our squad seized and forfeited nearly $1 billion during my five years there.

4. How have you utilized the skills you learned in law enforcement in your current profession?

I use the skills I learned as an FBI Special Agent every day in my current profession and have since the day I left the Bureau nearly 17 years ago. Many crimes are revenue-generating crimes; making cases against criminal defendants and their criminally-derived assets means painstaking financial analysis. Tracing criminal proceeds back to their source provides evidence of the crime, quantifies it and enables the government to dismantle criminal organizations by seizing assets obtained by the specified unlawful activity or used to facilitate the laundering of criminal proceeds. I am usually surrounded by mountains of banking records and financial records. However, reviewing banking and financial records alone often doesn’t reveal the full picture. While at the FBI, I developed the ability to use publicly available information to identify the financial holdings and business interests of criminal subjects and their associates, as well as any prior illegal conduct or civil disputes that could help build the case against them. These same background investigation techniques can be used in a commercial context both after the fact as part of the ensuing financial crime investigation and also to vet prospective relationships in an effort to determine whether a company would make a suitable business partner. Likewise, interviewing and interrogation skills are something you use in a variety of settings. Unlike interviews depicted on many TV crime dramas, interviewing is often all about building a rapport and establishing some common ground, no matter how despicable the subject of the interview may be. People also give off hidden cues that signal when they are uncomfortable with your questions and when they are outright lying. These same skills are very helpful when conducting interviews of executives and employees, whether in the course of evaluating a corporate compliance program, conducting anti-corruption due diligence or interviewing a suspect.

5. You recently changed companies, moving from Navigant to Protiviti. What can you tell us about your new position and some of the things that you would like to achieve?

I’m incredibly excited about my new role at Protiviti. I’ve joined an established and very experienced firm whose professional staff includes investigators, forensic accountants, anti-corruption practitioners and technologists in over 70 offices in 23 countries. Protiviti also has a very powerful technology platform in its Governance Portal. The Portal manages data intake, risk scoring, work-flow management, case management and decision-making ‑ so that all the aspects of an overall ethics and compliance program, or a single aspect of it, such as managing third-party anti-corruption programs, can be brought together on a single platform. (The Portal has received industry recognition: Protiviti has been positioned as a “Challenger” by Gartner in the October 2012 Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms.)

I really look forward to continuing to help clients apply their limited resources strategically on a risk basis and also to better position them so that they can manage their regulatory risk proactively and deploy investigative and forensic resources rapidly when issues emerge.

============================================================================================

Scott Mortiz can be reached at scott.moritz@protiviti.com.

============================================================================================

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. 

February 19, 2013

Internal Advertising of Your FCPA Compliance Program

Spring training is upon us and I have always enjoyed this time of year because, as one might say, ‘hope springs eternal’ especially for baseball fans. But this year I have no hope for the Astros as they have cut their payroll even further and now have the Major League Baseball (MLB) low of $25 million. Sportswriters are opining that the only thing the Astros are in contention for this year is to beat the MLB record of losses in a season, now at the number of 120. Jim Crane, fresh from his redesign of the Astros uniform, played golf with President Obama this past weekend, so at least he has some money to spend.

I thought about the Astros and their advertising campaign that they have a plan to make the Astros competitive in 5 years or so whilst reading an article in the March issue of the Harvard Business Review (HBR), entitled “Advertising’s New Medium: Human Experience”, by Jeffery Rayport. In his piece, Rayport’s thesis is that “to engage customers, advertisers must focus on where and when they will be receptive” to your message. I think that his ideas can be used by a compliance practitioner to internally market not only a compliance program but the equally important message of compliance.

Rayport believes that advertising has traditionally been “ubiquitous but often poorly targeted, intrusive, ignored at best and actively rejected at worst.” Further, in a “media saturated world, advertising strategies built on persuading through interruption, repetition, and brute ubiquity are increasing ineffective.” He believes that advertisers must expand their definition of what advertising really is so that they can craft and place their messages so that they are not only accepted but welcomed by consumers. That sounds to me like a great goal for a compliance practitioner who is trying to sell the message of compliance throughout a world-wide based, international company.

Rayport says that a message should be less about its target and more about what you are doing for the target audience. In other words, how does the idea set out in the message “sustain and reward” affect the audience’s life? It must engage through “relevance and value”. So what does Rayport prescribe? He believes that there are four domains through which you can reach a target audience.

The Public Sphere

This is the area where we move from one place or activity to another, both online and off-line. Rayport suggests that public-sphere ads are effective through the use of one or more of four principles. (1) They are relevant in context – the message aligns with the consumer’s experience at the moment they encounter the advertising. (2) They help people reach personal objectives – this is advertising conceived as problem solving. (3) They are brand interventions – these enter consumers’ lives in targeted and useful ways and when they are needed. (4) They are engaging, refreshing, or compelling experiences – these address a specific practical function, but they can also exert influence in the remaining spheres. These four criteria should be a goal of every compliance training session. If you can help your company’s employees achieve their goals through compliance, you will go quite a long way towards selling not only your compliance program but also the message of compliance.

The Social Sphere

Rayport says that the social sphere “emphasizes broad diverse networks.” This is where we interact with and relate to one another. So messages in this sphere should help people, “forge new connections or enrich existing ones.” But it must appear at the right time and the right place to be effective. The message itself should address a specific need or problem but the key is that it facilitates social interactions. The message can both reinforce relationships and reinforce the brand. Think how powerful the compliance message could be if it met these criteria. One thing the recently released Foreign Corrupt Practices Act (FCPA) Guidance made clear is that gift-giving is not prohibited by the FCPA. You can provide gifts as tokens of esteem in parts of the world where this is a long-standing customer and practice. But I think the key is that you can tailor your message for your audience.

The Tribal Sphere

This is the area where will typically affiliate with groups to define or express our identity. It is an area of “more-focused social engagement”. But this sphere provides an opportunity to create a message that identifies with this group. Messages here must suit the “character and values of those involved” and “empower the individual.” While you may need to have some consistency across your company regarding your compliance message, this sphere would also suggest that the message in West Africa could be tailored to that market, rather than simply the same message that you give in the United States. I heard a very good example by Dan Chapman, Chief Compliance Officer (CCO) at Parker Drilling, who, when confronted with a question during overseas FCPA training about why people in his company should not bribe in a country where it was customary, explained how corruption was ruing the fabric of the country in question, and if the person asking the question did not engage in bribery and corruption perhaps he could be one step in bringing his country out of that sordid state.

The Psychological Sphere

This is the sphere is the “domain of language, cognition and emotion.” Here, Rayport believes that the message you send will serve as “shorthand for complex concepts, inspiring actions or triggering positive feelings.” Somewhat surprisingly, in the psychological realm, messages can provide, “new ways to articulate ideas, engender habit formation, guide reasoning and elicit emotion.” Rayport states that there are four different ways in which messages in this sphere can work. (1) Messages use language to establish a cognitive beachhead for a concept – the use of one or just a few more can convey a much longer and thoughtful message. (2) The message seeks to establish a habit – this means more than simply a thought of what to do, but how one should do it. (3) Such messages guide cognition – this means that messages can and should be both inspiring and practical. (4) Messages should connect on an emotional level – messages here should promote a frame of mind, in the psychological sense. Imagine if you could create a compliance message that worked on this level. Clearly this has been done by many large corporations in the area of safety, with such simply messages as ‘Safety First’ or ‘Do Safe Work’. I might suggest that you look at your company’s stated values. On the General Electric (GE) website it states that “The board expects GE directors, as well as officers and employees, to act ethically at all times and to acknowledge their adherence to the policies comprising GE’s code of conduct set forth in the Company’s integrity manual, “The Spirit & The Letter”. What if your message was simply “The Spirit & The Letter”? If an employee heard that and they immediately thought of acting ethically and adhering to your company’s compliance program, it could be quite a powerful message.

Rayport’s article provided many different ways for a compliance practitioner to think through how they might internally market a compliance program. For a company with large international work force, the traditional FCPA training may not be the only method for a compliance practitioner to reach the employees. As you begin to think of other ways to get out the message of compliance you could try some of Rayport’s ideas. As for the Astros, I would suggest that they take some of that TV money they are squirreling away and spend it on an upgrade.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

February 18, 2013

Doing Business In Italy-Step Up Your FCPA Compliance Now

Ed. Note-I met last week with Craig Bloom, a colleague who practices law in Houston. Craig, who is fluent in Italian, was telling me about some of the compliance issues that have been percolating in Italy and in Italian companies. I asked him if he would write a piece on his thoughts, which he graciously agreed to do…

———————————————————————————————————————————————————————-

Former Italian Prime Minister Silvio Berlusconi is no stranger to scandal and controversial statements, but lately his words and actions seem to be providing cause for concern outside of the European Union.

Last week, the Wall Street Journal, in addition to Italian media outlets, reported that the Chief Executive of one of Italy’s largest conglomerates, Finmeccanica, SpA, Giuseppe Orsi, was arrested under allegations of bribery in Finmeccanica’s sale of twelve helicopters to the Indian Government in 2010. As a result, the Indian Government has suspended the sale pending an investigation into these allegations. It is important to note here that according to the Wall Street Journal, the Italian Government owns just over 30% of Finmeccanica. Now, Italian investigators are looking into the company’s dealings in Latin America, Asia, and other EU countries.

But Berlusconi added even more fuel to the fire last week, while speaking to an Italian news channel, by stating his belief that bribes are a necessary part of doing business. Quoting the Italian newspaper Corriere Della Sera, in an article entitled, “Paying Bribes Abroad A Matter of Necessity”, he said “We can no longer compete abroad. We’ve been shooting ourselves in the foot. No one will do business any more with ENI, or ENEL, or Finmeccanica. Bribery exists. It’s pointless to ignore reality. Paying a bribe abroad is a matter of necessity.” But the former Prime Minister, who is running for reelection, did not stop with those remarks above. “Bribery is something that exists and you can’t ignore situations of necessity if you are going to negotiate with third-world countries or certain regimes.” Certainly, had these comments made by an American presidential candidate, they would be refuted in the strongest of terms by officials, if for no other reason than to distance themselves from the comments. Not so in Italy. Said the current Prime Minister Mario Monti, “It is a fact that bribes are often part and parcel of business, particularly in some countries, but that they should be looked on as necessary and unavoidable is something I reject.” It should be noted that Prime Minister Monti went on to blame Berlusconi for failing to pass an anti-bribery law during his tenure.

ENI’s Problems

According to its website, ENI, Italy’s largest petrochemical provider, currently conducts business in several American locations, including Houston, Fort Worth, and Anchorage, in addition to off-shore operations in the Gulf of Mexico. The Italian Government is a 30% shareholder in the company That ENI does business in the United States and is required to file reports with the SEC every year makes it subject to the jurisdiction of the FCPA.

There have been several investigations performed in response to allegations of bribery payments by ENI subsidiaries, specifically in Algeria. These investigations and allegations obviously make ENI a large target for Justice Department or SEC investigations, not only in the United States. Though it is outside the scope of this blog, companies doing business with ENI potentially leave themselves open to UK regulatory actions under the UK Bribery Act.

Effective Compliance in Light of These Developments

What does this mean for the compliance professional in the US or UK? The short answer is likely obvious — companies need to be extra diligent in their dealings in Italy and with Italian third parties, but this short answer ignores several nuances outlined in the hallmarks of an effective compliance program stated in the recently releases DOJ/SEC FCPA Guidance .

The Guidance places emphasis on risk management. Ostensibly, a corporate compliance professional should be more concerned about actionable FCPA violations in a country such as Somalia (dead last in the 2012 corruption index) than about violations in Denmark, New Zealand, or Finland (all tied for first). As a reference point, Italy’s place on the Transparency International Corruption Index last year was #74, #69 in 2011, and #67 in 2010. While that variance may be attributable to factors outside of Italy’s control, its overall score has been about average over the past three years. 42 in 2012, 39 in 2011, 39 in 2010. Transparency International’s report states that two-thirds of the over 170 countries on the list have a score of 50 or less, and this obviously includes Italy. According to Transparency International, these indices are determined based on perception. “Capturing perceptions of corruption of those in a position to offer assessments of public sector corruption is the most reliable method of comparing relative corruption levels across countries.” The recent statements made by both Mr. Berlusconi and Prime Minister Monti could not have been accounted for in these corruption indices. If, however, the true metric for measuring corruption truly is public perception, then these public statements cannot help but cast doubt on Italy’s true position on this list, and subsequently the perception of corruption. Imagine former President George W. Bush or former Prime Minister Gordon Brown making similar public statements with regards to the inevitability and persistence of bribery in developing nations… So regardless of specific formula or calculus, it would behoove any US or UK company doing business in Italy or with Italian companies to analyze bribery and corruption risks in light of these recent public statements.

Obviously this problem extends to third party representatives who perform services in Italy. While the Guidance cautions against a one-size-fits all policy, a willingness to step up due diligence in light of recent events involving Italy would also be good corporate governance. This can take many forms, but may include the necessity to scrutinize whether an Italian intermediary is truly necessary to accomplish the multinational organization’s goals. Additionally, the company might want to double their efforts to audit the Italian third parties, potentially performing more frequent audits or requesting more highly detailed reports. Finally, if the DOJ/SEC are aware that efforts have been increased to combat these prohibited practices, they are more likely to be lenient on the company.

A compliance practitioner should keep abreast of changes or other information which may indicate a greater risk of bribery and corruption. When the former Prime Minister of a country you are doing business in or with says that bribery is just a requirement of doing business this puts you on actual notice that something may well be amiss. The time is now for you to assess your risks, perform more or additional due diligence, monitor and audit your third parties in that country and then train any high risk parties. The same would be true for any joint venture relationships that you might be in with companies from said country. Do not wait, do it now as you have been warned….

———————————————————————————————————————————————————————-

If you need assistance regarding any Italian FCPA issues, I suggest that you contact Craig Bloom. He can be reached at craig.a.bloom@gmail.com.

———————————————————————————————————————————————————————-

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. 

February 15, 2013

What else is needed to make change successful?

Filed under: change management,Tim Aikens — tfoxlaw @ 1:01 am
Tags: , ,

Ed. Note-I saw this article by a long-time friend and colleague, Tim Aikens. I was going to write a blog about it but Tim said it so well that I asked him if I could repost his article in its entirety which he graciously allowed me to do. Tim helps companies through the management of change. His website is http://www.azarel.org/index.html. 

———————————————————————————————————————————-

What else is needed to make change successful?

I have recently been involved with two clients who are about to embark upon major change in their businesses.  They are very different and each has a very unique style or culture.  As they prepare to set off on their journey I have wondered what else is needed to succeed beyond the ‘usual suspects’?

John Kotter and others have all put forward their ideas, mostly honed after years of practice and delivery.  They are all very useful and I have many of their books on my shelf.  But I am always drawn back to the question above.  After going through some of my own success stories and taking out the usual suspects, I have identified a few things that I believe really matter.

Openness, honesty and transparency.  It’s one thing to create a compelling case for change; to then be fully open and honest about it to everyone concerned is another matter entirely.  I have always been impressed by senior managers who lead from the front and don’t hold back.  I remember one Engineering Director sitting down with his team and saying ‘not everyone around this table will have a job here when we are finished’.  It was direct, open and honest. His team respected him for it.  On another project the manager of the business unit spoke openly to everyone, showing them the chart of financial decline and ultimately failure if there was no change.  One member of the workforce asked me why no one had had the courage to do this before. He now fully understood the need and was fully engaged.

Being transparent means being available and open to debate.  I have run transformation programmes where the project room was always open to anyone at any time; the General Manager held regular town hall meetings and did not shy away from either difficult questions or making difficult statements.

Knowing how to decide.  Many people often think that consensus is a good thing.  In most situations it is, but it is important not to confuse consensus with alignment.  To me the former is about getting everyone to agree and in many cases participate in arriving at consensus.  Alignment is where you have a team thinking and behaving in the same way.  This might be achieved through consensus it may also be achieved through leadership and sometimes by a more autocratic decision making process.  The decision to change is usually taken by a small group.  Decisions on what to change and how to change can vary on a spectrum of autocratic to consensus.  The secret lies in knowing your organisation and making decisions in the right way.  I worked with one client where two members of the senior management team were less than supportive.  After talking to the General Manager the two people concerned were moved out of their jobs and the project regained the necessary momentum.  This brings me to my next point.

Honour and Respect.  In the early 90s Peter Noer wrote a book entitled ‘Healing the Wounds’.  The book is about how to deal with those who remain after a downsizing exercise.  The book has had a major impact on how I think about this issue and I have always insisted that any change project that might involve redundancy or layoffs addresses this issue carefully.  The results are remarkable.  If those remaining know that their colleagues who are leaving are really being given the honour and respect they deserve their input to the project is so much better.  I have even had members of a project team working incredibly hard with a really positive attitude despite the fact that they would be collecting their redundancy cheque at the end of the project!

Positive and creative.  I am a great believer in positive thinking.  I am also a great believer in people’s ability to be creative.  Both are essential to generating successful change.  A positive approach is, I suppose similar to John Kotter’s making an emotional case for change, but it is also more.  Being positive is about leading from the front and clearly demonstrating that not only do you believe the change is right, but you also believe it can be achieved and you believe in the team you have.

Most people can be creative.  In the work environment it is easy to let others do the creative stuff and you get by on doing what you are told, challenging little and following the book.  Whilst I am not advocating anarchy, I strongly believe that this mould has to be broken and staff encouraged to be more creative – especially in any role as a change agent.  I have run workshops on creativity, usually as a precursor to some kind of reengineering exercise.  It works! People like to see that they can be creative and they move on quickly to apply this immediately after.

Next time you are involved with major change, don’t just think of the usual things to do, but consider really soft topics above.

Are you as good as you used to be?

We all have our employment because we are good at something.  Usually this has been demonstrated by academic achievement and a subsequent track record in our chosen career.  Through that career we receive training in various things to improve performance and add additional skills.  So far so good, but are you as good as you used to be?

In some jobs this question is really important.  As a regular flier, I am glad that airline pilots are regularly tested to make sure that they are still on top of their game.  The NHS has recently introduced regulations to make sure that doctors are assessed on a formal basis.  But what about the rest of us whose work does not endanger lives – but could endanger corporate success.  The question can then be considered across the whole of an organisation from the top to the bottom.  At board level, assessment comes through share price and profit, but below that how do you know?

There are plenty of management tools in place to assess leadership and other skills, but how often are they used or should they be used?  I don’t have the answer and I suspect there is no single answer.  I do believe that a lot of testing only happens when an organisation is in trouble which is often shutting the barn door after the horse has bolted!

What about the workforce.  Most businesses rely on skilled staff to deliver, whether it is a skilled mechanic, a call centre operator or a retail assistant.  Their skills can make or break a business.  Training is good, but how does the organisation know that an individual is still exercising all the proper skills and methods they learned during training?  Most of us have come across the surly sales assistant, or the tradesman who does shoddy work.

I think there are two issues to address:

  • Making sure that there is some appropriate mechanism to review and test skills on a continuing basis
  • Developing a culture which accepts that being assessed is OK and not an assault on your integrity or capability

The two go together.  Airlines believe it is good business to test their pilots regularly (do they do the same for cabin staff?).  Equally the pilots readily accept these assessments as part of the job.

A first step might be to decide which critical roles should be assessed and how. At the professional level the performance management process identifies poor performers, but this often occurs too late.  On the shop floor production and quality control act as a measure of capability (how much and how good).  Other roles may need specific intervention, some of which could include self-assessment.

———————————————————————————————————————————————————————

Tim Aikens can be reached via email at, tim@azarel.org.

———————————————————————————————————————————————————————

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. 

Next Page »

Blog at WordPress.com.