One of the things that has fascinated me about Venice is how so little of the 21st century has impacted it. Take construction for example. All materials have to be brought to the city via boat, off-loaded and then lifted by hand or by a handmade machine to the upper stories of a building where the residences are located as no one lives on the ground floor. If the building is on the water, the ground floor is now underwater. If the building is not on the water, the ground floor is used for a commercial establishment. But unlike other large metropolitan areas, there is no room for cranes or other large mechanical lifting devices. I thought about this today when I saw workmen lifting up materials through a block and tackle pulley system which has been in use since antiquity. Not only were these guys doing it the old fashioned way, they were getting the job done.
As I watched this most basic level of construction, I thought about some of the things the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have said about what a compliance department should be doing. For instance, in last year’s Pfizer Deferred Prosecution Agreement (DPA), in the Enhanced Compliance Obligations, it said that Pfizer’s compliance department should, in part, “maintain “significant” resources for the compliance function. It shall have (b) An anti-corruption program department providing centralized assistance and guidance regarding the implementation, updating and revising of the FCPA Procedure, the establishment of systems to enhance compliance with the FCPA Procedure, and the administration of corporate-level training and annual anti-corruption certifications”. Further, in last year’s joint DOJ/SEC FCPA Guidance, under Hallmark Five of an Effective Compliance Program, it said that “In addition to the existence and scope of a company’s training program, a company should develop appropriate measures, depending on the size and sophistication of the particular company, to provide guidance and advice on complying with the company’s ethics and compliance program, including when such advice is needed urgently. Such measures will help ensure that the compliance program is understood and followed appropriately at all levels of the company.”
I often write about the nuts and bolts of an effective compliance program but one of the most basic things that an effective compliance program must have is a compliance department present to ask the basic questions of compliance to and receive an answer from. I think to the DOJ and SEC this means a couple of things. First, and foremost, there must be the requisite number of resources dedicated to the compliance function. This means that a compliance department must be staffed with an appropriate number of compliance professionals to do the day-to-day basic work of compliance. Head count is always important in any corporation but there must be some minimum number of people in the compliance department to answer the phone or respond to email.
But, equally important to this resource is issue what the Pfizer DPA calls “providing centralized assistance” and what the FCPA Guidance says is “to provide guidance and advice on complying with a company’s ethics and compliance program”. In other words, it is up the corporation to have someone there to answer the phone but once they are in that seat in the compliance department, they have to actually pick up the phone and respond. It is the responsibility of a compliance practitioner to provide the guidance to company personnel who call or email in with questions. Following compliance policies and procedures is always important but to have a live person to answer questions or walk a non-compliance person through the process is a must.
In other words, if someone calls, not only does a compliance person have to be there, someone has to pick up the phone. How many times has a compliance department been called on a Friday afternoon to find that no one is there to answer the phone? But if someone is there, they have to actually pick up the phone and provide an answer. Mike Volkov has often inveigled against the compliance function being “The Land of No”; but the situation I am discussing is where a compliance department does not or will not provide the basic answers to a person working out in the field.
Sometimes the most basic and the most obvious is overlooked. Using an old block and tackle pulley to haul up building materials by hand may seem quaint and old fashioned, and perhaps it is, but it still gets the job done. The same concepts are a part of a best practices compliance program; someone must be around the answer the phone when it rings on Friday afternoon and that person who is around must pick up the phone and provide some answers to the question(s) posed.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.
© Thomas R. Fox, 2013
FCPA Compliance and Ethics Blog 