FCPA Compliance and Ethics Blog

December 10, 2013

Expanding Your Compliance Decision-Making Tool Kit

7K0A0223There can be a variety of reasons why bad decisions get made in the corporate world. Last week I wrote about psychopaths in the C-Suite and Boardroom. Today I want to look at some less flamboyant, more mundane ways that a company might get into compliance hot water through poor decision making. In an article in the November issue of the Harvard Business Review, entitled “Deciding How to Decide”, authors Hugh Courtney, Dan Lovallo and Carmina Clarke reviewed how senior decision makers in a company might go about strategic decision making. One of the areas that they explored was how systemic roadblocks might get in the way of making a valid decision.

I found their discussion very interesting from the compliance perspective. The FCPA Guidance emphasized the need for companies to have a robust pre-acquisition due diligence process, in addition to a vigorous post-acquisition integration. The FCPA Guidance stated, “In the context of the FCPA, mergers and acquisitions present both risks and opportunities. A company that does not perform adequate FCPA due diligence prior to a merger or acquisition may face both legal and business risks. Perhaps most commonly, inadequate due diligence can allow a course of bribery to continue—with all the attendant harms to a business’s profitability and reputation, as well as potential civil and criminal liability.” But what are some of the biases which might prevent a company from making a good strategic decision even with adequate pre-acquisition due diligence. The authors set out five which I will explore in more detail.

When You Don’t Know What You Don’t Know

Under this bias, the authors believe that the decision maker’s ability to make accurate decisions is in large part based on “being able to accurately determine the level of ambiguity and uncertainty they face.” Unfortunately, just as compliance programs have to deal with humans and human fallibilities, strategic decision makers are subject to both “cognitive limitations and behavioral biases.” The authors note that “executives don’t know what they don’t know, but are happy to assume that they do.” It is this overconfidence in the ability to forecast uncertain outcomes that will lead to unwarranted confirmation of incorrect hypotheses.

Cognitive Bias Creep

Here the authors note that every corporation has biases and these biases can creep into any significant strategic decision. The key is that they manage these biases going forward so that they do not prevent an accurate decision from even having the chance of being made. The authors believe that this can be helped “if, when a strategic decision is being considered, managers choose their decision-making approach in a systematic, transparent, public manner during their judgments which can be evaluated by peers.” This concept is well established in any best practices compliance program through an oversight committee or other similar structure proving review of the compliance function. It is through these techniques that key players “are less likely to assume that their decisions are straightforward or even intuitive.” The authors conclude this section by stating that, “This is especially important when a relatively new or unique strategic investment is under consideration.”

Organizational Process Gets In the Way

I try to be a process guy and to be process oriented. I tend to believe that if you have a robust process in place, it can help you to greatly reduce, ameliorate or manage your compliance risks. The authors believe this as well but feel there are times when the organizational process of a company can get in the way of making a strategic decision. Fortunately many of the techniques to overcome this problem are relatively straight-forward. Although not phrased in this manner, one is the concept of segregation of duties (SODs). In other words, do not have the people who will benefit from a favorable analysis be the only group or discipline within the company to review a decision or even its underlying facts. The authors answer is to have some “commonsense protocols” which allow for an independent eye on things.

Reliance on a Single Tool

One of the areas that the authors maintain throughout their article is the criticism by decision makers on a single analytical tool. They believe that most corporate decision makers rely solely on “conventional capital-budgeting techniques.” They argue that it is most often more useful for decision makers to supplement this basic tool. They articulate that decision makers use other sources of insight. They are particularly critical of only looked to so-called ‘expert opinions’ and suggest that a company seek a wider group of opinions, even within the employee base of their own company. Another technique is to seek out persons in different disciplines simply because they will bring a different underlying analysis and perspective. The authors end this section by stating, “A robust analysis of analogous situations forces decision makers to look at their particular situation more objectively and tends to uncover any wishful thinking built into their return expectations.”

The Option to Delay

The final bias the authors address is the option that is often overlooked – the option to wait or as the authors put it “Deciding when to decide is often as important as deciding how to decide.” If you have ever been on a large project evaluating a merger or acquisition target or other business opportunity, you know that things can take on a momentum of their own. The authors call this “learning-based, iterative experimentation.” This is not a situation of sometimes the best deals are the ones you do not sign on to but deciding to use other tools or techniques to evaluate the timing of your decision making process. This can not only keep you from doing deals that may not make any sense but allow for a more well-rounded decision making process.

The clear message of the authors’ piece is that you should use a wider variety of tools available to you. The FCPA Guidance gives you some of the things that the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) think are important. In addition to the use of transaction, third party and relationship monitoring, I would suggest that you add some or all of the following tools to your toolkit.

  • Review high risk geographical areas where your company and the target do business. If there is overlap, seek out your own sales and operational people and ask them what compliance issues are prevalent in those areas. If there are compliance issues that your company faces, then the target probably faces them as well.
  • Obtain from the target a detailed list of sales going back 3-5 years, broken out by country. If you can obtain a further breakdown by product or services get that as well. You do not need to investigate de minimis sales amounts but focus your Foreign Corrupt Practices Act (FCPA) due diligence inquiry on high sales volumes in high risk countries.
  • If the target uses a sales model of third parties, obtain a complete list, including joint ventures (JVs). It should be broken out by country and the amount of commission paid. Review all underlying due diligence on these foreign business representatives, their contracts and how they were managed after the contract was executed. But your focus should be on large commissions in high risk countries.
  • You will need to speak to the target company personnel who are responsible for its compliance program to garner a full understanding of how they view their compliance program.
  • You will need to review the travel and entertainment records of the target’s top sales personnel in high risk countries. You should retain a forensic auditing firm to assist you with this effort. Use the resources of your own company personnel to find out what is reasonable for travel and entertainment in the same high risk countries which your company does business.
  • While always an issue fraught with numerous considerations, there may be others in the mergers and acquisition (M&A) context, such as any statutory obligations to disclose violations of any anti-bribery or anti-corruption laws in the jurisdiction(s) in question; what effect will disclosure have on the target’s value or the purchase price that your company is willing to offer.
  • While you are performing the FCPA due diligence, you should also review issues for anti-money laundering (AML) and export control issues.

The moral of this story to use a wide variety of tools and resources when evaluating a strategic decision; whether it is compliance based or business based. Do not get caught in myopic thinking or analysis.


Please join myself and Eddie Cogan, CEO of Catelas as we discuss Risk-Based 3rd Party Vetting, Screening and Monitoring Strategies for High Risk Jurisdictions Thursday, December 12. For information and registration click here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Blog at WordPress.com.