FCPA Compliance and Ethics Blog

December 1, 2014

Sherlock Holmes and Innovation in the Compliance Function, Part I – A Study In Scarlet

A Study in ScarletToday begins a week of double themed blog-posts. First I am back with an homage to Sherlock Holmes, for it was in the magazine Beeton’s Christmas Annual that the characters Sherlock Holmes and Watson were introduced to the world in 1887, in the short story A Study in Scarlet. The second theme will be innovation in the compliance department. I will take some recent concepts explored in the December issue of the Harvard Business Review (HBR) and apply them to innovation and development of your compliance function. I hope that you will both enjoy my dual themed week and find it helpful.

Today I begin with the first novel, A Study in Scarlet. There are two items of note that I learnt in researching this work. The first is that it was written in 1886 and even Conan Doyle had trouble finding a publisher for what went on to become the most famous detective character of all-time. The second was the title. I had always thought it referred to the color of blood but it turns out that it comes from a speech given by Holmes to Dr. Watson on the nature of his work, in which he describes the story’s murder investigation as his “study in scarlet”: “There’s the scarlet thread of murder running through the colourless skein of life, and our duty is to unravel it, and isolate it, and expose every inch of it.” Furthermore, a ‘study’ is a preliminary drawing, sketch or painting done in preparation for a finished piece.

I thought Doyle’s first work would provide an excellent entrée into today’s topic, that being leadership in the compliance function. While many compliance departments may have begun more as a command and control function, set up by lawyers to comply with anti-bribery laws such as the Foreign Corrupt Practices Act (FCPA), UK Bribery Act or others; this type of leadership model is now becoming outmoded in today’s world. It is not that employees are interested in the ‘why’ they should do business ethically and in compliance with such laws but it is more that power is shifting inside corporations. In a HBR article, entitled “Understanding “New Power””, authors Jeremy Heimans and Henry Timms explore how leadership dynamics are changing and what companies might be able to do to harness them. I found them to have some excellent insights, which a Chief Compliance Officer (CCO) moving to CCO 2.0 or compliance practitioner might be able to garner for a compliance function.

The authors begin by noting that ‘new power’ differs from ‘old power’ in a bi-lateral dimension of intersection. This intersection is between the models used to exercise power and the values which are now embraced. It is the understanding of this shift in power, which will facilitate the compliance function moving more to the forefront of a business integration role. The new power models are fourfold. Under sharing and shaping a company is much more integrated with its customers and supply chain. Second is funding which continues this integration by adding a vertical component of funding, whether equity positions or some other type of funding. Third is producing in which “participants go beyond supporting or sharing other people’s efforts and contribute their own.” Finally, there is co-ownership, which is the most decentralized, pushing participation down to the lowest or most basic levels.

But beyond these new power systems, the authors believe that “a new set of values and beliefs is being forged. Power is not just flowing differently; people are feeling and thinking differently about it.” The authors call them “feedback loops” which “make visible the payoffs of peer-based collective action and endow people with a sense of power. In doing so, they strengthen norms around collaboration”.

The authors lay out five new values. They include the area of governance where the authors note, “new power favors informal, networked approaches to governance and decision making.” Next is in the area of collaboration where the authors believe that this new power value rewards “those who share their own ideas, spread those of others, or build on existing ideas to make them even better.” The next new value is DIO or do it ourselves. Under this value, there is a “belief in amateur culture in arenas that used to be characterized by specialization and professionalization.” Next is transparency which, while not a new concept, says that more permanent transparency between business and social lives will lead to a “response in kind from our institutions and leaders who are challenged to rethink the way they engage with their constituencies” specifically including their employee base. The final new value identified by the authors is affiliation, which means that new and younger employees are less like to “forge decades-long relationships with institutions.”

The authors have three prescriptions that I found could be useful for the CCO or compliance practitioner to incorporate into a mature and evolving compliance program moving forward. Compliance functions need to “engage in three essential tasks: (1) assess their place in a shifting power environment, (2) channel their harshest critic, and (3) develop a mobilization capacity.

Assess where you are

This prong is quite close to something compliance practitioners are comfortable with in their role, a risk assessment. However the authors suggest that the assessment be turned inward so you should assess the compliance function on this “new power compass—both where you are today and where you want to be in five years.” You can benchmark from other companies in responding to this query. Internally, you can begin this process with a conversation about new realities and how the compliance function should perform. More importantly such an assessment can help you identify the aspects of their core models and values that should not be changed.

Incorporate business unit interests

The authors note, “Today, the wisest organizations will be those engaging in the most painfully honest conversations, inside and outside, about their impact.” However, I think this question should be asked first by the CCO or compliance practitioner. For it is not only what you are doing to work with your business units but more importantly what are you doing to incorporate their concerns and suggestions into your compliance regime. If you are going to ask the business unit to be a significant partner or better yet be your business partner, you will need to have a mechanism in place to engage your business unit so there can be an inflow of input before the compliance function has an output of requirements. As the authors write, “This level of introspection has to precede any investment in any new power mechanisms” to which I would add any successful compliance function.

Mobilize your capacity

Here I suggest you consider contracted third parties and other third parties such as joint venture (JV) partners as an avenue through which the compliance function can bring greater benefits to an organization. I have often heard compliance expert Mary Jones talk about her training of her company’s third parties and how thankful they were that when she, Global Industries Director of Compliance, would personally travel to their locations and put on in-person training. Her efforts to travel to their locations, spend the money required to do so not only directly strengthened Global Industries’ compliance function but created allies for her efforts by giving these suppliers the information and training they needed to comply with their customers requirements. By reaching out in this manner, Global Industries used its contracted third party suppliers to create a stronger company compliance program.

As the anti-corruption compliance profession matures, it will become more a component of a company’s business function. This means less of a lawyer’s top down mentality of do it because I said to do it, to more collaboration. It also means, as with the premier of Sherlock Holmes in A Study in Scarlet that something new is on the horizon and it could be here for quite sometime to come.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

 

November 26, 2014

Doing Business in India – Corruption Risks and Responses

IndiaRecently the US law firm of Foley and Lardner LLP and MZM Legal, Advocates & Legal Consultants in India jointly released a white paper, entitled “Anti-Bribery and Foreign Corrupt Practices Act Compliance Guide for U.S. Companies Doing Business in India”. For any compliance practitioner it is a welcome addition to country specific literature on the Foreign Corrupt Practices Act (FCPA), UK Bribery Act and other anti-corruption legislation and includes a section on India’s anti-corruption laws and regulations.

FCPA Enforcement Actions for Conduct Centered in India

Under the FCPA, several notable US companies have been through enforcement actions related to conduct in India. Although not monikered as a ‘Box Score’ the authors do provide a handy chart which lists the companies involved, a description of the conduct and fine/penalty involved.

Company Description Disposition (in USD)
Pride International Payment made for favorable administrative judicial decision regarding customs issues $56.1 million
Tyco International German subsidiary paid third parties to secure contracts; payments recorded as commissions $26 million
Diageo Subsidiary made payments to government official responsible for purchase/authorization of Diageo’s products in India $16.4 million
Textron Subsidiaries paid foreign officials to secure contracts; characterized as commission and consulting fees $5.05 million
Oracle Corporation Oracle distributor allegedly created “slush” fund to pay third parties $2 million
Dow Chemical Company Payments made to India Central Insecticides Board to expedite registration of products $325,000

India Anti-Bribery/Anti-Corruption Laws 

The authors identify the principal anti-corruption legislation in India as the Prevention of Corruption Act, 1988 (PCA), which focuses on bribery of public servants. They go on to state, “Bribery under the PCA includes any “gratification” that a public servant receives other than his/her legal remuneration. Gratification constituting a bribe would include anything intended to motivate, influence, or reward a public servant for performing (or forbearing performance of) an official act, or for showing “favour or disfavour” to any person, or for rendering any service or disservice to a public servant.” However, there are other laws, in addition to the PCA, which govern such issues. These include “specific public servants’ Conduct Rules, which set specific guidelines on the value of gifts that may be accepted in furtherance of local or religious customs (where no reciprocal action is expected and where the public servant has no current or expected future official dealings with the gift giver). The guidelines for permissible gifts are based on the public servant’s rank and service classification and broadly range between 500 – 7,500 Rupees (approximately $8 – $120 U.S. dollars).”

Corruption Risks in India

Corruption risks in India are generally perceived to be high due to its “complex administrative and bureaucratic environment”. Similarly the FCPA Professor would say there are a high number of barriers to trade. Coming at it from a different direction, the Department of Justice (DOJ) would say the risk is high because of the number of licenses and permits required. More pruriently, I would say this leads to more folks having their collective hand out looking to speed things up. Indeed, in the recently released TRACE Matrix India comes in at 185th out of 197 countries listed, with a corruption score of 80, based largely on its score of 92 in the highest weighted category of “Interactions with Governments”.

a. Licenses and Permits

The authors identify that “a host of regulatory hurdles exists in India, including the need to obtain permits, licenses, and other regulatory approvals and to pay various application and registration fees. These types of low-level transactions provide opportunities for bribery. Payments made in such transactions — whether in cash or gifts — may appear minimal (by U.S. standards) and may seem harmless, but they can nonetheless result in violations of U.S. and/or India law.” They go on to list some “Examples of Problematic Conduct” around this issue they identify the following:

  • Paying (or providing some other benefit to) a customs official to bypass inspection or overlook incorrect or incomplete paperwork;
  • Paying a local tax regulator to overlook errors or inconsistencies in filings;
  • Paying an official to expedite the processing of a permit or license;
  • Paying a utilities provider to reduce billings; and
  • Paying a local health and safety regulator to overlook code violations.

b. Gifts, Travel and Entertainment

In the area of gifts, travel and entertainment, the authors state that “companies run the risk of triggering the FCPA and other anti-corruption laws if their marketing and entertainment expenditures cross a line into conduct that could be characterized as bribery or lends to the appearance of attempting to induce a breach of trust or impartiality on the part of the recipient…the various conduct rules for public servants in India establish specific guidelines for accepting gifts and hospitality, and, for some public servants, the maximum permissible gift value may be as low as 500 rupees ($8 U.S. dollars). Companies operating in India should thus familiarize themselves with these guidelines before providing even what may seem to be a modest gift or hospitality.” Some examples of problematic conduct identified is these areas are as follows:

  • Paying for extravagant meals, drinks, and entertainment in connection with a visit by a foreign official;
  • Paying for “side trips” so that foreign officials can visit tourist attractions (e.g., Walt Disney World, Las Vegas) while in the United States;
  • Providing per-diems or “pocket money” for foreign officials to use during a visit;
  • Paying for a foreign official’s spouse or family to accompany the foreign official on a trip; and
  • Providing foreign officials with excessive gifts for birthdays, weddings, holidays, or other events.

c. Third Parties

This is always recognized as the highest FCPA risk and in India it is no different. More importantly, it may be even greater in this country because “Navigating India’s extensive regulations and bureaucracy often requires U.S. companies to rely on third parties, such as agents, brokers, consultants, sales representatives, distributors, and other business partners…The PCA similarly criminalizes bribery through third parties as a direct violation by the third party and as an abetment violation by the company on whose behalf the bribe is being made.” The key is subject any third party to rigorous due diligence and closely manage the relationship after the contract is signed. If a Red Flag appears at any point in the third party lifecycle it should be evaluated and cleared. The authors provide a handy list of some examples of Red Flags regarding third parties when doing business in India. They include:

  • A third party is listed in databases reporting known corruption risks (e.g., World Bank List of Debarred Firms) or has been previously investigated for, charged with, or convicted of corruption or other ethics violations;
  • A foreign official has specifically requested that a certain third party be involved in the company’s transaction or business;
  • An agent or consultant holds himself out as someone with close connections to an important minister or minister’s aide;
  • A third party does not appear to have sufficient resources, real estate/infrastructure, or experience to perform the requested tasks;
  • A third party asks the company to provide it with unreasonably large discounts, excessive commissions, reimbursements, or contingency fees; and
  • A third party requests payment in an irregular or convoluted manner (e.g., cash, offshore bank account, payments to another company, over/under invoicing).

Managing Corruption Risk in India

In their concluding section, the authors relate solid risk management tools tailored to the Indian market. It all starts with robust standards and procedures. From there you should train not only your employees on what may be illegal conduct and how to resist requests for bribes but also your third parties. Annual certifications are an important tool for not only risk management but also communication about anti-corruption expectations. Your compliance program should devote the appropriate level of personnel and resources for your operations in India. Finally, a robust reporting mechanism is key but equally critical is your response after any information comes to light. It must be thoroughly investigated, quickly remedied and reported as appropriate.

The Foley & Lardner/MZM Legal white paper is a welcome addition to literature about country specific risks, remedies and responses. A copy of the full white paper can be obtained by clicking here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

November 18, 2014

FIFA and Good-Faith Investigations

CautionYou know things are getting bad when the Wall Street Journal (WSJ) questions a business’ moral authority. Things certainly cannot be much better when the regulators begin nosing around your own self-indulgence. What happens when you realize all of a sudden that all those actions you have taken may actually fall under the jurisdiction of both the United Kingdom and the United States and their respective anti-corruption laws, the UK Bribery Act and the US Foreign Corrupt Practices Act (FCPA)? It turns out all of this may have come through for our friends at Fédération Internationale de Football Association (FIFA).

Last week FIFA announced that it had considered the investigation into allegations of corruption into the awarding of the 2018 World Cup tournament to Russia and the 2022 World Cup tournament to Qatar and found, as reported in the Financial Times (FT) by Roger Blitz in an article entitled “Fifa thrown into fresh turmoil over Qatar World Cup corruption claims”, that “any improper behaviour in the bidding process for the tournament was “of very limited scope.”” This conclusion was made by a FIFA appointed former judge, “Hans-Joachim Eckert, who is chairman of the adjudicatory chamber of Fifa’s ethics committee.” Eckert had reviewed a 350-page report by investigator Michael J. Garcia, who is a former US prosecutor now practicing law in New York. Eckert released a 42 page “summary study” of the Garcia report, which he claimed supported his decision.

Unfortunately for FIFA and Eckert, Blitz reported in another FT article, entitled “Garcia and Eckert set for showdown over Fifa report”, that “Mr Eckert’s summary was disowned within hours of its publication by Mr Garcia, who claimed it misrepresented his findings. He has protested to Fifa’s appeals committee.” Garcia’s statement “has blown apart Fifa’s attempt to bring to a close nearly three years of allegations of unethical behaviour and has left Mr Eckert under increasing pressure to publish the Garcia investigation.” This action by FIFA led Reinhard Rauball, president of the German football league (DFL), to say, “Europe would have to consider breaking away from Fifa unless the Garcia investigation was published in full.”

All of this came after the summary itself noted that documents and evidence surrounding the Russian bid were lost because the computers on which they were stored had been destroyed. Garcia was not even able to speak with all the relevant witness in the Qatar bid as well. Even with this lack of full investigation, Garcia issues a statement which said that Eckert’s summary contained “numerous and materially incomplete and erroneous representations of the facts and conclusions detailed in the investigatory chamber’s report.”

What does all of this mean for FIFA? Certainly if the head of the German football league says that the European soccer federations may have to pull out of the organization because it is so corrupt that portends poorly. In another article in the FT, entitled “Brussels launches sliding tackle against Fifa”, Alex Barker reported “The EU’s top sports official is urging Fifa to come clean with findings from its corruption investigation, in a warning that signals a Brussels rethink over the commercial freedoms enjoyed by football’s scandal-tarnished governing body. In a direct swipe at Fifa’s attempt to clear Russia and Qatar to run the next two World Cups, Tibor Navracsics, the EU commissioner for sports, has called for full publication of a graft report into the 2010 bidding process to “remove doubts” about its findings. While Sepp Blatter’s Fifa is an unregulated Swiss body independent from government, its lucrative business activities in the European market are subject to rules overseen by EU regulators, including sales of television rights.”

What about any criminal issues? A quick Google search reveals that FIFA has offices in both the US and the UK. Given the very broad jurisdiction of the FCPA and perhaps the UK Bribery Act, it does not seem too far a stretch for either the Department of Justice (DOJ), the FBI, the UK Serious Fraud Office (SFO) or even the Overseas anti-corruption unit of the London police might want to open an investigation. Indeed CNN reported that the FBI is investigating FIFA at this time, saying “Investigators are moving ahead with their probe, which could result in charges against senior FIFA officials, the U.S. law enforcement officials said.”

For the compliance practitioner there are a couple of important lesson in all of this. First and foremost, in your internal investigations, you need to provide access of both documents and witnesses to your counsel. If you do not that alone may certainly compromise your investigation. This point was recently re-emphasized in the ongoing General Motors (GM) scandal over its ignition switch problems. It turns out that over two months prior to the public announcement the company had ordered over 500,000 new switches from its supplier. According to Hilary Stout and Bill Vlasic, writing in the New York Times (NYT) in an article entitled “G.M. Ordered a Half-Million Replacement Switches 2 Months Before Recall”, the order was placed after an internal company committee met. But no records of the meeting were provided to company’s outside counsel investigating this matter, Anton R. Valukas. Interestingly Valukas released a statement which the article quoted, ““To my knowledge, G.M. provided me access to all information in its possession related to G.M. inquiries regarding various repair options and part availability as G.M. considered potential fixes for the ignition switch in the event that a recall would occur,” the statement said.” That is lawyer-speak for I looked at what they showed me.

Hiding or not providing access to internal or outside counsel can be a recipe for disaster with the DOJ. The reason is the same as it is a disaster for FIFA in Europe. There is no trust left for the organization. Ask any ex-DOJer and they will tell you that it is all about credibility when you self-disclose to the DOJ or when you are in negotiations with the DOJ over a potential FCPA penalty. I regularly hear Stephen Martin and Mike Volkov say precisely that when they talk about their experiences from working for the US government. If you do not allow your investigators access to all relevant documents and those witnesses under your control, the DOJ will most probably not consider the results of your investigation valid. The DOJ may not even consider your exertions worthy of a good-faith effort.

One thing is also very relevant for the compliance practitioner. If your outside counsel disavows him or herself from the company’s interpretation of it going forward, you are in big trouble. Even the WSJ, in its Op-Ed piece said, “FIFA’s moral failure stands out.”

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

November 11, 2014

The definitive guide to Corporate Self Reporting

Ed. Note-today is the now know as Veteran’s Day. It was previously known as Armistice Day. In the UK it is known as Remembrance Day. Whatever moniker it might take, I thought today we should honor all the fallen from World War I. Below is a photo courtesy of Mike Brown of over 800,000 poppy’s around the Tower of London in honor the British war dead from that conflict. Continuing today’s British theme, today’s post is a report of an article found on thebriberyact.com website on issues related to self-disclosure under the UK Bribery Act. I asked the Bribery Act.com guys, Barry Vitou and Richard Kovalevsky Q.C. if I  could repost it in its entirety, which they graciously allowed me to do. The podcast of my recent interview with Barry Vitou on the current state of the Serious Fraud Office and Bribery Act enforcement actions and related issues on the FCPA Compliance and Ethics Report, is available by clicking here

Poppy's at tower.3

 

We have aggregated below the SFO guidance on Self Reporting (available on its website on a number of pages) and importantly recent comments from the Director about it.  If you are considering Self Reporting as an option we strongly advise you consider the following and obtain independent legal counsel.  We would be delighted to talk to you if you have any questions.  Self Reporting is a big step and should not, in our view, be undertaken without advice.

Will my company be prosecuted if it Self Reports?

Whether or not the SFO will prosecute a corporate body in a given case will be governed by the Full Code Test in the Code for Crown Prosecutors, the joint prosecution Guidance on Corporate Prosecutions and, where relevant, the Joint Prosecution Guidance of the Director of the SFO and the Director of Public Prosecutions on the Bribery Act 2010.

If on the evidence there is a realistic prospect of conviction, the SFO will prosecute if it is in the public interest to do so. The fact that a corporate body has reported itself will be a relevant consideration to the extent set out in the Guidance on Corporate Prosecutions. That Guidance explains that, for a self-report to be taken into consideration as a public interest factor tending against prosecution, it must form part of a “genuinely proactive approach adopted by the corporate management team when the offending is brought to their notice”. Self-reporting is no guarantee that a prosecution will not follow. Each case will turn on its own facts.

In appropriate cases the SFO may use its powers under proceeds of crime legislation as an alternative (or in addition) to prosecution; see the Attorney General’s guidance to prosecuting bodies on their asset recovery powers under the Proceeds of Crime Act 2002. If the SFO uses its powers under proceeds of crime legislation, it will publish its reasons, the details of the illegal conduct and the details of the disposal.

In cases where the SFO does not prosecute a self-reporting corporate body, the SFO reserves the right (i) to prosecute it for any unreported violations of the law; and (ii) lawfully to provide information on the reported violation to other bodies (such as foreign police forces).

This statement of policy has immediate effect. It supersedes any statement of policy or practice on self-reporting previously made by or on behalf of the SFO.

Self-reporting process. How does a corporate Self Report?

The SFO’s restatement of policy on corporate self reporting explains that, in determining whether or not to prosecute, the fact that a corporate body has reported itself will be a relevant consideration to the extent set out in the Guidance on Corporate Prosecutions.

According to the guidance, for a self-report to be taken into account as a public interest factor tending against prosecution it must form part of a genuinely proactive approach adopted by the corporate management team when the offending is brought to their notice, involving self-reporting and remedial actions, including the compensation of victims. The guidance also explains that, in considering whether a self-reporting corporate body has been genuinely proactive, prosecutors will consider whether it has provided sufficient information, including making witnesses available and disclosing the details of any internal investigation, about the operation of the corporate body in its entirety.

Prosecutors will also be mindful that a failure to report the wrongdoing within a reasonable time of the offending coming to light is a public interest factor in favour of a prosecution. It should be borne in mind that the SFO may have information about wrongdoing from sources other than the corporate body’s own self-report. The timing of any self-report is therefore very important. A failure to report properly and fully the true extent of the wrongdoing a further public interest factor in favour of a prosecution.

The following is an outline of the process to be adopted by corporate bodies and/or their advisers when self-reporting to the Serious Fraud Office.

Initial contact, and all subsequent communication, must be made through the SFO’s Intelligence Unit (confidential@sfo.gsi.gov.uk). The Intelligence Unit is the only business area within the SFO authorised to handle self-reports.

Hard copy reports setting out the nature and scope of any internal investigation must be provided to the SFO’s Intelligence Unit as part of the self-reporting process.

All supporting evidence including, but not limited to emails, banking evidence and witness accounts, must be provided to the SFO’s Intelligence Unit as part of the self-reporting process.

Further supporting evidence may be provided during the course of any ongoing internal investigation.

As stated within the SFO’s revised policy, self-reporting is no guarantee that a prosecution will not follow. Each case will turn on its own facts.

Apart from the information provided above, the SFO will not advise companies or their advisers on the format required for self-reports. Nor will the SFO give any advice on the likely outcome of a self-report until the completion of that process.  For further information visit our Q&A section.

FAQ

The Serious Fraud Office has reviewed its policy on…corporate self-reporting.

  1. Why are revisions being published?
  2. Following his appointment, the Director of the SFO decided to review SFO policies and take forward recommendations made by the OECD Working Group on Bribery. The revisions have been published to:

restate the SFO’s primary role as an investigator and prosecutor of serious and/or complex fraud, including corruption;

ensure there is consistency with the approach of other prosecuting bodies; and

take forward certain OECD recommendations.

The SFO’s primary role is to investigate and prosecute. The revised policies make it clear that there will be no presumption in favour of civil settlements in any circumstances.

  1. Is this a shift in the SFO’s position?
  2. The new approach restates the SFO’s primary purpose.

Around the time when the Bribery Act 2010 came into force, joint guidance was issued by the Director of Public Prosecutions and the Director of the SFO, and separate guidance was published by the Ministry of Justice. Save for one change, that guidance continues to apply. The only change is that the reference in the joint prosecution guidance to the SFO’s former policy on self-reporting has been removed.

Any decision to prosecute unlawful activity will be governed by the Full Code Test in the Code for Crown Prosecutors and the applicable joint prosecution guidance.

  1. What about companies that have already acted on the old guidance?
  2. Each case will be reviewed and assessed according to its own circumstances. If there has been reliance on a previous statement of policy or practice the SFO will consider such reliance in the context of the Full Code Test. If before the publication of the revised policy statements the SFO entered into an agreement with a corporate body based on an earlier SFO statement of policy or practice, and the corporate body has fully complied with the terms of that agreement, then the previous statement of policy or practice will continue to apply
  3. Why is there a revised approach to self-reporting?
  4. As explained above, the revisions have been made to:
  • restate the SFO’s primary role as an investigator and prosecutor of serious and/or complex fraud, including corruption;
  • ensure there is consistency with the approach of other prosecuting bodies; and
  • take forward certain OECD recommendations.

The revised statement of policy explains in clear terms that that any decision to prosecute unlawful activity will be governed by the Full Code Test in the Code for Crown Prosecutors and the applicable joint prosecution guidance.

The revised statement of policy is not limited to allegations involving overseas bribery and corruption.

If the requirements of the Full Code Test are not established, the SFO may consider civil recovery as an alternative to a prosecution.

  1. Will the SFO communicate with corporate bodies about their past or future conduct?
  2. The SFO encourages corporate self-reporting, and will always listen to what a corporate body has to say about its past conduct; but the SFO offers no guarantee that a prosecution will not follow any such report.

The SFO is primarily an investigator and prosecutor of serious and/or complex fraud, including corruption. It is not the role of the SFO to provide corporate bodies with advice on their future conduct.

What the Director of the SFO says

Director of the SFO, David Green QC CB Quoted at Pinsent Masons annual regulatory conference on Self Reporting on 24 October 2013. He said:

“I recently attended a private gathering of general counsel from a number of major multi-national corporations. I spoke on the subject of corporate self-reporting of instances of suspected criminality, including bribery and corruption.

There was then a Q&A session, during which 2 attendees indicated that the advice they were receiving from their external lawyers was that such matters should NOT be reported to the SFO, because “the SFO was not as helpful as it used to be”. There followed a vote on the issue, which was firmly in favour of self-reporting. Well they would, wouldn’t they.

I became DSFO in April 2012.

It is now a year since I changed the published SFO guidance on self-reporting by corporates.

The guidance I inherited contained an implied presumption that self-reported misconduct would be dealt with by civil settlement rather than prosecution.

I took the view that no prosecutor should appear to offer such a guarantee in advance. As a prosecutor, you can never anticipate what set of facts and conduct might be next in through the door.

I took the guidance back to the historic position agreed with the Director of Public Prosecutions: that we would apply the full code test for crown prosecutors to self-reported criminality. In other words, we ask (after our own investigation): is there sufficient evidence to prosecute, and if so, is a prosecution in the public interest?

The SFO’s message is carefully expressed and nuanced. Assume the evidential sufficiency test is passed. If a company made a genuine self-report to us (that is, told us something we did not already know and did so in an open- handed, unspun way), in circumstances where they were willing to cooperate in a full investigation and to take steps to prevent recurrence, then in those circumstances it is difficult to see that the public interest would require a prosecution of the corporate.

Some parts of the blogosphere seem to have difficulty with this, writing that it means self-reporters will be prosecuted. It means no such thing.

Some corporate lawyers complain that the new approach (actually, the principled, established approach) creates “uncertainty”. I disagree: and I think that when they say “certainty” it is code for “guarantee”.

For the avoidance of doubt, the SFO continues to receive self-reports, and I anticipate the numbers will only rise as Deferred Prosecution Agreements (DPAs) bed in next year.

So why should a company self-report instances of suspected criminal misconduct to the SFO?

(i)                A self-report at the very least mitigates the chances of a corporate being prosecuted.  It opens up the possibility of civil recovery or a DPA.

(ii)             There is the moral and reputational imperative: it is the right thing to do and it demonstrates that the corporate is serious about behaving ethically.

(iii)           If the corporate chooses to bury the misconduct rather than self-report, the risk of discovery is unquantifiable. There are so many potential channels leading to exposure: whistle-blowers; disgruntled counterparties; cheated competing companies; other Criminal Justice agencies in the UK; overseas agencies in communication with SFO; and the SFO’s own developing intelligence capability, to name but a few.

(iv)           If criminality is buried and then discovered by any of the above routes, the penalty paid by the corporate in terms of shareholder outrage, counterparty and competitor distrust, reputational damage, regulatory action and possible prosecution, is surely disproportionate.

(v)             Last but not least, burying such information is likely to involve criminal offences related to money laundering under sections 327-9 of the Proceeds of Crime Act.

There are, I suggest, very powerful arguments in favour of self-reporting.

Once the decision to self-report has been made by the corporate, then the question of timing arises. Common sense suggests that an initial report of suspected criminality should be made to the SFO as soon as it is discovered. This surely protects the company against the SFO finding out by other means whilst the company investigates further. The corporate can then investigate in depth and report back to the SFO. The SFO will   carry out its own assessment with possible use of S2A powers (in the case of bribery), and, if justified, the opening of a criminal investigation and the exercise of S2 powers.”

October 8, 2014

GSK as a Watershed in the International Fight Against Bribery and Corruption

Lifting WeightsGlaxoSmithKline PLC (GSK) may well be a watershed in the global fight against bribery and corruption. Behavior and conduct, which was illegal under Chinese law but previously tolerated and even accepted by Chinese government officials, quickly became a quagmire that the company was caught in when charges of corruption were leveled against them last year. Many westerners were skeptical about the claims made against GSK and its head of China operations, Mark Reilly. That is one of the problems in paying bribes to government officials; it is always illegal under domestic law. David Pilling, writing an article in the Financial Times (FT) entitled “Why corruption is a messy business”, said “Multinationals are discovering that there is only one thing worse than operating in a country where corruption is rampant: operating in one where corruption was once rampant – but is no longer tolerated.”

When it began, it was not it clear why China’s Communist Party Chief Xi Jinping began his anti-corruption push. Some speculated that it was an attack on western companies for more political reasons that economic reasons. Others took the opposite tack that the storm, which broke with the bribery and corruption investigation of GSK, was China’s attack on western companies to either hide or help fix problems endemic to the Chinese economic system. My take is that his campaign has a different purpose but incorporates both political and economic reasons. That purpose is that Xi has recognized something that the US government officials and most particularly the Department of Justice (DOJ) have been preaching for some time. That is, the insidiousness of corruption and its negative effects on an economic system.

Xi and China have realized that corruption is a drain on the Chinese economic system. Publications as diverse as the Brookings Institute to the Wall Street Journal (WSJ) have noted that one of the reasons for the anti-corruption campaign is to restore the Chinese public’s faith in the ruling Communist Party. Bob Ward, writing in the WSJ article entitled “The Risks in China’s Push to Root Out Wrong”, said, “China’s anticorruption drive began in late 2012 as a way to cleanse the ruling Communist Party and convince ordinary Chinese that the system isn’t rigged against them. Investigators are targeting some of China’s most powerful officials and disciplining tens of thousands of lower-echelon officials who party investigators contend got used to padding their salaries.” Cheng Li and Ryan McElveen, writing online for Brookings, in an article entitled “Debunking Misconceptions About Xi Jinping’s Anti-Corruption Campaign”, wrote, “If there were ever any doubts that Xi could restore faith in a party that had lost trust among the Chinese public, many of those doubts have been dispelled by the steady drumbeat of dismissals of high-ranking officials since he took office.”

But the economic reasons behind the anti-corruption campaign are equally important. One of the more interesting articulations came from one disgraced former Chinese government official, who was one of the earliest senior officials to be charged with corruption. In a WSJ article by James T. Areddy, entitled “Chinese Ex-Official Admits to Corruption”, he wrote about the trial of Liu Tienan, the “former head of the National Energy Administration and senior director in the National Development Reform Commission” who had been arrested in May 2013. His trial finally came around in September 2014. At his trial he made some rather extraordinary statements. Areddy wrote that “Liu testified that reducing official power is key to curbing corruption: “The major point, which is based on my own experience, is to give the market a great deal of power to make decisions.”” But Liu did not end there, “as he explained his view that China’s state bureaucracies are too powerful and entrepreneurs are too weak. “Approvals should be developed in a system, rather by an individual’s actions. This would help prevent abuse of power for personal self-interest.””

Whether or not Liu thought those statements up on himself, a smart defense lawyer suggested he make them to reduce his sentence, or the Chinese government told him to say it as his role in the well-known show trials of the Chinese justice system; it really does not matter. That is one of the most incredible statements I have ever heard of coming out of anything close to an official Chinese statement or proceeding. Think about it; first Liu is saying that the Adam Smith’s ‘invisible hand’ of the market should be governing market decisions. Next, he speaks against the arbitrary nature in China for entrepreneurs in giving approval about how businesses can expand and grow in China. This arbitrary process should be replaced with objective criteria. It is almost if Lui is channeling his inner FCPA Professor when he speaks against artificial barriers to market entry. Finally, Liu attacks the small-mindedness of bureaucratic mentality in their use of power for self-interest.

There have already been demonstrated economic benefits to China’s anti-corruption campaign. In September, Bloomberg reported that China’s fight against bribery and corruption could boost economic growth, generating an additional $70 billion for the budget, in summarizing economists’ forecasts. An article in the online publication Position and Promotions, reported that the bribery “could trigger a 0.1-0.5 percent increase in the world’s second-biggest economy, equivalent to $70 billion dollars.” This crackdown should also be welcomed by western companies, as “it could also benefit foreign companies operating on the Chinese market, who have experienced the negative effects of the omnipresent palm-greasing, according to Joerg Wuttke, president of European Chamber of Commerce in China.” He was further quoted as saying, “It takes the stress away. You’re not afraid that somebody gets an order because he found a better champagne or something like that. It’s not Singapore yet, but it’s a very positive development”.

As we close this phase of GSK’s saga, I think some time for reflection is appropriate. For the compliance practitioner there have been many specific lessons to be learned from GSK’s missteps. However I think the clearest lesson is that the only real hope that a company has into today’s world is an effective, best practices anti-corruption compliance program. Whether it is designed to help a company comply with the Foreign Corrupt Practices Act (FCPA), UK Bribery Act or other anti-corruption legislation, it really does not matter. It is the only, and I mean only, chance your company will have when an issue in some far-flung part of the world splashes your company’s name across the world’s press.

But there may also be cause for celebration to those who have long preached against the evils of corruption, whether it is for economic reasons or for those who view the fight against anti-corruption as a part of the fight against terrorism. For if China is attacking domestic corruption, I believe that will lead other countries to do so as well. We are already seeing stirrings in India under new President Modi. So while GSK may well suffer going forward, the fight against global bribery and corruption may just have moved a few feet forward.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

October 2, 2014

The Mitford Sisters and the Compliance Audit

Mitford SistersDeborah Cavendish died last week. She was the last surviving member of an extraordinary group of women known as the ‘Mitford Sisters’. They were six daughters of David Freeman-Mitford, the 2nd Baron Redesdale and the former Sydney Bowles. The six had about as varied lives as one could possibly have from six different yet related siblings. Nancy (1904-73) became an author and wrote “The Pursuit of Love” and “Love in a Cold Climate.” Pamela (1907-94), who grew up wanting to be a horse, married a horseman who became a physicist. Diana (1910-2003) married Britain’s fascist leader Oswald Mosley, in the presence of Hitler and Joseph Goebbels. Unity (1914-1948) fell in love with Hitler and was Eva Braun’s rival for his affections; she died a decade after her attempted suicide with the bullet still in her head. Jessica (1917-96) was a communist. This did not prevent her from eloping with Churchill’s nephew and moving to the United States, where she penned “The American Way of Death” and other books. Deborah developed a passion for chickens and later married Andrew Cavendish, who became the Duke of Devonshire, making Deborah, the Duchess of Devonshire.

Deborah’s major accomplishment was to adapt the Duke ancestral home of Chatsworth into self-sustaining family business. She kept up a personal and active involvement in this project for nearly 40 years, until her husband died and she became the Dowager Duchess. Today, Chatsworth is one of the most visited sites in England.

I thought about Deborah, her remaking of Chatsworth and how she and her sisters remade themselves from the fairly-tale princess lives they grew up with when I read a recent article in the Red Flag Group’s Compliance Insider, September-October issue, entitled “Rethinking the typical audit”, by Georgia White. The piece recognized that the standard financial audit clause may be of little use to the compliance practitioner but it can be reworked “to include proactive compliance obligations which can be an effective and valuable way to positively manage relationships with distributors and resellers.” Some of the reasons for typical audit clauses with such parties are disfavored and were identified as “insufficiently tailored and poorly defined” or such audit clauses have some type of “catch-all” provision which allows a company to audit more than simply its relationship with a distributor or reseller. Such audit clauses were noted to “represent little value for both the client and the business partner.”

Compliance Audit Clause

The first focus of the article was that “Compliance audits should be aimed at engaging business partners to participate in compliance initiatives pro-actively, whether by way of interview or discussion, integrity circles or forums, or healthy checks or periodic review” all supplemented by occasional transaction sampling. In other words, you must do the work required in managing the relationship after the contract is signed or Step 5 in the Five Step lifecycle management of third parties. The article suggested the following compliance audit clause, “In addition to maintaining proper records and accounts in relation to Distributor/Reseller’s use of product X, Distributor/Reseller will participate in compliance health checks and periodic reviews, and attend integrity circle and forums on a regular basis as required by Supplier Y. In the event of an allegation of misconduct, upon seven (7) days written notice Supplier Y (or its authorized agent)may conduct an inspection and audit all relevant facilities and records of Distributor/Reseller to verify compliance with obligations under this Agreement. Such audit is to be conducted in business hours at Supplier Y’s own expense and in such a manner as not to unreasonably interfere with Distributor/Reseller’s normal business activity.”

Getting buy-in from business partners

The piece suggests that in this manner of pro-actively engaging your Distributor/Reseller you can help maintain “the integrity of the relationship” and keep “open and transparent lines of communication.” While it may be easier to include such a clause with a new Distributor/Reseller; you may face a challenge with such a relationship which has been long standing. However for an effective Distributor/Reseller to be maintained, the author believes that everyone must be treated equally (the Fair Process Doctrine in play) as “compliance audits should apply to new and existing partners alike.” The key is communication by educating your Distributor/Reseller base “on the value of this kind of proactive exchange on compliance issues during business-planning sessions.” In other words, set expectations by talking to your business partners about why the compliance audit is necessary and, more importantly, have them understand the “risks associated with product diversion and unethical behaviour.”

When should the audit clause be added?

The piece takes on another touchy subject in audit clauses which is timing by stating, “To maintain positive relationships with existing business partners it is important to consider the timing of any proposed changes to existing contractual provisions.” However White provided some timing points for initiating this discussion.

  • Contract renewal cycle. If such a discussion is brought up during the regular renewal cycle you certainly should have good argument about such programs under a Foreign Corrupt Practices Act (FCPA) best practices compliance program. The debate about whether distributors were covered was ongoing until a couple of years ago so many companies may not have considered auditing such relationships. Moreover, White notes that if you raise the issue during a renewal cycle, “business partners are less likely to invoke suspicion that is a ‘targeted’ requirement” you are aiming only at them.
  • Annual business planning sessions. Such meetings usually entail an overall strategy component so White believes it is a good time to bring up the issue in the context of your company’s overall anti-corruption compliance efforts. You should have the opportunity to “discuss best-practice strategy and introduce the possibility of proactive compliance auditing for the relationship going forward.” The more you can focus on the ‘partner’ nature of the compliance obligation the more this should resonate with your Distributor/Reseller.
  • Company-wide annual meetings with Distributor/Resellers. Here White suggests that if you bring all of your Distributor/Resellers together and announce the auditing requirement, you may be able to demonstrate that auditing is now a system wide requirement. She believes “The chance of buy-in is increased if it is perceived that other competitors are already actively engaging with you in this manner.”
  • White suggests, particularly if you are in a high risk environment or need to institute such an audit right sooner rather than later, to negotiate over audits rights. She suggests “consider introducing the proposed change in tandem with a benefit that is being rolled out to the business partner.” I would add that you could also sweeten up the pot.

From the overall tone of White’s article, the key seems to communication. Communication can be used to show that adding and then invoking a compliance audit clause is not necessarily a negative outcome. But more than communication with your Distributor/Resellers is the concept from the Fair Process Doctrine; that is, if the process is fair, people and business partners may be more willing to accept a perceived negative outcome. This will go a long way to alleviating fears from Distributor/Resellers that they are being targeted for some nefarious reason or worse, that your company may be using the information obtained in a compliance audit to drive down the commercial value of the relationship.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

September 23, 2014

Billy the Kid Begins and the GSK China Verdict

Billy the KidAccording to This Day in History, 139 years ago today, Billy the Kid was arrested for the first time, for theft. Billy the Kid was believed to have been born in New York City and was later taken out west by his mother. He was arrested on September 23, 1875 when he was found in possession of clothing and firearms that had been stolen from a Chinese laundry owner. Two days after he was placed in jail, the teenager escaped up the jailhouse chimney. From that point on Billy the Kid was a fugitive. He later broke out of jail and roamed the American West, eventually earning a reputation as an outlaw and murderer, allegedly committing 21 murders.

I thought about the start of Billy the Kid’s outlaw career and more particularly how it ended as I was thinking through some of the issues surrounding the GlaxoSmithKline PLC (GSK) bribery conviction in China last week. For instance, did GSK obtain a negotiated settlement with the Chinese government when it was announced that the company pled guilty to bribery and corruption and was fined almost $500MM by a Chinese court? Further, what lessons can be drawn from the GSK matter for companies operating in China and the compliance practitioner going forward? Today, I want to explore the lessons that a company might be able to draw from the GSK matter.

I think the first lesson to draw is that the Chinese government will focus more on companies than on individuals. Andrew Ward, Patti Waldmeir and Caroline Binham, writing in a Financial Times (FT) article, entitled “Pain from graft scandal likely to linger”, quoted Mak Yuen Teen, a corporate governance expert at the National University of Singapore for the following, “By handing suspended sentences rather than jail terms to Mark Reilly, GSK’s former head of China, and four of his top lieutenants, the court in Hunan province was holding the company more accountable than the individuals.”

However other commentators said, “GSK got off more lightly than expected for bribing doctors to prescribe its drugs.” The article went on to note, “People close to the situation denied that the outcome amounted to a negotiated settlement. But Bing Shaowen, a Chinese pharmaceuticals analyst, said it was likely that GSK made commitments on research and development investment and drug pricing to avoid more draconian treatment. A further FT article by Andrew Ward, Patti Waldmeir and Caroline Binham, entitled “GSK closes a chapter with £300m fine but story likely to run on”, cited Dan Roules, an anti-corruption expert at the Shanghai firm Squire Sanders, who said that he had expected the penalty to be harsher. Roules was quoted as saying “The fact that GSK co-operated with the authorities would have made a difference.” The article went on to say that Roules “pointed to GSK’s statement on Friday pledging to become “a model for reform in China’s healthcare industry” by “supporting China’s scientific development” and increasing access to its products “through pricing flexibility”.”

What about reputational damage leading to a drop in the value of stock? The market had an interesting take on the GSK conviction, it yawned. Moreover, as noted in the FT Lex Column “The stock market was never bothered. The shares moved little when the investigation, and then the fine, were disclosed.” Why did the market have such a reaction? The Lex Column said that one of the reasons might be that the “China may be too small to matter much for now” to the company.

Another lesson is one that Matt Kelly, editor of Compliance Week, wrote about in the context of the ongoing National Football League (NFL) scandal, in an article entitled “The NFL’s True Problem: Misplaced Priorities Trumping Ethics & Compliance”, when he said that a company must align its “core values with its core priorities.” GSK moved towards doing that throughout the last year, during the investigation into the bribery and corruption scandal in China. Although the Chief Executive Officer (CEO) of GSK, Sir Andrew Witty, has been a champion for ethical reform in both the company and greater pharmaceutical industry, the FT reporters noted that the China corruption scandal, coupled with “smaller-scale corruption allegations in the Middle East and Poland, has raised fresh questions about ethical standards and compliance.” If Witty wants to move GSK forward, he must strive to align the company’s business priorities with his (and the company’s) stated ethical values.

Which brings us to some of the successes that GSK has created in the wake of the bribery and corruption scandal. These successes are instructive for the compliance practitioner because they present concrete steps that the compliance practitioner can do to help facilitate such change. As reported by Katie Thomas, in a New York Times (NYT) article entitled “Glaxo to Stop Paying Doctors To Boost Drugs”, one change that GSK has instituted is that it will no longer pay doctors to promote its products and will stop tying compensation of sales representatives to the number of prescriptions doctors write, which were two common pharmaceutical sales practices that have been criticized as troublesome conflicts of interest. While this practice has gone on for many, many years it had been prohibited in the United States through a pharmaceutical industry-imposed ethics code but is still used in other countries outside the US.

In addition to this ban on paying doctors to speak favorably about its products at conferences, GSK will also change its compensation structure so that it will no longer compensate sales representatives based on the number of prescriptions that physicians write, a standard practice that some have said pushed pharmaceutical sales officials to inappropriately promote drugs to doctors. Now GSK pays its sales representatives based on their technical knowledge, the quality of service they provided to clients to improve patient care, and the company’s business performance.

In addition to the obvious conflict of interest, which apparently is an industry wide conflict because multiple companies have engaged in these tactics, there is also clearly the opportunity for abuse leading to allegations of illegal bribery and corruption. Indeed one of the key bribery schemes alleged to have been used by GSK in China was to pay doctors, hospital administrators and other government officials, bonuses based upon the amount of GSK pharmaceutical products, which they may have prescribed to patients. But with this new program in place, perhaps GSK may have “removed the incentive to do anything inappropriate.”

This new compensation and marketing program by GSK demonstrates that companies can make substantive changes in compensation, which promote not only better compliance but also promote better business relationships. A company spokesman interviewed the NYT piece noted that the changes GSK will make abroad had already been made in the US and because of these changes, “the experience in the United states had been positive and had improved relationships with doctors and medical institutions.”

In addition to these changes in compensation and marketing, Ward/Waldmeir/Binham, reported that GSK announced it would strive to be “a model for reform in China’s healthcare industry” by “supporting China’s scientific development” and increasing access to its products “through pricing flexibility”. They further stated “Rival companies will now be watching nervously to see whether more enforcement action takes place in a sector where inducements for prescribing drugs have long been an important source of income for poorly paid Chinese medics,” which is probably not going to be a return the wild west of bribery and corruption that occurred over the past few years in China. Bing Shaowen was quoted as saying that the GSK matter “is a very historic case for the Chinese pharmaceutical industry. It means that strict compliance will become the routine and the previous drug marketing and sales methods must be abolished.”

Whatever you might think of the GSK result, the company certainly ended its legal journey better in China than Billy the Kid did in New Mexico. But the company still faces real work to rebuild its reputation in China. Moreover, it still faces legal scrutiny for its conduct in the UK under the Bribery Act and the US under the Foreign Corrupt Practices Acct (FCPA). So stay tuned…

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

September 17, 2014

Bad News Barnes and China’s Overseas Efforts to Fight Corruption

Filed under: Bribery Act,Corruption in China,FCPA,Financial Times — tfoxlaw @ 8:56 pm

Marvin BarnesMarvin ‘Bad News’ Barnes died last week. Barnes probably summed up the state of professional basketball more than any one person in the 1970s. He was enigmatic, supremely talented, defiantly self-indulgent, fell prey to drugs and alcohol and lost everything. He exploded onto the national scene in 1973 with a Providence team who went to the Final Four and then went on to play for one of the most unique collection of basketball talents ever assembled; the aptly named St. Louis Spirits in the old American Basketball Association (ABA). After the folding of the ABA, he played for Boston, Detroit, Buffalo and San Diego in the National Basketball Association (NBA). In his obituary in the New York Times (NYT), entitled “Marvin Barnes, Enigmatic Basketball Player, Dies at 62”, reporter Bruce Weber quoted former Spirits owner Donald Schupak, from a 1976 interview where he said of Barnes, “He’s a nice guy, a sweet guy, everybody likes him. He’s just totally unreliable. He’s probably in the top five players talent-wise. In terms of value to the team, he’s probably in the bottom 10 percent.” My personal favorite Bad News Barnes story was the time he showed up for a Pistons game in the middle of the first quarter, dressed in his game jersey and a full length mink coat, eating some French Fries, claiming he had ‘overslept’. Bad news indeed.

I thought about Bad News Barnes whilst reading some recent Financial Times (FT) articles about China’s fight against corruption. They were “China takes its anti-corruption battle to foreign shores” and “China bribe cases pose test for west as suspects flee” both by Jamil Anderlini. I thought they posed some interesting questions for anti-compliance practitioners, law enforcement officials who enforce anti-corruption laws and the anti-corruption commentariatti out there.

The problem of corruption in China is both well known and well documented, as is the ongoing anti-corruption campaign. In the former article, Anderlini says, “The US-based group Global Financial Integrity estimates illegal flows out of China amounted to $2.83tn [that is Trillion] between 2005 and 2011. The article details that China is carrying the fight against anti-corruption outside the boundaries of the country to seek those persons who may have been the recipients of corrupt payments and have fled the country.” He wrote, “Communist party officials have launched an investigation into assets and individuals based in New Zealand.” The effort, code named “Fox Hunt 2014” (you have to love that moniker), is being run by the Communist Party’s “Central Commission for Discipline Inspection [CCDI], a shadowy organization with a controversial human rights record”. It has set a dedicated office to “investigate allegedly corrupt officials who have absconded or sent relatives and assets abroad.”

In the later article, Anderlini wrote that CCDI status is as the “extralegal body that answers only to the Communist party leadership and has the power to indefinitely detain any of the country’s 86m party members without trial and without access to legal representation. It is often accused of torture, inhumane treatment of suspects and politically motivated investigations, according to human rights groups.” Moreover, some believe this pursuit raises difficult questions for western democracies. Anderlini quoted one un-named diplomat for the following, “Our countries don’t want to be seen as havens where corrupt officials can flee to with their ill-gotten gains but there are serious questions facing any democratically elected government about how far they can co-operate with China’s authoritarian system.” Further, unlike the US, many countries ban the death penalty, which is still legal in China for those Communist Party and government officials who are convicted of accepting bribes. Finally is the issue of the CCDI and the Chinese judicial system. Anderlini said, “Even when cases have been transferred by the CCDI to China’s formal legal system, there are serious questions about judicial independence because the courts ultimately answer to the party hierarchy.”

For some of these reasons and perhaps others, “China does not have extradition treaties with any western democracies although it does have agreements with 38 countries and has repatriated 730 people suspected of “major economic crimes” since 2008, according to state media.” The Chinese government hopes it will “catch more fugitives in countries such as Canada, Australia and the US – the three most popular destinations for allegedly corrupt officials, according to Chinese state media.” Finally, Anderlini noted that multiple “Beijing-based diplomats from several western countries, including the UK, say China has applied growing pressure in recent months in an attempt to secure their help for investigations in their countries.”

Anderlini reported that some people in New Zealand have been made uncomfortable with all of this. He said, “the New Zealand public remains deeply sceptical of closer ties with the authoritarian Chinese government.” Moreover, “In the case of New Zealand, the overwhelming importance of the economic relationship has made at least some people argue for closer co-operation with Beijing in tackling the flow of illicit funds and fugitives from China.” He also quoted Russel Norman, co-leader of New Zealand’s Green Party, who believes “The NZ Police, Ministry of Foreign Affairs and Trade and Prime Minister’s office need to tell the public of New Zealand what, if any, access we are willing to allow the Chinese Communist party to New Zealand residents. Allowing this to happen would be like giving the KGB access to expatriate Russian citizens during the cold war.”

What should the response of western governments be regarding the efforts of the Chinese government to fight internal corruption? Should western governments, such as here in the US, cooperate with the Chinese government in requests for documents, other evidence or interviews? Can the US or other western governments expect reciprocity from the Chinese in a Foreign Corrupt Practices Act (FCPA) or UK Bribery Act investigation if they do not give the same courtesy to Chinese prosecutors? Should the fact that China has harsher penalties for accepting bribes, even up to the death penalty, preclude western governments from cooperating with the Chinese officials. (Please note such argument would not apply in the great state of Texas, where the death penalty most surely does still exist.) What about the CCDI, the “extralegal body” which is heading up this investigation? Should western countries be required to evaluate who is enforcing the Chinese laws on the books against corruption? Can or should you compare the CCDI with the KGB? If you are going to evaluate that body, does it logically lead to an evaluation of the entire Chinese legal system? Finally, if western governments believe that bribery and corruption are insidious matters that require responses, should they care whether an extrajudicial organ of the Chinese Communist Party is involved? All I can conclude is Bad News indeed for those Chinese officials who the CCDI is after, no matter where they might have fled.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

September 11, 2014

King Arthur’s Roundtable – The CCO as Chief Collaboration Officer

RoundtableMany commentators such as Donna Boehme and Mike Volkov often talk about what is required for the position of Chief Compliance Officer (CCO), both in terms of corporate support and skills as a leader of a company’s compliance function. But in many ways a CCO can be seen as a collaborator because so much of the job is working with and interfacing with various functions within a business. I thought about that concept when I read an article in the Corner Office section of the New York Times (NYT) entitled “Titles Don’t Matter. Teamwork Does.” by Adam Bryant where he interviewed and profiled Girish Navani, Chief Executive Officer (CEO) of eClinincalWorks, a provider of clinical information systems.

I found Navani’s leadership style focusing on collaboration to be a good model for a CCO or compliance practitioner because what the compliance function needs to bring is a partnership to help the business and other units do business in compliance with the relevant legal and regulatory scheme. In the world of anti-bribery and anti-corruption that means compliance with the Foreign Corrupt Practices Act (FCPA), UK Bribery Act and similar laws. Navani said that his leadership style is to be as open as possible. One of the techniques that he uses is to have an oval table for meetings. No doubt channeling his inner King Arthur (or perhaps Richard Harris playing King Arthur), the configuration of the table actually seems to facilitate conversation and learning.

Another interesting insight was that Navani structures his company around teams. I thought this could be something that the compliance function could use in its dealings with business units because compliance is really a partnership with the business units and compliance spans multiple functions within any company. I also found another leadership insight from Navani’s leadership style. Navani said he continues “to learn every day. Leadership to me is many different qualities. Some are very basic. You’ve go to be approachable, humble and hard-working. Then there are ones regarding how you treat people. I listen more now. Before, I’d speak all the time. I will still do a lot of talking in meetings, but I absorb others opinions more. And I’m completely open to being told “no”. Questioning my own decision-making with others in the room is fine.”

I found that last point quite useful to consider. Coming out of the legal department and into compliance, I did not always take kindly to being told ‘no’ by someone from the business unit. I thought every pushback was some type of pressure test looking for weakness or tension. However, Navani’s style brings up the useful reminder that often the business function can assist compliance in learning how to perform the function more quickly or more efficiently. Certainly the business can assist the compliance function in understanding the highest risks that a company should focus on managing. In such a partnership role, compliance and the business unit can compliment each other to stop wasting time on immaterial risks so that resources can be delivered to the company’s highest risks.

Navani also stressed accountability. At his company “You’ve got to be accountable to yourself first, and you’ve got to be accountable to your team.” This certainly has application to the compliance function as well. One of the battles that compliance can fight is to be ‘The Land of No’ and the CCO is the head of it, or ‘Dr. No’. However by stressing accountability and creating transparency in the compliance process, I believe that a CCO can go a long way towards ameliorating that misperception.

I also found Navani’s techniques for hiring instructive for compliance. He said, “I look for the heart first. I don’t ask for direct experience.” He expects a modicum of professional expertise by the questions he asks most often are “Do you want to win? What drives you every day? Why health care IT? Can you spend 10 years of your career here? What do you want to do in those 10 years?” Navani went on to say that if he received satisfactory responses to those queries the technical aspects of a position can be taught. But he strives to see if a candidate’s heart is in the right place.

In addition to using these questions to ferret out candidates who will not work with his company, Navani uses these questions to set both a tone and expectation. The message he sends is “We’re not going to stifle you. If you can think out of the box, you will.” Navani believes that by hiring such employees they have the opportunity to become game changers at his company. Now imagine if you could have your Human Resource function use the hiring process to ask questions around attitudes around business ethics or other compliance issues. It would have the dual effect of allowing your company to have a front line inquiry that might weed out those who might be prone to cutting corners through bribery and corruption. But equally important would be the expectation set on the high value your company has on compliance and business ethics. The message would begin pre-hire, set again during employee orientation training and continued throughout the employment tenure.

Through migrating some of these leadership techniques that Navani espoused into your compliance tool-kit; a CCO or compliance professional can help to shift a company’s conversation around compliance. You can move from simply being seen as a safety backstop to one of developing and implementing solutions. Some of the other insights that I drew from Navani include setting out your core function of compliance. A compliance function should be able to offer expertise and insight into solutions. One part of that may be delivering data and other information to the business function to help them make better economic decisions for the company. But another way might be through compliance coaching advocacy.

Navani’s leadership once again demonstrates that if your compliance function shows integrity and responsibility, it can lead to greater teamwork between departments. Many business units fear that the compliance function will take away control of the business process from them. However by demonstrating that compliance is really in partnership, this can move a long way to alleviating this concern.

And do not forget the Round Table.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

September 8, 2014

Board of Directors and FCPA Oversight – An Internal Control Under SOX, Part II

Circle DiagramIn Part I of this two-part post regarding a Board of Director’s Role in Foreign Corrupt Practices Act (FCPA) oversight from the internal controls perspective, I reviewed how a Board might have independent liability for its failure to act as an appropriate internal control as required by Sarbanes-Oxley (SOX). Today I will review what internal controls are and what a Board’s role is within the context of internal controls.

Beginning on Tuesday, in conjunction with this two-part blog, my colleague Henry Mixon, Principal of Mixon Consulting, and myself are recording a podcast series on internal controls, which can be found on FCPA Compliance and Ethics Report. We are discussing the following areas: what are internal controls; how a company might use them and how they can be implemented? In the first of the podcast series I asked Mixon what are internal controls? He began with the textbook definition, which he said was “Internal controls are systematic measures (such as reviews, checks and balances, methods and procedures) instituted by an organization to:

  • conduct its business in an orderly and efficient manner,
  • safeguard its assets and resources,
  • deter and detect errors, fraud, and theft,
  • ensure accuracy and completeness of its accounting data,
  • produce reliable and timely financial and management information, and
  • Ensure adherence to its policies and plans.

Mixon noted that internal controls should be instituted entity wide, not simply limited to those functions used or reviewed by accountants and auditors. For an anti-corruption compliance regime such as the FCPA or UK Bribery Act, internal controls are measures to provide reasonable assurances that any assets or resources of a company (not limited to cash) cannot be used to pay a bribe. This definition includes diversion of company assets (such as by unauthorized sales discounts or receivables write-offs) as well as the distribution of assets.

Mixon noted that the basic framework for internal controls is derived from the COSO Model developed by the Committee of Sponsoring Organizations of the Treadway Commission in 1992 (COSO). This model has become the standard for an internal control framework and provides a structure to ensure companies address the key elements that should result in an effective system of internal controls. Using the COSO Model, as modified in 2013, provides a very supportable approach when adversarial third parties challenge whether a company has effective internal controls. The COSO Model defines internal controls in a pyramid, from bottom to top, as follows: (a) Control environment, (b) Risk assessment, (c) Control activities, (d) Information and communication, and (e) Monitoring.

In the 2013 update the basic framework was retained with substantial support from user companies, and 3 specific objectives were added: (I) Operations Objectives – effectiveness and efficiency of operations, including safeguarding assets against loss; (II) Reporting objectives – internal and external financial reporting; and (III) Compliance objectives – adherence to laws and regulations to which the entity is subject. According to the guidance in the 2013 update, the system of internal controls can be considered effective only if it provides reasonable assurance the organization, among other things, complies with applicable laws, rules, regulations and external standards. With the addition of those specific objectives, the COSO framework now specifically includes the need for controls to address compliance with laws and regulations.

We then turned to the question of which internal controls does a company need to institute? Mixon said that each company defines its internal controls to fit its business by determining what the Company wishes to protect and what type of control environment does it want to have in place. This means that they can be less formal in smaller companies but still effective if the focus is on the right risks. Based upon FCPA guidance, the most common control needs have been identified as follows: (i) Dealings with third parties; (ii) Gifts and entertainment, and (iii) Charitable donations. Yet even within those categories, a wide range of risks exists, depending on a company’s business practices. Mixon emphasized that a Top Down ‘Check-the-box’ generic set of policies will not likely result in effective controls.

The process to determine which internal controls are needed will be of some familiarity to the compliance professional. It all starts with a risk assessment to establish the corporate policies which are applicable, tailored to the company, and sufficiently specific. The risk assessment will also help to identify the types of transactions across the company which should be addressed (gifts and entertainment, maintenance of bank accounts and movement of cash, dealings with third parties, etc.). The next step is to prepare a set of documents which define the control objectives to be in place for each type of transaction – example: “Controls will be in place to ensure no vendor has been added to the vendor master file until complete due diligence has been completed and the vendor has been approved in accordance with Corporate policies. Thereafter, you will need to document how the controls will be performed and how they will be evidenced and then incorporate the control procedures into applicable work instructions and job descriptions.” Mixon cautioned that for each business location, determine the specific controls needed to accomplish each control objective. In many companies, a disparity of operating practices and accounting systems will result in different controls being needed. He ended by emphasizing that while this assignment may seem overwhelming it can be done in reasonable stages, pursuant to a specific implementation plan – it does not have to be done all at once for the entire company.

As you will recall from Part I, I believe, as gleaned from Jim Doty’s remarks, that a Board must not only have a corporate compliance program in place it must also actively oversee that function. This led me to conclude that failure to perform these functions may lead to independent liability of a Board for its failure to perform its allotted tasks in an effective compliance program. Doty’s remarks drove home one of the roles that a Board performs, which fulfills those tasks. Internal controls work together with compliance policies and procedures as stated by Aaron Murphy, a partner at Akin Gump, in his book “Foreign Corrupt Practices Act”, as “an interrelated set of compliance mechanisms.” Murphy went on to say that, “Internal controls are policies, procedures, monitoring and training that are designed to ensure that company assets are used properly, with proper approval and that transactions are properly recorded in the books and records. While it is theoretically possible to have good controls but bad books and records (and vice versa), the two generally go hand in hand – where there are record-keeping violations, an internal controls failure is almost presumed because the records would have been accurate had the controls been adequate.”

Murphy breaks down internal controls into five concepts, which I have adapted for a Board or Board subcommittee role for compliance:

  1. Corporate Compliance Policy and Code of Conduct – A Board should have an overall governance document which will inform the company, its employees, stakeholders and third parties of the conduct the company expects from an employee. If the company is global/multi-national, this document should be translated into the relevant languages as appropriate.
  2. Risk Assessment – A Board should assess the compliance risks associated with its business.
  3. Implementing Procedures – A Board should determine if the company has a written set of procedures in place that instructs employees on the details of how to comply with the company’s compliance policy.
  4. Training – There are two levels of Board training. The first should be that the Board has a general understanding of what the FCPA is and it should also understand its role in an effective compliance program.
  5. Monitor Compliance – A Board should independently test, assess and audit to determine if its compliance policies and procedures are a ‘living and breathing program’ and not just a paper tiger.

There have been several FCPA enforcement actions where the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) discuss the failure of internal controls as a basis for FCPA liability. The Smith & Wesson enforcement action is but the latest. With the questions about the Walmart Board of Directors and their failure to act in the face of allegations of bribery and corruption in the company’s Mexico subsidiary, or contrasting failing to even be aware of the allegations; there may soon be an independent basis for an FCPA violation for a Board’s failure to perform its internal controls function in a best practices compliance program.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

« Previous PageNext Page »

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 5,155 other followers