Compliance Week 2015 Wrap Up

Compliance Week 2015 has ended. This year was the tenth anniversary of the annual conference and in many ways I found it to be the best one yet. Matt Kelly and his team put together a conference and experience, which was absolutely first-rate. If you were not able to make this year’s event, I hope you will join us for Compliance Week 2016, which Matt announced the dates for at the conclusion of this year’s event. The dates for 2016 are May 23-26, back of course in Washington DC to be held yet again at the Mayflower Hotel. I wanted to give you some of my thoughts on the highlights of this year’s event and what made it so unique.

At my age, I am somewhat loathe to channel my teenage daughter but the first thing that I noticed was a very different vibe this year over past year’s conferences. From the Cocktail Party reception held on Sunday night, all the way through the conclusion of the event, there seemed to be an air that I have not quite been able to put my finger on. It was more than an acknowledgement and perhaps even an excitement about how far the compliance profession has come in the past ten years. While I have written about the Chief Compliance Officer (CCO) and compliance profession as CCO 2.0, I had the feeling that we may be moving on to CCO 3.0, as that was even the title of a session.

But this vibe was more tangible than simply a feeling. One key ingredient for me was the use of social media into the conference experience. While many events have a conference app, which can provide you information on such things as the agenda, speakers and their presentations, room locations and the like; the Compliance Week 2015 app was fully interactive, allowing you to live tweet, send IM to fellow conference attendees and receive text messages when a room changed or other conference alteration occurred. It also provided a virtual help desk for all attendees.

Many of sessions were led by CCOs from major corporations and they were able to provide a strategic vision of where they were going at their organizations. This was kicked off from the start of the conference, from the first panel on the first day where the CCOs from Boeing, GE and the Director of Compliance for Wal-Mart began the event. Obviously these are three of the largest companies in the US and do business on a worldwide basis. Yet, while sharing their strategic visions, each one was able to provide a solid example from their respective organization that a CCO or compliance practitioner from any sized company could implement. From Wal-Mart with a workforce of 2.2 million employees, it was keep the message simple. From Boeing, it was incorporate any compliance failures as teaching moments or lessons learned into your internal compliance training going forward. From GE, it was how to inculcate and incorporate compliance into your everyday business planning.

The conversations were excellent as usual. I led the FCPA conversation and there were several alumni present, who told me they look forward to attending each year. One of the reasons is that there is no avenue in their hometowns to get together in an environment to discuss issues of mutual concern. It is concept that Mike Snyder and I used in founding the Houston Compliance Roundtable. A place where you can ask any question and have it answered by another compliance professional in an environment where Chatham House rules apply. While I certainly started the discussion, it quickly became fully interactive with all participants sharing their views on a variety of topics. While we have some great compliance talent in Houston at our Roundtable, it cannot top the level of maturity and sophistication present at the Compliance Week annual conference. We all benefited from the experience.

This experience was doubled when I led a breakfast event on Tuesday. While an inducement to attend was a complimentary copy of my book Doing Compliance, there were 25 attendees who joined me for a very engaging and free-flowing conversation about the state of compliance, we practitioners and where enforcement may be heading. Compliance Week treated us all to breakfast and, once again, I probably learned as much as any one. But since Chatham House rules were in effect, I cannot report on any of the substantive things that were discussed. I will share with you that I am excited to lead such a breakfast again next year and I hope you will be one of the 25 to sign up.

As always there were a number of government representatives who spoke at Compliance Week again this year. For me, the parade was led by Department of Justice (DOJ) Assistant Attorney General Leslie Caldwell. While I will be writing further, and in more detail, about Caldwell’s remarks, she said a few things that I think bear emphasis. One was that compliance professionals need to work towards more data analytics in the form of transaction monitoring to assist in moving to a prevent and even predictive and prescriptive mode for your best practice compliance program. Next she emphasized that your compliance program must not be static but must evolve as your business risks evolve. Finally, and much closer to my heart, were her remarks that you need to “sensitize your business partners to compliance.” It was if she was channeling her inner Scott Killingsworth with his groundbreaking work on ‘Private-to-Private’ or P2P compliance solutions. Or, as I might say, she was advocating a business solution to the legal problem of bribery and corruption across the globe.

But Caldwell was not the only DOJ representative as we had Laurie Perkins, Assistant Chief, Foreign Corrupt Practices Act (FCPA) Unit and Kara Brockmeyer, Chief, FCPA Unit; Division of Enforcement from Securities and Exchange Commission (SEC), on a panel moderated by yours truly. First I would urge that if you are ever asked to moderate a panel with FCPA enforcers and regulators, jump at the chance. The reason is that you get to ask the questions you want answers to; even if you get past your prepared questions, when there is a lull in questions from the audience, you can follow up with something you want to know or in my case always wanted to know. So I asked some basic questions like: What is Criminal Information? (to Perkins) and Could you explain the process for the SEC’s Administrative Procedure? (to Brockmeyer). I was certainly enlightened by their answers to both questions.

The event sponsors were of course there to provide information on their solutions to assist any compliance practitioner. If you have never been to an event at the Mayflower Hotel in Washington, the conference rooms are along a wide hall that allows good people flow and adequate room for the sponsors and others to set up, meet attendees and discuss their products and services. I view the sponsors and vendors as a part of the compliance solution going forward and while they are clearly there to sell; they also engage in a fair amount of education. But the education runs both ways with many compliance practitioners communicating needs they have which can be incorporated into new product developments.

Unfortunately Compliance Week 2015 had to come to an end. But the feeling, information and new friends I met will last with me until Compliance Week 2016 next year. I hope you will plan to join me.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2015

DPAs and NPAs – Powerful Tools in the Fight Against Corruption

As readers of this blog know the FCPA Professor and I usually look at the same Foreign Corrupt Practices Act (FCPA) enforcement action, item or remark and see different things. Sometimes we even hear the same thing and come away with different interpretations. Last week, we experienced yet another instance of the former where we both looked at the same article, that being one in Global Investigations Review entitled “Caldwell: settlement a “more powerful tool” than convictions” by Rahul Rose, yet came away with different interpretations. After some to-ing and fro-ing, we decided that we would both post our interpretations on the same day. So with a nod to Dan Fogelberg and Tim Weisberg, today we have the first twin posts from different bloggers dual- blog posts. Since we agreed to write our respective posts without seeing the other’s post and hence could not comment on each other’s post, I urge that after you finish reading my blog today, you click on over to the FCPA Professor’s site and see what his thoughts on Caldwell’s remarks might be.

The specific remarks we want to focus on were apparently made by during the Q&A session of Assistant Attorney General Leslie R. Caldwell who spoke at the Launch of the Organization for Economic Co-operation and Development Foreign Bribery Report, note these remarks were not found in the printed remarks of the speech on the Department of Justice (DOJ) website. In her Q&A, Rose reported the following, “Caldwell told the audience in Paris: “Companies cannot be sent to jail, so all a court can do is say you will pay ‘x’. We can say: ‘you will also have a monitor and will do all sorts of other things for the next five years, and if you don’t do them for the next five years then you can still be prosecuted’.” [And for the money shot] “In the United States system at least it is a more powerful tool than actually going to trial,” she said.”

It turns out that I have been thinking along these lines as well. The debate over the usefulness of Deferred Prosecution Agreement (DPAs) and Non-Prosecution Agreements (NPAs) has been long attended. Yet there are a couple of key reasons that DPAs and NPAs are such powerful tools in the fight against anti-corruption and anti-bribery which I do not believe have been fully articulated or explored. The first is that by settling, the DOJ (and Securities and Exchange Commission [SEC]) will have the ability to monitor the company going forward. This process began under the practice of formally appointing a corporate monitor nominated by the company in the throes of the enforcement action and who would be agreed to by the DOJ. This practice is generally referred to as a company having mandatory monitor.

While this specific practice received a fair amount of criticism from a variety of sources, the basic concept was sound. That concept was that a neutral third party would review a company’s compliance with the terms and conditions of a DPA or NPA and report to the DOJ at intervals generally no shorter than annually. This would give the DOJ eyes and ears into a company to oversee its adherence to the terms of the settlement. But what information did Caldwell convey in her statement as to why she thinks settlements are such a powerful tool? I read three pieces of information her statement about why FCPA settlements are such powerful tools.

‘Do All Sorts of Other Things’

Under this prong a settling defendant is required to do “all sorts of other things.” We know from the DPAs and NPAs relating to FCPA enforcement over the past several years, the minimum that a company will be required to institute is a best practices anti-corruption compliance program. While the FCPA Guidance specifies ten hallmarks of an effective compliance program, the DPAs and NPAs have had between 9 to 16 items listed in the best practices anti-corruption compliance programs that settling companies’ have agreed to institute. If the DOJ went to trial and secured a conviction the company would not have to put such a compliance program in place but only pay a fine or some other monetary penalty. Further, by requiring such a best practices anti-corruption compliance program in such a public manner, through a publicly filed DPA or NPA, the DOJ can communicate its current thinking on what it believes constitutes such a program. This provides valuable information to the compliance practitioner going forward and I believe completely disabuses the argument that companies cannot know what their obligations might be to comply with the FCPA or that companies do not know what the DOJ expects from them in the area of a FCPA compliance regime.

‘You will also have a monitor’

David E. Matyas and Lynn Shapiro Snyder
from the law firm of Epstein Becker & Green P.C., described the duties of a corporate monitor in their article entitled, “Monitoring the Monitor? The Need for Further Guidance Governing Corporate Monitors Under Pre-Trial Diversion Agreements”. The monitor would meet with “the company’s board and employees. A monitor then develops a work plan which defines the scope, access, and power the monitor will have over the company. The monitor’s work involves frequent visits to the company (including possible on-site accommodations) and broad access to company documents and meetings. The monitor should be knowledgeable about the regulatory aspects of the company’s operations, but that is not necessarily a criterion for selection of the monitor. Indeed, a monitor can hire others to assist in his or her responsibilities at the company’s expense. The monitor files periodic reports with the U.S. Attorney’s Office and makes visits with that office as well as with the company. At the conclusion of a monitor’s term – often 24-36 months – the monitor files a final report that details the activities accomplished and whether the company complied with all the terms of the agreement.”

So the monitor provides the DOJ with continued insight into what the company is doing to satisfy its settlement obligations around the implementation of its compliance program. If the DOJ has high confidence that the company has and will continue to put significant resources and efforts into its compliance program, it may agree to a voluntary monitor, as we have seen with the Parker Drilling and Hewlett-Packard (HP) DPAs. If the DOJ does not have such confidence, it may require a monitor for the length of the DPA, such as we saw in the Total DPA, which was three years. The DOJ may also take an interim position on the mandatory or voluntary nature of the monitor by allowing a company to end a mandatory monitorship half-way through the pendency of a DPA as it did with the Weatherford DPA, which allowed the mandatory monitorship to end at the 18 month mark of a three year DPA, if certain criteria were met.

‘You can still be prosecuted’ 

This final point is not to be underestimated. Once again if a company is found guilty at trial, a fine and/or penalty will be assessed and payment is the end of it. While it still may be under enhanced scrutiny, it will not have the affirmative obligation to report any FCPA violations going forward, nor will it bear potential liability and prosecution for failure to implement the terms and conditions of the DPA or NPA. Indeed, the company will agree to be prosecuted if there is another violation or it fails to implement as agreed to.

So by using DPAs and NPAs as settlement tools, I believe that the DOJ is able to impact on an ongoing basis, for two to three years, the compliance program of a settling company. This continued oversight usually translates into greater enthusiasm by a settling company to get compliance right so that it does not have to go through the full FCPA investigation and enforcement process. Of course there will always be recalcitrant companies such as Marubeni Corporation, which do not take the agreed to compliance obligations seriously going forward. When they get into trouble as recidivists, the second penalty is usually much higher. But there is also benefit to the compliance practitioner and greater compliance community because the DOJ communicates its expectations in these DPAs and NPAs. So they also work as powerful communication tools. Finally, by requiring a third party to act as the monitor, whether voluntary or mandatory, the DOJ can get some independent insight into what a company is doing compliance-wise.

Not knowing what the Professor has said, I have not tried to anticipate his arguments or rebut them directly. Nonetheless, I have tried to articulate why I agree with Ms. Caldwell’s remarks and why I continue to find the DOJ’s use of DPAs and NPAs as settlement tools a powerful weapon in the fight against bribery and corruption. I also hope that you will find favor with this exercise that the FCPA Professor and I have engaged in because we both believe that ongoing debate over FCPA enforcement is worthwhile for the compliance practitioner and necessary for the long-term success of compliance moving forward.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

Critiquing FCPA Enforcement and the GSK Domestic Corruption Conviction

Recently the FCPA Professor posted a blog, entitled “Look in the Mirror Moments”, in which he used written commentary by the US Secretary of the Treasury to the Chinese government about the Chinese governments anti-trust investigations as a mechanism to explore critiques of Foreign Corrupt Practices Act (FCPA) enforcement. In this post, he compared certain aspects of FCPA enforcement to the Chinese corruption enforcement action against GlaxoSmithKline PLC (GSK). Leaving aside the differences in anti-trust enforcement (price-fixing, monopolistic behavior and illegal collusion) and anti-corruption enforcement (bribery), I wanted to review his critiques through the prism of the known facts of the GSK enforcement action.

The FCPA Professor had the following comments about FCPA enforcement, in comparison with the Chinese corruption enforcement action against GSK. He said,

“Without in any way trying to comprehensively compare the overall U.S. legal system to the overall Chinese legal system, the following attributes of FCPA enforcement must at least be acknowledged. 

The vast majority of corporate FCPA enforcement actions lack transparency and the resolution documents (whether a non-prosecution agreement, deferred prosecution agreement or civil administrative order) are the result of an opaque process ultimately controlled by the same office prosecuting or bringing the action. 

As to the swiftness of FCPA enforcement actions, one can only assume that the majority of general counsels and board of directors of companies under FCPA scrutiny would be jumping for joy if the scrutiny – from start to finish – would resolve itself in 15 months rather than the typical 3-5 years (and in some instances more) of FCPA scrutiny lingering.”

The difficulty I have with both of these points is that one cannot separate the Chinese enforcement action against GSK from the Chinese legal system that produced it. Let’s start with the ‘jumping for joy’ prong. The initial difference to note is that the Chinese enforcement action was a domestic prosecution based upon Chinese domestic law for bribery and corruption of Chinese. It was not a US (or UK) company violating US (or UK) laws. This means that the relevant documents and witness were in the locality where the investigation was performed. Even when a key witness, GSK China Country Manager Mark Reilly was in the UK, he voluntarily returned to China to give evidence but was prevented from leaving the country without being charged with a crime. So as far as is known, there were no government-to-government requests for information, no Letters Rogatory or use of any other international discovery mechanism to obtain evidence.

Moreover, the procedural protections in place under US (and UK) criminal procedure simply do not exist in China. There is no right to counsel, no right against self-incrimination, no right to confront witness and not even a right to know what the charges against you might be. These lack of rights were certainly borne out in the speed in which the Chinese investigative authorities were able to obtain evidence and public confessions from GSK principals involved in the bribery and corruption. The first 30-day timeline of the GSK investigation went as follows:

• June 28, 2013 – Local Police announced they have place GSK officials under investigation for economic crimes.
• July 11, 2013 – Public Security Ministry issued statement accusing GSK of bribery.
• July 15 , 2013 – Four senior company execs ‘detained’. Finance chief barred from leaving country.
• July 16, 2013 – GSK General Counsel (GC) placed under ‘house arrest’ along with 30 other employees. One of the four GSK China executives who were detained, admited to bribery allegations on Chinese state television.
• July 22, 2013 – GSK formally apologized for breaking Chinese law regarding domestic bribery and corruption.
• July 26, 2013 – Peter Humphrey, a UK citizen and his wife, a naturalized US citizen, both hired by GSK in an ancillary matter related to the GSK corruption scandal were arrested but not told of the charges against them.

A little over one year later, in July, 2014 the trial of Humphrey and his wife was announced. Orignially it was to be held in secret with both Humphrey and his wife still not told of the formal charges against them. However after diplomatic protests by both the US and UK governments, Humphrey and his wife were both convicted and sentenced in an open trial, albeit lasting only one day, on August 8, 2014. The charges against them were announced at trial. Thereafter, GSK pled guilty in a secret one-day trial GSK was fined approximately $491MM and China Country Manager Mark Reilly and four other GSK China business unit executives were found gulity. They were all sentenced to jail but given suspended sentences.

How did the Chinese government develop its evidence so quickly? One of the defendant’s, admitted, on state run televison, his involvement in the bribery scheme only 18 days after the investigation was announced by Chinese authorities. Indeed, GSK itself made a public apology only 24 days after the announcement by the Chinese authorities it was under investigation. We now know that GSK was informed by a whistleblower of allegations of bribery and corruption as early as January 2013 yet in June GSK announced it had not found anything to substantiate these allegations.

I believe the answer is found in the differences in the Chinese and US legal systems. It all starts with the following: in China you are presumed guilty while in the US (and the UK), you are presumed innocent until proven guilty. In an article in the New York Times (NYT), entitled “Presumed Guilty in China’s War on Corruption”, Andrew Jacobs and Chris Buckley wrote that the “war on corruption often operates beyond the law in a secret realm of party-run agencies”. The process “Known as Shuanggui, it is a secretive, extralegal process that leaves detainees cutoff from lawyers, associates and relatives.” Moreover, even as a case moves through the Chinese criminal justice system, defendants’ counsel “have limited access to evidence, witnesses, and their clients.” It does not get any better when a defendant actually goes to court because “Lawyers say Chinese courts rarely allow them to call defense witnesses, while prosecutors frequently withhold cruical evidence.” Finally, of the 8,110 officials charged with corruption “in the first half of this year, 99.8 percent were convicted”. To this rather amazing trial court conviction rate, I would add the the prosecution does even better on appeal, never losing to a convicted defendant.

Does that sound like a system in which you would jump for joy if you were caught up in, even knowing that the time from announcment of investigation until 99.8% chance of conviction awaited you? Even if the government investigation only took 14 months? In the US, corporations have the same rights as individuals at trial; to cross-examine witness, to be made aware of the charges against it, those charges must be brought with specficity, right to counsel, right to an open trial and right to appeal. These rights are all enshrined in the US Constitution. Those rights are not present for individuals or corporations under Chinese law or jurisprudence.

But the FCPA Professor also critiqued the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) in FCPA enforcements with the following observation: The vast majority of corporate FCPA enforcement actions lack transparency and the resolution documents (whether a non-prosecution agreement, deferred prosecution agreement or civil administrative order) are the result of an opaque process ultimately controlled by the same office prosecuting or bringing the action.When a company enters into negotiation with the DOJ and SEC it is with legal counsel in tow. Even if we in the general public are not privy to these negotiations over the terms and conditions of enforcement actions I am confident that there is some give and take. Further, while I only have personal knowledge of one negotiation for the specific terms of a Deferred Prosecution Agreement (DPA), the lawyer representing the company made clear it was a negotiation. It was not a Diktat with sentencing simply pronounced by the DOJ. Does the office which handles the investigation also handle the settlement negotiation? Yes but that is what prosecutors do each and every day in every city, county, town, hamlet, state and federal jurisdiction in this country.

Just as it takes two to tango, it takes two to negotiate. The DOJ does not negotiate with itself. Another party is sitting across the table and that other party is the company involved in the FCPA investigation. Why is that company there in the room negotiating? Because the company has assessed its interest and determined that it would be better off settling than going to trial. This is in the face of DOJ failures in the trial court in the Gun Sting cases, the O’Shea trial and the trial court overturning the verdict in the Lindsey Manufacturing conviction. Simply because there is a negotiation between the DOJ and a private party does not make it some nefarious process, even if the prosecutors hold the upper hand.

As far as the fines and penalites, there has been nothing to suggest the basis of the $491MM fine assessed against GSK. That amount is a bit less than the amounts initially reported that GSK China paid out as bribes, somewhere over $500MM. At least in the US, there are the Sentence Guidelines which form some basis of the calculation. Of course there is always some prosecutorial discretion to lessen a fine or penalty below the suggested amount. We have seen that occur this year with the HP enforcement action and recently Asst. Attorney General Leslie Caldwell suggested that Alcoa could have been fined over $1bn for its conduct, while the actual fine was $384MM. It is appropriate for prosecutors to have such discretion.

While the DOJ is also critiqued that DPAs (and Non-Prosecution Agreement [NPAs]) are essentially the same as going to trial with a near 100% success rate, I think this belies the number of declinations that the DOJs gives out. Unfortunately (and here the FCPA Professor and I do agree); there is not enough information given out about declinations; either regarding the raw numbers or the specific reasons for a declination. Only if a company agrees or is required to make such information public does it become known. Nevertheless, there is the recent example of Layne Christensen, which received a declination. In an article in Compliance Week, entitled “How Two Companies Got Regulators to Drop FCPA Charges”, Jaclyn Jaeger reported on the reasons the company sustained this result of receiving a declination through interviews with Christensen GC, Steve Crooke, its Chief Compliance Officer (CCO), Jennafer Watson and its outside counsel Russ Berland. Jaeger detailed the specific steps the company took and we can all see the effect it had upon the DOJ, through the declination to prosecute the company.

The debate about the costs of FCPA enforcement actions, the proper role of DPAs/NPAs and length of time of investigations is a healthy one and living in the open society that we have in the US, one that we will continue to have. Since I am not a prosecutor (or ex-prosecutor), I cannot look in the mirror at FCPA enforcement but I can review the facts of the DOJ and SEC’s FCPA enforcement, contrasted with the Chinese domestic bribery and corruption proseuction of GSK and believe that there is no basis for comparing the two systems, as they are so different in too many fundamental aspects.

I can however say one thing with absolute certainly; wherever you do want to be, a Chinese jail is not high on the list.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

Tommy Lewis, Dicky Maegle and the DOJ Call for Individual Prosecutions

Tommy Lewis died this week. For those of you uninitiated in college football, Lewis was an Alabama football player who jumped up off the Alabama bench to tackle Rice University halfback Dicky Maegle, who was scampering untouched down the sideline for a touchdown in the 1954 Cotton Bowl. Lewis’ off the bench tackle led to a flag and the referees’ awarding Maegle a 95-yard touchdown on the play. Why did Lewis do it? As reported in his obituary in the Houston Chronicle, Lewis always maintained he was “too full of Alabama”. Maegle, perhaps more charitably, said, “He was a good guy who got caught up in the moment and the excitement.”

I thought about Maegle and Lewis when I was re-reading and considering the recent remarks of Assistant Attorney General for the Criminal Division Leslie R. Caldwell at the recent Ethics and Compliance Officers Association (ECOA) Conference. As Mike Volkov said in his post on Tuesday, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) communicate quite clearly what their enforcement priorities are; one does not have to read tea leaves, it is out there in black and white for all to see and hear. Caldwell’s remarks would seem to follow this observation of Volkov.

Caldwell made clear that the DOJ will prosecute individuals for violations of the Foreign Corrupt Practices Act (FCPA). In her remarks she said, “When criminal misconduct is discovered, a critical factor in the department’s prosecutorial decision making is the extent and nature of the company’s cooperation. The department’s Principles of Federal Prosecution of Business Organizations provides that prosecutors should consider “the corporation’s timely and voluntary disclosure of wrongdoing and its willingness to cooperate in the investigation of its agents.””

Recognizing that “Corporations do not act, but for the actions of individuals” Caldwell then laid down some quite strong prescriptions which compliance practitioners need to be cognizant about. Caldwell stated, “Now let me flesh out the often discussed, but sometimes poorly understood, concept of cooperation. Most companies now understand the benefits of voluntarily disclosing the misconduct before we come asking, and the benefits of conducting an internal investigation and providing facts about the misconduct to the government. But companies all too often tout what they view as strong cooperation, while ignoring that prosecutors specifically consider “the company’s willingness to cooperate in the investigation of its agents.””

She went on to add, “In all but a few cases, an individual or group of individuals is responsible for the corporation’s criminal conduct. The prosecution of culpable individuals – including corporate executives – for their criminal wrongdoing continues to be a high priority for the department. For a company to receive full cooperation credit following a self-report, it must root out the misconduct and identify the individuals responsible, even if they are senior executives.”

Fortunately the DOJ is not asking for undercover corporate sting operations because, as Caldwell explained, “We are not asking that you become surrogate FBI agents or prosecutors, or that you use law enforcement tactics like body wires.  And we do not need to hear you say that executive A violated a particular criminal law. All we are saying is that we expect you to provide us with facts. We will take it from there. But a company that interviews its employees in an effort to whitewash the facts or spread the company’s narrative spin risks receiving any cooperation credit.”

This is about as clear a warning as you can expect to receive. But the difficulty it puts company’s in is in regard to their internal investigations. Last week Joel Schectman, writing in the Wall Street Journal (WSJ) article entitled, “Are Internal Bribery Probes Private?”, explored the issue of whether such investigations are privileged, in the context of a current individual FCPA prosecution. In the matter of Joseph Sigelman, the former Chief Executive Officer (CEO) PetroTiger Ltd. Co., Schectman reported that “Prosecutors say the payments of approximately $333,500 to the wife for “consulting services” was actually a bribe to her husband to win a contract for PetroTiger worth around $39.6 million.”

Some or all of the underlying facts were turned over to the DOJ by PetroTiger’s internal investigation. The Defendant Sigelman wants to obtain copies of whatever PetroTiger turned over to the DOJ, arguing that the company waived any claim of attorney/client privilege “when it divulged the investigation’s findings to third parties, including officials of the United States.” The company has refused to hand over its internal investigation to the defendant based on this claim of attorney/client privilege.

What happens if a company, or its law firm gets the investigation wrong and falsely accuses an individual? Should the company be protected? That is the issue currently before the Texas Supreme Court in a libel case styled, Shell v. Writt. It involves our old friend Panalpina Inc. and its customer Royal Dutch Shell. David Smyth, in a post entitled “Texas Court of Appeals Has Put Some FCPA Internal Investigations in an Awkward Spot”, said the DOJ contacted Shell about its dealings with Panalpina. Sometime later, “Shell agreed to conduct an internal investigation into its dealings with Panalpina.” Smyth noted that, “Shell submitted an investigative report that pointed the finger at Writt.  Specifically, Shell said Writt had been involved in illegal conduct in a Shell Nigerian project by recommending that Shell reimburse contractor payments he knew to be bribes and failing to report illegal contractor conduct he was aware of.”

Writt sued Shell for libel and Shell defeated Writt at the trial court on the basis that it had an “absolute privilege to say what it did in its investigative report to the DOJ.”

However, a Texas Court of Appeals reversed the trial court ruling holding that absolute privilege does not apply where a party voluntarily turns over information to a prosecutor before a judicial proceeding is initiated or contemplated. As Smyth explained, “In the court’s view, DOJ was acting purely in a prosecutorial and non-judicial capacity.” Shell has appealed this matter to the Texas Supreme Court, which has accepted the case for review.

There are several difficult issues from the facts of this case. Smyth points to one when he ended his piece, “FCPA investigations these days are a different animal, and probably deserving of different treatment by the courts. As of now, a company conducting an internal FCPA investigation in Texas has to ask, what do we do if one of an investigation reveals one of our employees as a bad actor? Do we say as much in the report we turn over to the government, as the government surely expects? If we do, are we signing on for libel litigation by the employee?” But now Caldwell has made clear that the DOJ expects companies to “identify the individuals responsible, even if they are senior executives”. If you are one of the individuals so identified, are you entitled to know what the accusations against you might be? What if the company’s lawyers got it wrong? Should they have a duty?

Moreover, there are a plethora of procedural protections available to criminal defendants not available to civil defendants or even those who are the subject of internal corporate investigations. Should a Miranda warning now be given during internal corporate investigations? Is the right to remain silent and not self-incriminate oneself available in such an investigation? In paper entitled “Navigating Potential Pitfalls in Conducting Internal Investigations: Upjohn Warnings, “Corporate Miranda,” and Beyond” Craig Margolis and Lindsey Vaala, of the law firm Vinson & Elkins LLP, explored the pitfalls faced by counsel, both in-house and outside investigative, and corporations when an employee admits to wrong doing during an internal investigation, where such conduct is reported to the US Government and the employee is thereafter prosecuted criminally under a law such as the FCPA.

Employees who are subject to being interviewed or otherwise required to cooperate in an internal investigation may find themselves on the sharp horns of a dilemma requiring either (1) cooperating with the internal investigation or (2) losing their jobs for failure to cooperate by providing documents, testimony or other evidence. Many US businesses mandate full employee cooperation with internal investigations or those handled by outside counsel on behalf of a corporation. These requirements can exert a coercive force, “often inducing employees to act contrary to their personal legal interests in favor of candidly disclosing wrongdoing to corporate counsel.”  Moreover, such a corporate policy may permit a company to claim to the US government a spirit of cooperation in the hopes of avoiding prosecution in “addition to increasing the chances of learning meaningful information.”

Where the US Government compels such testimony, through the mechanism of inducing a corporation to coerce its employees into cooperating with an internal investigation, by threatening job loss or other economic penalty, the in-house counsel’s actions may raise Fifth Amendment due process and voluntariness concerns because the underlying compulsion was brought on by a state actor, namely the US Government. Margolis and Vaala note that by utilizing corporate counsel and pressuring corporations to cooperate, the US Government is sometimes able to achieve indirectly what it would not be able to achieve on its own – inducing employees to waive their Fifth Amendment right against self-incrimination and minimizing the effectiveness of defense counsel’s assistance.

All of the above would seem to make clear the need for company’s to get their internal investigations done right. If you are going to receive credit from the DOJ going forward, your investigations must be done thoroughly, in a timely manner and provide to the DOJ the information that Caldwell has laid out that they want. At least currently in Texas, a company has to get it right or risk being sued if they mis-identify a potential criminal actor.

Tommy Lewis and Dicky Maegle? Lewis made a mistake, probably carried away in the heat of the moment. What did Maegle have to say about him on the occasion of his death? “He was very remorseful, and I thought he was sincere. I liked him. We became friends.” Let’s hope your employees still like your company at the end of an internal investigation.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

 

 

Ringo, Sir Paul and an Effective Compliance Program

Sometimes the universe converges in ways that are beyond my simple comprehension. This past weekend was one of them. It began a few months ago when I saw an advertisement from StubHub that showed Ringo Starr playing in Houston on October 10 and Sir Paul McCartney playing in New Orleans on October 11. I figured if the two surviving members of the greatest rock and roll band in the history of the world were going to play on two consecutive nights it was a sure sign from the Oracle of Rock ‘N Roll that I was intended to attend both, lest I tempt a fate worse than going against an entity nearly as powerful as the Oracle of Delphi. Moreover, the Friday concert coincided with the birthday of my little sister who happened to be in town and one of the planets biggest Beatles fans, it made the convergence complete. 

I also learned two completely new and unrelated facts this weekend. The first is that a native of Liverpool, England, is called a ‘Scouser’. That comes from my Liverpudlian friend Pam, who also introduced me to the Liverpool Football Club. The second is that my wife is a closet Mr. Mister uber fan, who rocked out as a teenager to this group in the early days of MTV. On reflection that is perhaps the more odder convergence.

While there is clearly a reason Ringo Starr tours with true musical all-stars and Sir Paul McCartney has been raised to the peerage for his musical prowess, in many ways the Ringo Starr concert was the bigger revelation. I had wondered how Ringo would fill out an entire concert. He did it by surrounding himself with musicians fabulous in their own right. They included: Steve Lukather, former lead singer from Toto on vocals, lead and rhythm guitar; Gregg Rolie, former keyboardist from Santana and Journey on vocals, organ, keyboards; Richard Page, former lead singer from Mr. Mister, on vocals and bass guitar; and finally, best and certainly not least, Todd Rundgren on vocals, lead and rhythm guitar, bass guitar, percussion, harmonica and, occasionally, even keyboards.

So in addition to Ringo singing his standards of Photograph, It Don’t Come Easy, Yellow Submarine and (of course) With a Little Help From My Friends. We also got to hear songs first released by Santana, Toto, Mr. Mister and some great Todd Rundgren hits. The group clearly loved playing and jamming with each other. Further, these other groups’ songs were great fun to hear and as they may never reform, I would not otherwise have the chance to hear them performed lived.

Sir Paul McCartney. You really do not have to say much more. His concert did not exceed my expectations because they were about as high as expectations could have been. He seriously rocked out for over three hours, playing everything from the earliest Beatles songs up to a ballad for his latest wife. I cannot remember ever attending a concert where everyone one in attendance knew the words to every song but we all did and we all sung them all the way through the entire show.

What is the compliance angle to all of this? Just as there is more than one way to put on a great concert, there is more than one way to have an effective compliance program. This continual message from the Department of Justice (DOJ) came again earlier this month through remarks by Assistant Attorney General for the Criminal Division, Leslie R. Caldwell, at the 22nd Annual Ethics and Compliance Conference, where she made clear that while the FCPA Ten Hallmarks of an Effective Compliance Program is one set of guidelines for an effective compliance program, there is no “one-size fits all” compliance program. She laid out another way to think through, review and analyze your compliance program. 

1. High-level commitment. A company must ensure that its directors and senior management provide strong, explicit, and visible commitment to its corporate compliance policy. Stated differently, and again, “tone from the top.”

2. Written Policies. A company should have a clearly articulated and visible corporate compliance policy memorialized in a written compliance code. Again, employees need to know what to do–or not do–when faced with a tough judgment call involving business ethics. Companies need to make that as easy as possible for their employees.

3. Periodic Risk-Based Review. A company should periodically evaluate these compliance codes on the basis of a risk assessment addressing the individual circumstances of the company. Companies change over time through natural growth, mergers, and acquisitions.

4. Proper Oversight and Independence. A company should assign responsibility to senior executives for the implementation and oversight of the compliance program. Those executives should have the authority to report directly to independent monitoring bodies, including internal audit and the Board of Directors, and should have autonomy from management. Compliance programs needed to be funded; they need to have resources. And they need to have teeth and respect within the company.

5. Training and Guidance. A company should implement mechanisms designed to ensure that its compliance code is effectively communicated to all directors, officers, employees. This means repeated communication, frequent and effective training, and an ability to provide guidance when issues arise.

6. Internal Reporting. A company should have an effective system for confidential, internal reporting of compliance violations. I know that many companies have multiple mechanisms, which is good.

7. Investigation. A company should establish an effective process with sufficient resources for responding to, investigating, and documenting allegations of violations. What this means on the ground will depend on the company. A sophisticated multi-national corporation obviously will be expected to have more resources devoted to compliance than a small regional company.

8. Enforcement and Discipline. A company should implement mechanisms designed to enforce its compliance code, including appropriately incentivizing compliance and disciplining violations. Further, the response to a violation must be even-handed. People watch what people do much more carefully than what they say. When it comes to compliance, you must both say and do.

9. Third-Party Relationships. A company should institute compliance requirements pertaining to the oversight of all agents and business partners. This cannot be emphasized strongly enough.
10. Monitoring and Testing. A company should conduct periodic reviews and testing of its compliance code to improve its effectiveness in preventing and detecting violations. Kick the tires regularly. As I said, compliance programs must evolve with changes in the law, business practices, technology and culture.

Caldwell also emphasized that as important as the compliance program itself; the implementation is also reviewed and evaluated by the DOJ. When the DOJ investigates a case, they look at the messages about compliance that are given to employees; they look at what employees are told in their day-to-day work. This means the DOJ will look at emails, chats, and recorded phone calls. They will interview witnesses about the messages they received from their supervisors and management to determine if they received messages about compliance, or about making money at all costs.

Another consideration for the DOJ is incentives. The DOJ will examine the incentives that a company provides to encourage compliant behavior – or not. This means that if a company is actually encouraging compliance, if its values are to be ethical and within the law, this message must be conveyed to employees in a meaningful way. If not, it is likely that the DOJ will not view the compliance program as credible. Interestingly, Caldwell said that sometimes the effective implementation of a compliance program means standing apart from the other companies in your industry.

Just as Ringo and Sir Paul ably demonstrated, there is more than one way to put on a great concert. They both assessed their strengths and weaknesses and used that information to put great bands around them illustrated their strengths. The same is true in the world of Foreign Corrupt Practices Act (FCPA) compliance. The key is to review and assess your compliance risks and then manage them. And, as always, Document, Document, and Document whatever you do so that if a regulator comes knocking, you can demonstrate evidence of the above.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014