FCPA Compliance and Ethics Blog

August 14, 2013

Bad Things Come In Threes for CCOs

It is often said that bad things come in threes. I have often wondered where this phrase came from. So I checked out Wikipedia, no luck there. How about trying Google as the harbinger of all knowledge? Again no such luck there. Not even About.com could help. Of course there is the good old saying ‘3 strikes and you’re out’ but I suspect that was based on something which preceded it. Whatever the origin of this folkloric belief, all I can say is that over the past couple of weeks, Chief Compliance Officers (CCOs) have taken it on the chin three times and, once again, the job of the CCO just got quite a bit harder and more challenging.

I.                   Banned for Life

Submitted for your consideration is the first item of bad news for the CCOs out there. It is the decision released on August 2nd by the Securities and Exchange (SEC) Administrative Law Judge Carol Fox Foelak (no relation) In the Matter of Daniel Bogar, Bernerd Young and Jason Green. Young was the CCO for disgraced financier Allen Stanford’s companies. For those who may not remember, Allen Stanford who sold “so-called certificates of deposits” through his offshore bank in Antigua, Stanford International Bank Ltd. Unfortunately for all, it turned out that Stanford was running a massive Ponzi-scheme by paying off old investors with monies invested by new ones, to the tune of over $7bn. Stanford was convicted for his crimes.

Young was not charged or convicted with participating in the Ponzi-scheme. However, he was slapped with an administrative penalty for failing to note or follow up on red flags, which, had he investigated, may have uncovered the scheme earlier. These acts (or perhaps inactions) included providing materials to financial advisors, which had he inquired into would have led to a determination that they were false. There were instances where company whistleblowers and others brought information to Young, which if he had properly investigated, he would have determined that a Ponzi-scheme was in place. The Administrative Law Judge also cited the conduct of Allen Stanford himself as raising a red flag which the CCO should have investigated.

As to the penalties that Young received, how about the following: disgorgement of $591,992.46,  a penalty of $260,000 and is barred from “association with any broker, dealer, investment adviser, municipal securities dealer, municipal advisor, transfer agent, or nationally recognized statistical rating organization and IS PROHIBITED, permanently, from serving or acting as an employee, officer, director, member of an advisory board, investment adviser or depositor of, or principal underwriter for, a registered investment company or affiliated person of such investment adviser, depositor, or principal underwriter.” In other words, Young can never be a CCO again or work in this industry again.

Why is this decision so significant to CCOs? It is often said that bad facts make bad law. The facts surrounding Allen Stanford and his multi-billion Ponzi-scheme, short of Bernie Madoff, are about as bad as it gets. Maybe Young does deserve a severe spanking for his role in not asking questions. But the problem for CCOs is now there is a precedent for at least a civil proceeding to be filed by the SEC for failure to engage in sufficient due diligence, see red flags and perform proper investigations. This coupled with the size of the disgorgement, penalty and lifetime ban in working as a CCO or in the industry makes the CCO world quite a bit darker today.

II.                Is Your Code of Conduct Mere Puffery?

The second example is the Dismissal granted by the US District Court for the Northern District of California, in the shareholder derivative action, entitled “Cement & Concrete Workers District Council Pension Fund, et al., v. Hewlett Packard Company, et al.” This lawsuit was some of the continued fallout from the Mark Hurd era at Hewlett Packard (HP). As reported in an AmLaw Litigation Daily article, entitled “Morgan Lewis Beats HP Securities Suit over Hurd Conduct”, “in the fall of 2007, the company hired a marketing consultant named Jodie Fisher.” Fisher later “accused Hurd of sexual harassment. He resigned later that year. The harassment claims were never substantiated, but an internal investigation performed by Covington & Burling turned up evidence that Hurd used company resources to wine and dine Fisher and then tried to hide the relationship from HP’s board.” Hurd later admitted that he had a “very close personal relationship” with Fisher.

A shareholder action was brought by the plaintiff who claimed in part that “HP and Hurd made false and misleading statements when they (1) issued and updated HP’s Standards of Business Conduct Brochure (SBC) in 2006, May 2008 and June 2010”. In the Plaintiff’s Complaint they said that “These statements were misleading because in light of Hurd’s endorsement of these tenets, there was an implication that Hurd was in fact in compliance with them. In truth, Hurd was knowingly violating each of these tenets in his dealings related to Fisher, by (a) inappropriately using his position as CEO to attempt to pursue a romantic relationship with Fisher, (b) submitting expense reports that did not accurately reflect their meetings, and (c) knowingly allowing Fischer to receive compensation and/or expense reimbursement where there was not a legitimate business purpose.”

However the District Court made short shrift of the plaintiff’s claims. In its dismissal, the Court said, ““Generally speaking, the 2008 and 2010 SBCs, as well as other statements relating to HP’s ethical code of conduct, do not constitute actionable misrepresentations or omissions because they are not material. “‘[V]ague, generalized, and unspecific assertions’ of corporate optimism or statements of ‘mere puffing’ cannot state actionable material misstatements of fact under federal securities laws. Such statements include those that are not “‘capable of objective verification’” or “‘lack[ ] a standard against which a reasonable investor could expect them to be pegged.’” “When valuing corporations, . . . investors do not rely on vague statements of optimism like ‘good,’ ‘well-regarded,’ or other feel good monikers.” “Instead, “professional investors, and most amateur investors as well, know how to devalue the optimism of corporate executives.””

How about that to warm the heart of every CCO out there? For that matter how about the Department of Justice (DOJ) or SEC who said in their jointly released FCPA Guidance that “A company’s code of conduct is often the foundation upon which an effective compliance program is built. As DOJ has repeatedly noted in its charging documents, the most effective codes are clear, concise, and accessible to all employees and to those conducting business on the company’s behalf.” So all the talk that we preach about the importance of a Code of Conduct; at least one court has now said it is ‘mere puffing’. Do you think that the Chief Executive Officer (CEO) will want to spend a bunch of money for an aspirational, puffery statement? I hope so because the DOJ and SEC still say it is important. But if a corporation ever takes the DOJ to trial in a Foreign Corrupt Practices Act (FCPA) matter, there is at least one court who has said a Code of Conduct is not important.

III.             Try Getting Your Records Out of Germany Now

Our third, and final item, comes courtesy of Nicholas Elliott from the Wall Street Journal (WSJ) Risk and Compliance Journal, in an article entitled “The Morning Risk Report: Germany’s Forceful Privacy”. Elliott reports that it is “going to be more complicated to do business in Germany, the fifth largest trading partner of the U.S. Angered by news that the U.S. National Security Agency’s electronic surveillance efforts included Germans, that country’s data-protection body declared last month that most data transfers to the U.S. breach its laws. This stance affects not only data transfers for which companies seek approval but also those covered under safe-harbor provisions of European law”.

This may well severely constrict the ability of US companies to investigate, audit or even monitor their German operations or German citizens who are employees or third parties to the company. Not that German companies and citizens have always been 100% lean when it comes to bribery and corruption (See: Siemens-corp division and Ecclestone, Bernie-ind. division). But clearly the US government has seriously infuriated some of its major trading partners for its spying to try and enforce the FCPA and this will come back to bite many US companies in the behind if they cannot get data and information out of Germany and are faulted by the DOJ and SEC for their failure to do so.

I wrote about the data privacy issue back in June in light of Edward Snowden’s revelations about National Security Agency (NSA) spying and the attendant fallout. This issue is now in the forefront of EU-US trade negotiations. An article in the Financial Times (FT), entitled “Data scandal clouds trade talks”, Hannes Swoboda, leader of the socialist members of the European Parliament, was quoted as saying “With all the information that we’ve found out in the recent days about how easily the US spies on people’s private data I think it will be difficult for the Americans to oppose a strong data protection agreement.” The article notes that many of the rules proposed for EU data protection are opposed by US companies because “their business models would be damaged.”

Elliott ends his article with the following, “At the same time, European privacy rules will probably be tightened, with a proposal for fines levied on companies that share data without customers’ permission. The Wall Street Journal reported last week that such rules could create further legal uncertainty by conflicting with U.S. laws such as the Patriot Act and Foreign Intelligence Surveillance Act.” Amen.

These three strikes have the effect of the following: (1) denigrating an entire compliance regime of a company by declaring its foundational document ‘mere puffing’; (2) puts the CCO backside on the firing line for a civil or potentially criminal action if they do not uncover FCPA violations; and (3) making illegal the removal of certain data from Germany where not do so may well be a FCPA violation. Be afraid, be very afraid…

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

June 11, 2013

FCPA Enforcement as a Security Issue and Implications for the Compliance Practitioner

One of the things that has long puzzled me is what led to the significant rise in the enforcement of the Foreign Corrupt Practices Act (FCPA) beginning in the 2003-2004 time frame? One of the more consistent theories that I have heard proffered, by Dan Chapman, Dick Cassin, Alexandra Wrage and others is that after 9/11, the Bush administration viewed corruption as a security issue. I admit that I was not totally sold on this theory until last week when, the FCPA Blog, in an article entitled “NSA spying also linked to FCPA enforcement”, reported that the National Security Agency (NSA) has engaged in economic espionage for the benefit of the United States and perhaps others. The FCPA Blog quoted a story from the American Spectator, entitled “Rise of the Surveillance State”, by James Bovard. One of the items which Bovard discussed is the program monikered ‘Echelon’, which he described as “a spy satellite system run by the National Security Agency along with the United Kingdom, Australia, New Zealand, and Canada. Echelon reportedly scans millions of phone calls, e-mail messages, and faxes each hour, searching for key words.”

Apparently this program is also used for FCPA enforcement. Bovard wrote that “A February report by the European Union alleged that Echelon has been used for economic espionage. Former CIA Director James Woolsey told a German newspaper in early March that Echelon collects “economic intelligence.” One example Woolsey gave was espionage aimed at discovering when foreign companies are paying bribes to obtain contracts that might otherwise go to American companies. Woolsey elaborated on his views in a condescending March 17 Wall Street Journal oped, justifying Echelon spying on foreign companies because some foreigners do not obey the U.S. Foreign Corrupt Practices Act. To add insult to injury, Woolsey noted there’s no reason for U.S. companies to steal backward Europe’s secrets.” Isn’t that a comforting thought when the US claims the Chinese are stealing secrets through computer hacking.

But what are the implications for the compliance professional? For a more Orwellian prediction, John Batchelor, in an article entitled “ NSA Scandals: FCPA Compliance Game Changer?”, has this chilling predeiction, “Currently it takes months or years to develop a solid FCPA case and most of those end up with fines and some type of penalty. Could that change to a new way of enforcement where the government targets a company, identifies corruption, gathers evidence, and instead of going through the motions, simply calls them to schedule a meeting, slapping a fine and a series of actionable tasks for the company in question? It’s not happening now, but that is a question.” It would seem to do away completely with the concept of due process so I would discount this scenario as unlikely.

However, Batchelor does point out that such government oversight might well occur in countries which are known or perceived to be high risk for corruption. He says, “Under the FCPA we focus on anti-bribery, however, with our current emphasis on national security, I think there is a serious question to ask for any company that operates in high CPI areas where terrorist cells or money laundering outfits to terrorist cells operate.” From this premise, Batchelor poses several topical inquiries which you should consider now. They include: “How well do you know your agents? How well do you know their relationships? How well do you know the companies they are affiliated with? Are there red-flags that low-level DPL type screenings might not uncover?”

I believe that the revelations which came out last week will make the compliance professional’s job more difficult but that difficulty may well be due to the backlash against not only the massive collections of data that the US government is obtaining through its surveillance programs but also the arrogance shown in statements like former CIA Director Woolsey, in the statement quoted in the American Spectator article. I believe that there three general areas which will negatively affect US compliance professionals.

First, is in the area of data access. Edward Luce, in a Financial Times (FT) article entitled “Obama has hurt himself and business over privacy”, said that the “US is losing credibility in its goal of trying to stop the internet from balkanizing into separate national frameworks.” While Luce discussed this in terms of the US criticism of “the great firewall of China”; a US investor might think about the Securities and Exchange Commission’s (SEC’s) struggle to get China to agree to allow auditors to provide data to the US consistent with US securities laws, or laws which the SEC enforces, such as the books and records component of the FCPA.

Second, what about data privacy? I think that the acknowledgement of the US surveillance programs will lead other countries to toughen up their data privacy requirements. This means that the compliance professional will be faced with an even more bewildering set of data privacy requirements to deal with to accurately access a company’s compliance program. For the intelligence angle, Luce quoted Ira Hunt, the CIA’s chief technology officer for the following, “Since you can’t connect the dots you don’t have…we fundamentally try and collect everything and hang on to it forever.” However, we now know that this surveillance also was used for other law enforcement issues such as enforcement of the FCPA. While foreign governments cannot legislate privacy as to the data collected by the US government, they certainly can do so vis-à-vis US companies doing business in their jurisdictions or home-domiciled foreign companies which are subject to the FCPA through a US subsidiary.

Indeed this very issue is now in the forefront of EU-US trade negotiations. In another article in the FT, entitled “Data scandal clouds trade talks”, Hannes Swoboda, leader of the socialist members of the European Parliament was quoted as saying, “With all the information that we’ve found out in the recent days about how easily the US spies on people’s private data I think it will be difficult for the Americans to oppose a strong data protection agreement.” The article notes that many of the rules proposed for EU data protection are opposed by US companies because “their business models would be damaged.”

Lastly, what about jurisdiction and the FCPA? Currently if a banking transfer goes thought the US banking system, FCPA jurisdiction attaches. While it has not yet been tested, several commentators have spoken about information which might be saved on servers based in the US. So what if information appears on Google or through a Google-search or on Facebook? Now take the next step and ask, if there is data mining, which strikes pay dirt, could that create or even portend jurisdiction?

As an American, I understand the need for enhancing security protocols after 9/11. It is an irritation, but only that, similar to taking off my shoes to go through security, all courtesy of Richard Reid, ‘the Shoe Bomber’. Further, these US government surveillance programs, which have been ongoing though both a GOP and Democratic administration, were authorized by an overwhelming majority of both houses of the US Congress and has judicial oversight. But many outside the US may not see the same needs and protections that I see in place. Luce said in his article, “Washington’s reassurances are irrelevant to the 3.4bn non-Americans who are online…But foreigners might not be comforted to learn that their privacy is protected by a secret US court, which is overseen by a select group of US lawmakers who are themselves sworn to secrecy.”

I think that the job of the compliance practitioner just got a lot tougher.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

June 3, 2013

Competitive “(dis)advantage” and extraterritoriality of anti-bribery laws

Filed under: Best Practices,Bribery Act,compliance programs,EU,FCPA,OECD — tfoxlaw @ 1:01 am

Branislav HockEd. Note-I was recently interviewed by Branislav Hock, a Research Master in Law Tilburg University in  The Netherlands in connection with his graduate studies. After the interivew, I asked if he could write a blog post which discuss his research. The following is our first guest post from a University student in The Netherlands. 

Bribery, including its various forms such as political contributions or gift giving, is a widespread phenomenon when doing business abroad, including trade and foreign investment. The Anti – Bribery Convention (the Convention) of the Organisation for Economic Cooperation and Development (OECD) seeks to address these concerns by obliging its signatory states to prohibit firms from bribing foreign government officials in order to obtain or retain business.[i] However, in many emerging countries, bribery of foreign public officials is under-regulated and often even not criminalized at all. In this context, it has been argued that firms from such emerging countries therefore enjoy an advantage over firms from OECD Convention signatories, as they are free to bribe without bearing any liability (so-called ‘free-rider’ problem). This argument is also supported by the results of several macro-economic studies. However, this article argues that in the light of new dynamics of a global anti-bribery enforcement regime, economic assumptions pointing to the problem of competitive disadvantage are disputable because its effects are different.
Are OECD Firms “Leaving” Emerging Markets Because of Anti-Bribery Laws?

Despite the relatively long existence of the Convention, its enforcement was sporadic. However, after 2006 the United States has increased the enforcement enormously. The U.S. Department of Justice and the U.S. Securities and Exchange Commission conducted in average 2.4 enforcement actions per year between the years 1998 – 2006. It increased to average 12.6 enforcement actions between the years 2007 – 2012. The U.S. authorities imposed in penalties $87 million in 2007 while in 2010 already $1.8 billion.[ii] In this context, the business community and some academics argue that current enforcement is too aggressive and that it undermines value maximizing investments of OECD firms in highly corrupted markets.[iii] Indeed, this argument might seem really strong because it is also supported by empirical evidence.

Economic studies at the macro-level points towards the relationship between the level of corruption and the inflow of foreign direct investments (FDIs). One notable study found out that inflow of FDIs and the level of corruption are in a negative relation when the investors are OECD firms. Conversely, non-OECD firms invest relatively more in markets with high level of corruption.[iv]  In other words, according to these studies the aggressive enforcement of OECD-based anti-bribery laws pushes “good” firms to leave “corrupted” emerging markets. In this context, some legal scholars even argue that the effect of anti-bribery enforcement (in particular enforcement of the U.S. Foreign Corrupt Practices Act – FCPA) might be understood as an imposition of unintended economic sanctions against emerging markets.[v]

Competitive (Dis)advantage?

If we look at the global business arena from a wider perspective, the problem of under-regulation of transnational bribery is not special. Increasing importance of corporate social responsibility and stress on ethical business practices make it that soft-law responsibilities are continuously being transformed into hard-law obligations. This transformation of “good business practices” into legal institutions is just a natural sign of social dynamics which is common in many legal areas such as human rights or environmental law. These processes by their nature also influence the way the business in a global arena is done. It is as common as the voice of the business community which is repeatedly complaining on unfair rules of the game when the playing field is levelled by imposition of new legal obligations.[vi]

Moreover, understanding law and legal rules in the way that they have definite purpose or that they lead to definite consequence might be naïve. This view does not take into consideration the dynamic nature of the global business and constructive role of businesses themselves. There are at least two contra-arguments which need to be presented in order to put the above mentioned claim, that emerging countries enjoy an advantage over firms from OECD Convention signatories because of OECD-based anti-bribery laws, under question.

Firstly, national enforcement authorities from OECD Convention signatories have interpreted the Convention so as to endow them broad extraterritorial jurisdiction.[vii] Jurisdiction will be asserted over free-rider firms on the basis that such firms, for example, have assets in the OECD Convention signatory country or are even partially owned by nationals from that signatory. For instance, U.S. authorities have used such arguments to claim jurisdiction to investigate and eventually punish foreign firms for their operations outside the United States.[viii] I believe that broad extraterritorial enforcement of OECD-based anti-bribery laws which was started by the U.S. motivated also other countries to be active. Increasingly, across the globe, many of the countries such as Russia or China have now passed their own laws. Moreover, it seems that they have even ability and desire to enforce them actively as was proclaimed – at least I have noticed that – during the Anti-Corruption Conference for G20 Governments and Business (organized by the Russian Presidency).[ix] Therefore, it is becoming much more difficult to escape from the widening reach of the anti-bribery net and “use” legal gaps for the free riding.

Secondly, relation between law and business competition in the global market cannot be seen as a static concept; it is always moving. Firms are constantly trying to beat their competitors, therefore businesses always respond to the upcoming competitive discourse by finding the way how to transform it into a business advantage; law seems to be a great material for such a transformation. In this context, Thomas Fox, in the interview for my research project, had the following observation:  “…obviously the FCPA applies to American companies no question, but if the Chinese company wants to do business with the American company they need to comply with the FCPA because American company is responsible at the end of the day and it’s really a business solution to the political or social problem of corruption so it is becoming more and more common that any company outside the U.S. who wants to do business with U.S. company might have some type of compliance program at place to satisfy U.S. authorities.”

In other words, functioning of OECD-based anti-bribery laws goes beyond the limits of traditional legal boundaries. It can be seen that the positive effect of extraterritoriality helps significantly to mitigate the free-rider problem arising from under-regulation of transnational bribery.[x] This is because in the context of economic and business globalisation, OECD-based anti-bribery laws are directly applicable to a widening range of foreign firms.[xi] Moreover, existing regulatory gaps are often filled by private contractual arrangements (indirect application) as any foreign firm which wants to do business with OECD firms is forced by its OECD business partners not to bribe. This new enforcement dynamics of anti-bribery laws has so far not been the subject of consistent empirical research. I believe that development of such kind of conceptual model could serve as an interesting ground for an empirical test of positive extraterritorial effects of OECD-based anti-bribery laws. It would help to better understand what extraterritoriality is and what should be its role in the global anti-bribery enforcement regime. Moreover, it would contribute to better compliance with the Convention as it will decrease the uncertainty currently connected with enforcement and application of anti-bribery laws.

Towards New Difficulties?

It has been said that extraterritoriality of OECD-based anti-bribery laws helps to mitigate the free-rider problem. However, it is not an aim of this article to claim that the new dynamics of the global enforcement regime does not cause any potential problems. It might also generate negative effects related to protectionism due to the lack of enforcement coordination between anti-bribery authorities. In this context, Thomas Fox in our interview expressed one of the problems as follows: “What the companies are struggling with now is if you have a U.S. investigation and enforcement action, then years later you have a German one and years after that you have one in West-Africa. They do not have certainty when it is going to end. Just for your consideration it should mentioned that as the Convention has no enforcement mechanism the enforcement authority of country A could tend to exploit its extraterritorial jurisdiction in order to target mostly foreign bribery arising from firms from other countries (say B, C or D), thereby putting firms from country A at a competitive advantage. In return, the enforcement authorities from B, C or D can then either try to coordinate with those of A or enter into a retaliatory pattern of enforcement against firms from A. It could lead then to serious enforcement defects which could cause ineffectiveness of the whole OECD anti-bribery enforcement mechanism. However, it would be within the scope of this contribution to elaborate on this issue in more depth.

To Conclude…

Based on the arguments stated above, I see the problem of the large “anti-bribery gaps” in emerging markets as a classical element of “global transformation of competitive advantage”. The levelled playing field always create an opportunity for businesses to better react on new circumstances than their competitors. It is actually what “smart competitors” are looking for. The voices claiming that the aggressive enforcement of OECD-based anti-bribery laws pushes “good” firms to leave “corrupted” emerging markets are based on economic assumptions which are used to answer a legal question. However, these economic assumptions are doubtful because the effects are and must be (at least in a long term) different. Hence, accepting a general concept that OECD firms can’t effectively compete in emerging markets if they don´t bribe and do business fairly might seem to be overstated.

Branislav Hock obtained his LL.M. in Law and Jurisprudence at Charles University in Prague, Czech Republic. Currently, he is a Research Master student in Law at Tilburg University, in The Netherlands, where he prepared his PhD proposal “Extraterritorial Effects of OECD-based Anti-Bribery Laws in Theory and Practice: from Free-Riders to Protectionism? He is also an editor of the Tilburg Law Review.  He can be reached via email, b.hock@tilburguniversity.edu. He would welcome any comments or questions about this article.

[i] See Article 1 of the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions (came into force on 15 February 1999 and as of May 1, 2013, has been adopted by 40 countries). The Convention focuses only on the supply side of bribery.

[ii] See Choi, S. J. and Davis, K. E. (2012). Foreign Affairs and Enforcement of the Foreign Corrupt Practices Act. NYU Law and Economics Research Paper No. 12-15; NYU School of Law, Public Law Research Paper No. 12-35; See also Runnels, M.B., & A.M. Burton. 2012. “The Foreign Corrupt Practices Act and New Governance: Incentivizing Ethical Foreign Direct Investment in China and Other Emerging Economies”. Cardozo Law Review. 34 (1): 295-328.

[iii] See Spalding, A.B. (2010). Unwitting Sanctions: Understanding Anti-Bribery Legislation as Economic Sanctions Against Emerging Markets”. Florida Law Review. 62 (2): 351-428; Dalton, M.M. (2006). Efficiency v. Morality: The Codification of Cultural Norms in the Foreign Corrupt Practices Act. New York University Journal of Law and Business, Vol. 2; Westbrook A. D. (2011). “Enthusiastic Enforcement, Informal Legislation: The Unruly Expansion of the Foreign Corrupt Practices Act”. Georgia Law Review. 45 (2): 489-579.

[iv]Cuervo-Cazurra, A. (2006). Who cares about corruption? Journal of International Business Studies, 37, 6, 807-822.

[v] Spalding (2010) supra note 3.

[vi] See among others McBarnet, D. (2010). Transnational Transactions: Legal Work, Cross-Border Commerce and Global Regulation, 369-386. In Masson, A., & Shariff, M. J. Legal strategies: How corporations use law to improve performance. Berlin: Springer.

[vii] For the purposes of this article, extraterritoriality exists when an enforcement authority applies national laws for conduct occurring beyond the countries’ borders.

[viii] For example Rino International, a China-based issuer was investigated in 2008 for its business activities in China; See also US v. DPC (Tianjin) Co. Ltd. DPC; OECD firms are being investigated as well – Royal Dutch Shell was investigated and penalised by U.S. authorities for its operations in Nigeria. For more information see FCPA Blog, <www.fcpablog.com>.

[ix] Third Annual High Level Anti-Corruption Conference for G20 Governments and Business, 25-26 April 2013

[x] See Chow D. 2012. “China under the foreign corrupt practices act”. Wisconsin Law Review. 2012 (2): 573-608; Nichols P.M. 2012. “The Business Case for Complying with Bribery Laws”. American Business Law Journal. 49 (2): 325-368; Rose-Ackerman S., and Hunt S. 2012. “Transparency and Business Advantage: The Impact of International Anti-Corruption Policies on the United States National Interest”. NYU Annual Survey of American Law 67: 433-467.

[xi] Foreign firms are directly subjected to given national anti-bribery laws provided that they listed shares on one of OECD exchange markets

February 11, 2013

Quadrophenia and Four Compliance Issues

This past weekend I saw the remaining members of The Who perform in their Quadrophenia Tour. While I had seen Roger Daltry perform the rock opera Tommy, I had never seen Pete Townsend in concert. To say I was blown away would be putting it mildly, especially as Quadrophenia does not even make it into my top three favorite Who albums, which are, in descending order, Who’s Next, Tommy and Live at Leeds. While Roger Daltry’s voice was not as strong as it was during his Tommy tour, not doubt due to the longer duration of this tour, it was still a great performance and it was worth it to see Pete Townsend. He can still rock. Also they ended the show with three songs from Who’s Next, which alone was worth the price of admission.

The story generally revolves around four themes based upon the four personalities of the members of the band; Daltry, Townsend, Keith Moon and John Entwhistle. However, it was also a play on (for those of you old enough to remember) quadrophonic sound. According to Pete Townsend, “”The whole conception of Quadrophenia was geared to quadraphonic, but in a creative sort of way. I mean I wanted themes to sort of emerge from corners. So you start to get the sense of the fourness being literally speaker for speaker.” So inspired by ‘fourness’ today, I will review four issues that have, or will, impact the compliance practitioner.

I.                   EU and Data Privacy

In an article in the Financial Times (FT), entitled “EU refuses to bend on tough data privacy law”, reporter James Fontanella-Khan wrote that Viviane Reding, the EU Commissioner for Justice, said that she will continue to fight any US attempts to water down its proposed data protection and privacy law, “which would force global technology companies to obey European standards across the globe.” Further, “Exempting non-EU countries from our data protection regulations is not on the table. It would mean applying a double standard.” Fontanella-Khan said that “US tech companies argue that it would be unfair for them to be subject to EU laws that are too stringent and could result in expensive administrative burdens and hefty fines for errant companies.” Can you think of any US laws that non-US companies have to comply with?

Issues for the compliance practitioner? There could be a myriad, from internal investigations, to sharing data with US regulators to ongoing monitoring and auditing. While it is currently US technology companies which are leading the fight against these new tough standards, non-tech companies could do well to assess how these changes may well impact them.

II.                Will DOJ Open FCPA Investigation Against EADS?

Perhaps not fully appreciating the irony in reporting the EADS story in the same issue as the above EU data privacy story, the FT also had an article by Carola Hoyos, entitled “FBI probe of EADS unit claims”, who reported that the Federal Bureau of Investigation (FBI) has interviewed “a witness and taken possession of documents in connection with allegations” that a British subsidiary of the European aerospace entity EADS, named GPT Special Management Systems, bribed Saudi Arabian military officials, in connection with business dealings. Hoyos reported that GPT “made ₤11.5 of unexplained payments – some via the US – to bank accounts in the Cayman Islands.”

Although there is no known open US Department of Justice (DOJ) investigation open into the EADS matter at this point, Hoyos noted that it was the DOJ which led the effort to investigate and eventually fine the UK company BAE, the amount of $400MM after the British government ordered the Serious Fraud Office (SFO) inquiry into allegations of BAE bribery for sales of equipment into Saudi Arabia “citing economic and diplomatic interests”. The FBI interviews occurred even though the SFO is currently investigating the matter. Hoyos also reported that EADS “maintained that its own investigations into the matter had yielded no evidence of wrongdoing.”

III.             Think Before You Hit That Send Button

In a post in his blog, the D&O Diary, entitled “Damning E-mails: Can We Talk?”, author Kevin LaCroix wrote that “revelations this past week arguably represent some type of high-water mark, as a cluster of serious allegations were accompanied by a trove of embarrassing excerpts from emails and instant messages. While the latest disclosures provide yet another reminder of the dangers associated with ill-considered use of modern electronic communications technology, they also raise questions about the use that regulators and claimants are attempting to make of the communications.” He was talking about the Commodities Futures Trading Commission’s press releases announcing RBS’s settlement this past week of charges of alleged Libor manipulation drew heavily on excerpts from the bank’s internal electronic communications. While noting that “emails do sometimes in fact evidence wrongdoing” the problem with them “is that when seemingly damning email excerpts are blasted into the media, it is very difficult to appreciate the larger context within which the excerpts fit.”

As much as he has distaste for the selective use of emails in this manner by regulators, LaCroix believes that they can provide a teachable moment. He writes that “a useful exercise to try to adopt is to pause and ask yourself, before hitting “send”, how the message would look if it were to fall into the hands of a hostile and aggressive adversary who was looking for ways to try to make you or your company look bad. Were this simple test to be more widely implemented, we would certainly see a marked reduction in, for example, running email jokes about the French maid’s outfit. My final thought is this – we all know that many electronic messages are written in haste and sometimes with insufficient care. With full awareness of this attribute of electronic communications, we should hesitate to jump to too many conclusions about the seemingly damaging inferences that could be drawn from email or instant message excerpts. But we should also learn from the inferences that regulators and claimants are trying to draw and try to take that into account in our own communications.” I could not have put it better myself.

IV.              Trust Your Gut and Raise Your Hand

There have recently been a plethora of articles about ‘big data’ and how it can help in the monitoring of a Foreign Corrupt Practices Act (FCPA) compliance program. I have been one of the folks to write and talk about it. However, in an article in the New York Times (NYT), entitled “Sure, Big Data is Great. But So Is Intuition”, reporter Steve Lohr wrote that while he thinks that big data is a powerful tool and an unstoppable tread it “might be a time for reflection, questions and qualms about this technology.” This is because, like all mathematical models, big data is “a simplification.” He quotes Thomas Davenport for the following. “A major part of managing Big Data projects, he says, is asking the right questions: How do you define the problem? What data do you need? Where does it come from? What are the assumptions behind the model that the data is fed into? How is the model different from reality?”

So the underlying basis for analyzing big data may actually be “too simple minded, rather than too smart.” All of this leads back to intuition. I would add that if the hair on the back of your neck stands up, your gut tells you something is wrong or something does not smell right, it probably isn’t right. The implications for the compliance practitioner? I would like to propose that the largest is in the area of training. What I try and tell non-compliance practitioners when I put on training is that if you see, smell or sense one of the above, just raise your hand. You do not have to know the ins and outs of the FCPA or know the answer but I do ask that you raise your hand and get the issue to a person who does have the expertise to analyze the issue.

If you have the chance to see The Who on their Quadrophenia Tour, all I can say is to drop whatever you are doing and go see it. I do not know if it will be your last chance to see Pete Townsend but when he winds up for one of those trademark windmill slams down the guitar strings, just close your eyes and listen. It is pure bliss and a quad of sensations for the ages.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Blog at WordPress.com.