March Madness and Discipline Under the FCPA

Tonight is the finals of the NCAA Men’s Basketball Tournament, known as March Madness. As I went to law school at the University of Michigan, I will be pulling for the Wolverines to win the big game. If you are not a Louisville or Big East fan I hope that you can pull for us or at least throw some good mojo UM’s way as we may need all the help we can get. Go Blue!

One of the things made clear in the FCPA Guidance is that employees who engage in violations of the Foreign Corrupt Practices Act (FCPA) must be disciplined. One of the Ten Hallmarks of an Effective Compliance Program is discipline. The Guidance says that a company’s compliance program should apply from “the board room to the supply room – no one should be beyond its reach.” There should be appropriate discipline in place and administered for any violation of the FCPA or a company’s compliance program. But what if an employee’s conduct is something less than a clear violation of the FCPA? What if an employee goes right up to the line, stands next to it and kicks dirt on that line but never (seems) to go over. What should you do?

Imagine a scenario like the following. Your company is engaged in delicate negotiations to merge with another entity which will greatly increase the scope of your brand. You obviously do not want any negative information to leak out into the public sphere that your company does not follow its own Code of Conduct or the ethical values that it publicly espouses. You are brought information that one of your top sales people has engaged in a pattern of conduct that would appear not to meet your own company standards. Further, it turns out that there are videos showing the conduct in question. Not only do you see it but the company’s head of Human Resources (HR), Chief Financial Officer (CFO) and General Counsel (GC) see it as well. An internal investigation commences and it is determined that no laws are broken so you privately discipline the employee in question.

The merger goes through and thereafter it is decided that an outside law firm should conduct a more thorough investigation. This outside counsel interviews a full range of company employees and reviews internal company communications. Other company employees say that the employee in question is just very passionate about his job. However, it turns out that the focus of this outside law firm’s investigation was to determine if firing the employee in question would give that employee a basis to sue the company for wrongful termination. (The company in question is not located in the great state of Texas where you can fire anyone for a good reason, bad reason or no reason.) But even the outside law firm’s report does note that the employee in question did ‘cross the line.’ Yet you decide that no further discipline or even a follow up on the employee in question is warranted.

Now assume that the videos in question become public. There is outrage. Even the company President says that after reviewing the video it only took him “five minutes” to decide to fire the employee in question. The employee is fired and questions are being asked why you did not fire the President as well?

The above fictional scenario was based on the New York Times (NYT) article, entitled “Rutgers Officials Long Knew of Coach’s Actions”, by reporter Steve Eder. In his piece Eder details the long trail of evidence that Rutgers had been made aware of regarding the abusive behavior of its men’s basketball coach Mike Rice. Even after two investigations and presentation of a video showing Rice throwing basketballs at players, kicking them and taunting them with “homophobic slurs” Rice was not fired. Rice was reprimanded, fined and the University assigned its “sports psychologist to work with the team”. It was not until this video went viral and the whole world saw the abuse that Rice meted out to his team at practices did the outrage become sufficient enough for Rice’s termination. The Athletic Director, who had been made aware of all of the above, had requested the internal and external law firm investigations,  yet did not terminate Rice, was required to resign from all the fallout.

So just how much does it take for an entity to follow its own values? What about the employee who does ‘cross the line’ and does business in an unethical manner? Is that someone who can be trusted to follow the rules and laws like the FCPA? The FCPA Guidance makes clear that appropriate discipline should be “fairly and consistently applied across the organization. No executive should be above compliance, no employee below compliance, and no person within an organization deemed too valuable to be disciplined, if warranted. Rewarding good behavior and sanctioning bad behavior reinforces a culture of compliance and ethics throughout an organization.”

I often talk about the Fair Process Doctrine and how it behooves company’s to treat employees fairly. However, there is also a responsibility for a company to act appropriately when its employees engage in conduct that is not illegal but is so far outside the acceptable norms that it cannot be condoned. Remember what is true for Rutgers is also true for businesses in the private sector.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Ethical Behavior in the Navy – Lessons for the Non-Military Compliance Practitioner

What exactly is doing business in an ethical manner? I believe that the answer is different for each company. Ethical behavior can translate into doing business in a manner that does not jeopardize the safety of others and how you treat co-workers and subordinates. One of the things that I think ethical behavior entails is doing business within the rules, regulations and obligations of your business. For US companies doing business internationally, one of things this means is doing business within the parameters of the Foreign Corrupt Practices Act (FCPA).

But what if your business is named the US Navy? A recent article in the New York Times (NYT), entitled “Admiral at Center of Inquiry is Censured”, by reporters C. J. Chivers and Thom Shanker explored some of these issues. The article discussed the discipline action taken against “Rear Adm. Charles M. Gaouette, who led Carrier Strike Group Three, which included the aircraft carrier John C. Stennis, had been accused of using profanity in a public setting and making at least two racially insensitive comments, officials familiar with the investigation said.” The article noted that his “case arrived as a worrisomely large number of senior military officers have been investigated or fired for poor judgment, malfeasance, sexual improprieties or sexual violence over the last year.”

Further, the article reported that due to the number of such cases, the new Secretary of Defense, Chuck Hagel, sent out an internal memo to the Pentagon’s top brass, which was also provided to the NYT. In this memo, Hagel “urging a renewed “commitment to values-based ethical conduct.” Further Hagel said that “Each of us must rededicate ourselves to upholding the principles of sound leadership,” and that “Our culture must exemplify both professional excellence and ethical judgment.”

Interestingly, this discipline of Admiral Gaouette, was instituted by a compliant by Navy Captain Ronald Reis, the commander of the Stennis. Reis himself was accused of not following “normal protocols for driving the ship through busy shipping lanes, and ran a bridge in which the surface officers under his command felt tense and unable to offer their input, the officers said. Three officers and two former officers familiar with the ship’s bridge procedures said the captain tended to act alone and by eye, and not carefully track the Stennis’s position relative to other vessels in crowded seas; one of them said he tended “to fly the ship.””

Lastly, the article quoted the former officer for the following “We’re not talking about how Ron worked with the harbor pilot when docking at a pier. We’re talking about how he was driving through congested seas. People were concerned when he was driving because they were concerned he would hit something.”

According to the article, Gaouette was cleared of any criminal violations but was given a “set of administrative penalties which will effectively end his career” in the Navy as “the full inspector-general’s report was ordered to be attached to the admiral’s service record, where it will block his chances at promotion or future command, officials said.”

I recognize that most compliance practitioners do not work for the military but there are some very valuable lessons for the compliance practitioner that can be gleaned from the article.

Ethical Leadership

The few references in the NYT piece to Hagel’s internal memo are quite telling. Like most military organizations, the US Navy relies on strong discipline throughout the ranks. However, this does not mean that a senior officer can act abusively to lesser ranked officers. The article noted that “Navy officials declined to provide details, or discuss precisely what Admiral Gaouette said that Captain Reis and the inspector general deemed insensitive.” Nevertheless, whatever was said would be appear to outside what the Navy believed was tolerable. So intolerable in fact, that it ended Admiral Gaouette’s career.

Treatment of Whistleblower

It was Captain Reis who filed the complaint against Admiral Gaouette, not the other way around. The article reported that “After Admiral Gaouette had ordered the captain to slow down as the vessel was steaming through ship traffic in the Malacca Strait in excess of 20 knots, the officers said, Captain Reis filed a complaint to the inspector general, claiming the admiral was abusive.” The Navy followed through and investigated a senior officer in a situation where it appeared that the junior officer had engaged in conduct where the junior officer did not follow standard Navy protocols. In other words, the Navy did not blame the person who filed the complaint for his actions which may have even led to Admiral Gaouette’s interactions with the Captain.

Discipline

As noted, the conduct which Admiral Gaouette engaged in was so far out of line or unethical that it ended his Navy career. For any compliance program to work there must be both a carrot and a stick, meaning that violation of a company’s ethical values must be punished. In the Navy, abusing a subordinate is something that violates its standards for ethics based conduct. Nothing speaks more strongly than actions and for the Navy to discipline a senior officer in such a manner speaks directly to its commitment of “upholding the principles of sound leadership” that Hagel spoke about in his internal memo.

I found this article provided many things for the compliance practitioner to think about. It showed the Navy’s commitment to have an organization run with ethics. It may be that your company could learn something from this example.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

The FCPA Guidance on the Ten Hallmarks of an Effective Compliance Program

Many commentators are still mining the Department of Justice (DOJ)/Securities and Exchange Commission (SEC) publication, A Resource Guide to the U.S. Foreign Corrupt Practices Act, (the “Guidance”), which was released last November. I continue to find nuggets to provide to the compliance practitioner, as do others. But as we are a Base 10 culture, today I want discuss the 10 points listed as the ‘Hallmarks of Effective Compliance Programs”. They are a change in style, but not content, from the prior 13 point minimum best practices that the DOJ has in the Deferred Prosecution Agreements (DPAs) since at least November, 2010 and, indeed, from prior information made available by the DOJ.

I.                   Where Have We Been

Beginning with at least the Metcalfe & Eddy Consent and Undertaking, filed in December, 1999, the DOJ has laid out its thoughts on what should go into a Foreign Corrupt Practices Act (FCPA) anti-corruption compliance program. In the Metcalfe & Eddy Consent and Undertaking, the DOJ laid out ten points of an effective FCPA anti-corruption compliance program. This was modified somewhat in Opinion Release 04-02, which laid out a best practices compliance program in 12 points, where the DOJ reviewed the proposal by an investment group who were acquiring certain companies and assets from ABB Ltd. ABB Vetco Gray Inc. and ABB Vetco Gray (UK) Ltd., two of the entities being acquired, had previously pled guilty to FCPA violations. The investment group desired to protect itself from further liability, to the extent possible, by proposing to the DOJ a comprehensive best practices compliance program. While the DOJ noted that this compliance program was not a shield against future violations, the DOJ would not “intend to take an enforcement action [against the investors] for violations of the FCPA prior to their acquisition from ABB.”

In the Panalpina DPA, issued in November, 2010, the DOJ laid out a 13 point minimum best practices compliance program. This number was changed this past summer when the Data Systems & Solutions LLC (DS&S) DPA was announced. In this enforcement action the DOJ listed 15 points on its minimum best practices FCPA anti-corruption compliance program. Then later in the summer, the DOJ moved to a 9 point compliance program in the Pfizer DPA. Even with all these changes in the number, the substance of each compliance program has remained the same.

II.                Where Are We Now? Hallmarks of Effective Compliance Programs

The Guidance cautions that there is no “one-size-fits-all” compliance program. It recognizes that depending on a variety of factors such as size, type of business, industry and risk profile that a company should determine what is appropriate for its own needs regarding a FCPA compliance program. But the Guidance makes clear that these ten points are “meant to provide insight into the aspects of compliance programs that DOJ and SEC assess”. In other words you should pay attention to these and use this information to assess your own compliance regime.

1. Commitment from Senior Management and a Clearly Articulated Policy Against Corruption. It all starts with tone at the top. But more than simply ‘talk-the-talk’ company leadership must ‘walk-the-walk’ and lead by example. Both the DOJ and SEC look to see if a company has a “culture of compliance”. More than a paper program is required, it must have real teeth and it must be put into action, all of which is led by senior management. The Guidance states that “A strong ethical culture directly supports a strong compliance program. By adhering to ethical standards, senior managers will inspire middle managers to reinforce those standards.” This prong ends by stating that the DOJ and SEC will “evaluate whether senior management has clearly articulated company standards, communicated them in unambiguous terms, adhered to them scrupulously, and disseminated them throughout the organization.”
2. Code of Conduct and Compliance Policies and Procedures. The Code of Conduct has long been seen as the foundation of a company’s overall compliance program and the Guidance acknowledges this fact. But a Code of Conduct and a company’s compliance policies need to be clear and concise. The Guidance makes clear that if a company has a large employee base that is not fluent in English such documents need to be translated into the native language of those employees. A company also needs to have appropriate internal controls based upon the risks that a company has assessed for its business model. Some of the risks a company should assess include “the nature and extent of transactions with foreign governments, including payments to foreign officials; use of third parties; gifts, travel, and entertainment expenses; charitable and political donations; and facilitating and expediting payments.”
3. Oversight, Autonomy, and Resources. This section starts with a discussion on whether a company has assigned a senior level executive to oversee and implement a company’s compliance program. Not only must a company assign such a person with appropriate authority but that person, and the overall compliance function, must have “sufficient resources to ensure that the company’s compliance program is implemented effectively.” Additionally, the compliance function should report to the company’s Board of Directors or an appropriate committee of the Board such as the Audit Committee. Overall the DOJ and SEC will “consider whether the company devoted adequate staffing and resources to the compliance program given the size, structure, and risk profile of the business.”
4. Risk Assessment. The Guidance states that “assessment of risk is fundamental to developing a strong compliance program”. Indeed, if there is one over-riding theme in the Guidance it is that a company should assess its risks in all areas of its business. The Guidance lists factors that a company should consider in any risk assessment. They are “the country and industry sector, the business opportunity, potential business partners, level of involvement with governments, amount of government regulation and oversight, and exposure to customs and immigration in conducting business affairs.” The Guidance is also quite clear that when the DOJ and SEC look at a company’s overall compliance program, they “take into account whether and to what degree a company analyzes and addresses the particular risks it faces.”
5. Training and Continuing Advice. Communication of a compliance program is a cornerstone of any anti-corruption compliance program. The Guidance specifies that both the “DOJ and SEC will evaluate whether a company has taken steps to ensure that relevant policies and procedures have been communicated throughout the organization, including through periodic training and certification for all directors, officers, relevant employees, and, where appropriate, agents and business partners.” The training should be risk based so that those high risk employees and third party business partners receive an appropriate level of training. A company should also devote appropriate resources to providing its employees with guidance and advice on how to comply with their own compliance program on an ongoing basis.
6. Incentives and Disciplinary Measures. This involves both the carrot and the stick. Initially the Guidance notes that a company’s compliance program should apply from “the board room to the supply room – no one should be beyond its reach.” There should be appropriate discipline in place and administered for any violation of the FCPA or a company’s compliance program. Additionally, the “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance program, and rewards for ethics and compliance leadership.” These incentives can take the form of a part of senior management’s bonuses or simply recognition on the shop floor.
7. Third-Party Due Diligence and Payments. Here the Guidance focuses on the ongoing problem area of third parties. The Guidance says that companies must engage in risk based due diligence to understand the “qualifications and associations of its third-party partners, including its business reputation, and relationship, if any, with foreign officials.” Next a company should articulate a business rationale for the use of the third party. This would include an evaluation of the payment arrangement to ascertain that the compensation is reasonable and will not be used as a basis for corrupt payments. Lastly, there should be ongoing monitoring of third parties.
8. Confidential Reporting and Internal Investigation. This means more than simply a hotline. The Guidance suggests that anonymous reporting, and perhaps even a company ombudsman, might be appropriate to have in place for employees to report allegations of corruption or violations of the FCPA. Furthermore, it is just as important what a company does after an allegation is made. The Guidance states, “once an allegation is made, companies should have in place an efficient, reliable, and properly funded process for investigating the allegation and documenting the company’s response, including any disciplinary or remediation measures taken.” The final message is what did you learn from the allegation and investigation and did you apply it in your company?
9. Continuous Improvement: Periodic Testing and Review. As noted in the Guidance, “compliance programs that do not just exist on paper but are followed in practice will inevitably uncover compliance weaknesses and require enhancements. Consequently, DOJ and SEC evaluate whether companies regularly review and improve their compliance programs and not allow them to become stale.” The DOJ/SEC expects that a company will review and test its compliance controls and “think critically” about its own weaknesses and risk areas. Internal controls should also be periodically tested through targeted audits.
10. Mergers and Acquisitions. Pre-Acquisition Due Diligence and Post-Acquisition Integration. Here the DOJ and SEC spell out what it expects in not only the post-acquisition integration phase but also in the pre-acquisition phase. This pre-acquisition information is not something that most companies had previously focused on. Basically, a company should attempt to perform as much substantive compliance due diligence that it can do before it purchases a company. After the deal is closed, an acquiring entity needs to perform a FCPA audit, train all senior management and risk employees in the purchased company and integrate the acquired entity into its compliance regime.

As I commented earlier in this article, the DOJ and SEC have communicated what they believe are the important parts of a risk based, anti-corruption compliance program for many years. I do not think that a compliance defense could be set out any more succinctly. However, I do like things set out in Base 10 and the “Hallmarks of Effective Compliance Programs” is an excellent compilation of where we are and what you need in place to go forward. I recommend this as a good a starting point for any compliance practitioner to implement a new compliance program or to evaluate the state of an ongoing compliance regime so assess your company’s risks and use these hallmarks as a basis to move forward.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Tyco NPA and Chris Economaki – Details from the Pits

“This is Chris Economaki in the pits.”

That was the signature line of race car announcer Chris Economaki, who died last week at the age of 91. For a generation of us who grew up watching ABC’s Wide World of Sports, Chris Economaki was the voice of the Indy 500, the Dayton 500, the Summer and Winter Nationals of the National Hot Rod Association (NHRA) and a host of other auto races. In addition to having one of the most unique names this Southerner had ever heard of, Economaki had a staccato vocal delivery that, as noted in his obituary in the New York Times (NYT) by writer Douglas Martin, “reminded some of a rumbling racing engine.”

The Bribery Schemes

I thought about Chris Economaki and the detail he brought as a track-side commentator to a generation of Wide World of Sports’ aficionados when considering the various documents released last week in connection with the Tyco International Ltd (Tyco) Foreign Corrupt Practices Act (FCPA) enforcement action. For the most comprehensive summary of the Department of Justice’s (DOJ) criminal enforcement action and the Securities and Exchange Commission’s (SEC) civil action, I recommend either of the FCPA Professor’s excellent posts on Tyco. In addition to the points raised by the Professor I believe that there are significant lessons learned for the FCPA compliance practitioner. With a tip of our collective caps to the baseball pennant races which are down to the final few days, I present the Tyco Bribery Box Score.

Tyco Subsidiary	Bribe Amount Paid	Profits Earned by Conduct
M/A Com	Not reported	$71,770
TTC Huzhou and TTC Shanghai	$196,267	$3,470,180
TWW Germany and Erhard	$2,371,094	$4,684,966
TFC HK and Keystone	$137,000	$378,088
TFCT Shanghai	$24,000	$59,412
ET Thailand	$292,268	$879,258
TFIS France	$363,839	$1,256,389
THC China	$250,000	$353,800
TVC ME	$488,479	$1,153,500
ADT Thailand	$78,000	$473,262
Tatra	$96,000	$226,863
Eurapipe	$358,000	$1,298,453
THC Saudi Arabia	Not reported	$1,900,600
Dulmison	$68,426	$109,249

I set out the full Box Score of bribes paid by Tyco in this detail to emphasize how bad the conduct of the company is and this is in the VERY BAD CONDUCT realm, coupled with the facts that (a) Tyco is now a two-time loser under the FCPA and (b) most of the illegal conduct occurred after Tyco agreed to an initial FCPA based Deferred Prosecution Agreement (DPA) in 2006 for prior FCPA sins. Yet even with all of this Tyco was able to obtain a Non Prosecution Agreement (NPA). Such a result is fairly stunning if you think about it in a superficial basis. However, if you consider what Paul McNulty continually says, and which I continually write about, the most important question will be What did you do when you found out about it?

As noted in the letter from the DOJ to counsel for Tyco, the DOJ entered into the NPA with Tyco based upon the following factors: (1) timely and voluntary self-disclosure; (2) a full and complete global investigation by Tyco; (3) extensive remediation including implementation of an enhanced compliance program, termination of employees responsible for the conduct at issue, severing contracts with third party agents who were parties to the frauds, closing subsidiaries involved in the illegal conduct; and (4) provide annual written reports to the DOJ on progress of the company’s enhanced compliance program.

Corporate Compliance Program

Tyco agreed to a robust corporate compliance program that either currently exists or will be implemented in the future. This Corporate Compliance Program is somewhat different than most of the 13 minimum best practices compliance regimes reported in DPAs and NPAs since the Panalpina DPA of November, 2010. Tyco agreed to a point compliance regime, which consists of the following.

1. High level commitment. The Company will ensure that its senior management provides strong, explicit, and visible support and commitment to its corporate policy against violations of the anti-corruption laws and its compliance code.

2. Policies and Procedures. Tyco will promulgate compliance standards and procedures designed to reduce the prospect of violations of the anti-corruption laws and the Company’s compliance code, and the Company should take appropriate measures to encourage and support the observance of ethics and compliance standards and procedures against foreign bribery by personnel at all levels of the company. These anti-corruption standards and procedures shall apply to all directors, officers, and employees and, where necessary and appropriate, outside parties acting on behalf of the Company in a foreign jurisdiction, including but not limited to, agents and intermediaries, consultants, representatives, distributors, teaming partners, contractors and suppliers, consortia, and joint venture partners (collectively, “agents and business partners”), to the extent that agents and business partners may be employed under the Company’s corporate policy. The Company shall notify all employees that compliance with the standards and procedures is the duty of individuals at all levels of the company. Such standards and procedures shall include policies governing:

1. gifts;
2. hospitality, entertainment, and expenses;
3. customer travel;
4. political contributions;
5. charitable donations and sponsorships;
6. facilitation payments; and
7. solicitation and extortion.

3. Internal Controls. Tyco will ensure that it has a system of financial and accounting procedures, including a system of internal controls, reasonably designed to ensure the maintenance of fair and accurate books, records, and accounts to ensure that they cannot be used for the purpose of foreign bribery or concealing such bribery. This system should be designed to provide reasonable assurance that:

1. Transactions are executed in accordance with management’s general or specific authorization;
2. Transactions are recorded to permit preparation of financial statements in accordance with GAAP;
3. Access to assets is permitted only in accordance with management’s general or specific authorization; and
4. Recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken if discrepancies are found.

4. Periodic Risk-Based Reviews. Tyco agreed to develop these compliance standards and procedures, on the basis of a risk assessment addressing the individual circumstances of Tyco, in particular the foreign bribery risks it faces including, its geographical organization, interactions with various types and levels of government officials, industrial sectors of operation, involvement in joint venture arrangements, importance of licenses and permits in the company’s operations, degree of governmental oversight and inspection, and volume and importance of goods and personnel clearing through customs and immigration.

5. Proper Oversight and Independence. Tyco will (or once again has) assign responsibility to one or more senior corporate executives of the Company for the implementation and oversight of the Company’s anti-corruption policies, standards, and procedures. Such corporate official(s) shall have direct reporting obligations to the Tyco’s independent monitoring bodies, including internal audit, the Board of Directors, or any appropriate committee of the Board of Directors, and shall have an adequate level of autonomy from management as well as sufficient resources and authority to maintain such autonomy.

6. Training and Guidance.

1. Training. Tyco will implement mechanisms designed to ensure that its anti-corruption policies, standards, and procedures are communicated effectively to all directors, officers, employees, and where appropriate, agents and business partners. These mechanisms shall include periodic training for all directors and officers, and, all employees in positions of leadership or trust or positions which might otherwise pose a risk of corruption to the company. The training shall also be provided to agents and business partners. Lastly there shall be biannual certifications by all such directors and officers, and, where necessary and appropriate, employees, agents, and business partners, certifying compliance with the training requirements.
2. Guidance. Tyco is required to maintain an effective system for providing guidance and advice to directors, officers, employees, and, where necessary and appropriate, agents and business partners, on complying with Tyco’s anti-corruption compliance policies, standards, and procedures, including when they need advice on an urgent basis or in any foreign jurisdiction in which Tyco operates.

7. Internal Reporting and Investigation. Tyco will provide an effective system for internal and where possible, confidential reporting by, and protection of, directors, officers, employees, and, where necessary and appropriate, agents and business partners, concerning violations of the Company’s compliance program. Tyco also agreed to dedicate sufficient resources to respond to such requests and undertaking necessary and appropriate action in response to such reports.

8. Enforcement and Discipline. Tyco will institute appropriate disciplinary procedures to address, violations of the anti-corruption laws and the Company’s anti-corruption compliance code, policies, and procedures by the Company’s directors, officers, and employees. This shall include disciplining of those within the company no matter how the position of the person or their perceived authority. In addition to discipline, Tyco agrees to add appropriate mechanisms to incentivize compliant behavior.

9. Third Party Relationships. Tyco agreed to institute appropriate due diligence and compliance requirements pertaining to the retention and oversight of all agents and business partners, including: (a) properly documented risk-based due diligence pertaining to the hiring and appropriate and regular oversight of agents and business partners; (b) informing agents and business partners of the Company’s commitment to abiding by laws on the prohibitions against foreign bribery, and of the Company’s ethics and compliance standards and procedures and other measures for preventing and detecting such bribery; (c) seeking a reciprocal commitment from agents and business partners and (d) including appropriate compliance terms and conditions in the contract.

10. Mergers and Acquisitions. Tyco agreed to develop and implement appropriate compliance policies and procedures for any acquisition based upon an appropriate risk-analysis which would be completed as soon as practicable. Further such changes would be implemented as soon as practicable. Directors, officers and employees of newly acquired entities would be trained as soon as practicable.

11. Monitoring and Testing. Tyco agreed to conduct periodic review and testing of its anti-corruption compliance code, standards, and procedures designed to evaluate and improve their effectiveness in preventing and detecting violations of anti-corruption laws and the Company’s anti-corruption code, standards and procedures, taking into account relevant developments in the field and evolving international and industry standards.

So the prior 13 point best practices program is now folded down to 11 for Tyco. Nevertheless, the general concepts are still the same for a company seeking to implement or enhance its compliance solution. Much like Chris Economaki reporting from the Pits at the Indy 500, the level of detail provided in the Tyco NPA should allow the compliance practitioner to evaluate their company’s compliance program.

============================================================================================

The Wall Street Journal has a series of articles today on the FCPA. In conjunction with these articles I will join Joe Palazzolo, Law Blog lead writer, for a conversation on the FCPA at 2:30 PM EDT. We will take your questions. To join us, click here.

===========================================================================================

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Pfizer DPA Part III – What Does It All Mean?

Last week I began an exploration of the Pfizer Deferred Prosecution Agreement (DPA) which was announced last week by the Department of Justice (DOJ) in connection with its settlement of Foreign Corrupt Practices Act (FCPA) violations. In Part I, I reviewed the Corporate Compliance Obligations, Attachment C.1. In Part II, I reviewed the Enhanced Compliance Obligations, Attachment C.2 and Corporate Reporting Obligation, Attachment C.3, which Pfizer agreed to implement and operate under. In Part III, I will discuss some of the implications raised by the Pfizer DPA for the compliance practitioner.

Below is a comparison chart of the minimum best practices compliance program as set out in the Panalpina DPA and all DPAs coming forward with the minimum best practices compliance program as set out in the Pfizer DPA. While the number of compliance obligations is somewhat different, when read in conjunction with the Enhanced Compliance Obligations of Attachment C.2, there is not significant difference. Therefore, and initially, the compliance practitioner must read both the Corporate Compliance Obligations and Enhanced Compliance Obligations in conjunction with each other.

CORPORATE COMPLIANCE COMPARISON CHART

Panalpina Minimum Best Practices	Pfizer 9 Point Corporate Compliance Program
1. Code of Conduct. To ensure against FCPA violations.	1. Clearly articulated corporate policy against FCPA violations.
2. Tone at the Top. A company will ensure that its senior management provides visible support and commitment to its corporate anti-corruption policy.	2.  Promulgation of compliance standards and procedures designed to reduce the prospect of violations of the anti-corruption laws and Pfizer’s compliance code.
3. Written policies and procedures.  Should be created in the following areas (a) gifts; (b) hospitality, entertainment, and expenses; (c) customer travel; (d) political contributions; (e) charitable donations and sponsorships; (f) facilitation payments; and (g) solicitation and extortion.	3. Assignment of one or more senior corporate execs for implementation and oversight of compliance program. They shall report to the Board.
4. Risk Assessment. Perform risk assessment and use it to inform your compliance program. 9(b)-internal and confidential reporting system.	4. Effective communication of the compliance policies including training and certification of training.
5. Annual Reviews. No less than annually, a company should review and update as appropriate to ensure continued compliance program effectiveness.	5. An effective system for reporting illegal conduct or violations of the company anti-corruption program.
6. Senior Management Oversight and Reporting. Assignment of one or more senior corporate executives for implementation & oversight of compliance program and they shall report to Board of Directors	6. Appropriate disciplinary procedures.
7. Internal controls.  These should include financial and accounting procedures which should ensure that the company has accurate and fair books and records, which cannot be used for or conceal bribery.	7. Appropriate due diligence for retention and oversight of agents and business partners.
8. Training. A company shall effectively communicate compliance program through training and annual certifications	8. Standard compliance terms and conditions in contracts including (1) reps and undertakings re: anti-corruption compliance; (2) right to audit; and (3) right to terminate for breach thereof.
9. Advice and Guidance.  The Company should establish or maintain an effective system for: (a) Providing guidance; (b) Internal and confidential reporting; and (c) Responding to such requests and undertaking appropriate action in response to such reports.	9. Periodic testing of Pfizer compliance code and anti-corruption procedures.
10. Discipline. A company shall institute appropriate disciplinary procedures to address violations compliance policy or ant-corruption laws.
11. Third Party Reps. (a) Properly documented risk-based due diligence and regular oversight of agents and business partners;  (b) Informing agents and business partners of the compliance standards; and (c) Seeking a reciprocal commitment from agents and business partners.
12. Compliance terms and conditions. Should be included in every agent agreement.
13. Ongoing Assessment. Period review and testing of compliance program to evaluate it and improve the program’s effectiveness.

 

In addition to a Chief Compliance Officer (CCO) and Risk Officer (RO) who will have report directly to the Chief Executive Officer (CEO), there was further specified requirements for compliance leads to be appointed with responsibility for each of its business units who would in turn report to the CCO and RO or General Counsel (GC). Finally, similar to the situation we observed in the Halliburton settlement of its shareholder derivative action, Pfizer will have an Executive Compliance Committee, which will sit below the Board of Directors to oversee Pfizer’s compliance program.

The Enhanced Compliance Obligations require that Pfizer maintain policies and procedures regarding gifts, hospitality, and travel in each jurisdiction that are appropriately designed to prevent violations of the anti-corruption laws and regulations, presumably tailored to each jurisdiction. This statement would seem to focus on reasonableness not only in terms of monetary value but also in factoring in the jurisdiction where the gift or hospitality is to be provided. Finally, and as always, travel and training must have a business purpose.

There was a very detailed plan laid out for a risk-based program of annual proactive anti-corruption reviews of high-risk markets. It consists of five markets which are at high risk for corruption because of the business and location. The specifics for each visit will be a useful guide for the compliance practitioner to compare with similar work done by his compliance group. It includes (a) On-site visits by an FCPA review team comprised of qualified personnel from the Compliance, Audit and Legal functions who have received FCPA and anti-corruption training; (b) Review of a representative sample, appropriately adjusted for the risks of the market, of contracts with, and payments, to individual foreign government officials or health care providers, as well as other high-risk transactions in the market; (c) Creation of action plans resulting from issues identified during the proactive reviews; these action plans will be shared with appropriate senior management and should contain mandatory remedial steps designed to enhance anti-corruption compliance, repair process weaknesses, and deter violations; and (d) a review of the books and records of a sample of distributors which, in the view of the FCPA proactive review team, may present corruption risk.

Interesting, the DPA specifies that Pfizer will maintain “significant” resources for the compliance function. These significant resources will be dedicated to several different types of compliance tools, including (a) an international investigations group charged with responding to and investigating anti-corruption compliance issues and ensuring that appropriate remedial measures are undertaken after the completion of an investigation; (b) an anti-corruption program office providing centralized assistance and guidance regarding the implementation, updating and revising of the FCPA Procedure, the establishment of systems to enhance compliance with the FCPA Procedure, and the administration of corporate-level training and annual anti-corruption certifications; and (c) a mergers and acquisitions (M&A) compliance team designed to support early identification of compliance risks associated with complex business transactions and to ensure the integration of Pfizer’s compliance procedures into newly acquired entities. There was a slightly different time schedule listed for Pfizer to complete post-acquisition auditing, training and implementation of the Pfizer compliance program into the acquired company. I have added to my recent FCPA M&A Box Score Summary.

Time Frames	Halliburton 08-02	J&J	DS&S	Pfizer
FCPA Audit	High Risk Agents – 90 days Medium Risk Agents – 120 Days Low Risk Agents – 180 days	18 months to conduct full FCPA audit	As soon “as practicable”	One year
Implement FCPA Compliance Program	Immediately upon closing	12 months	As soon “as practicable”	One year
Training on FCPA Compliance Program	60 days to complete training for high risk employees, 90 days for all others	12 months to complete training	As soon “as practicable”	One Year

While there was no new language regarding risk evaluation, due diligence on, or other management of third party business parties, the DPA did specify that when it is appropriate on the basis of a FCPA risk assessment, the company will provide FCPA and anti-corruption training to relevant agents and business partners, at least once every three years.

The company is also to use annual certifications from senior managers in each of Pfizer’s Business Units, Divisions, and operational functions confirming that their standard operating procedures adequately implement Pfizer’s anti-corruption policies, procedures and controls, including training requirements; that they have reviewed and followed up on any issues identified in FCPA trend analyses; and that they are not aware of any FCFA or other corruption issues that have not already been reported to the Compliance Division or the Legal Division.

There is a wealth of information in the Pfizer DPA and other documents relating to its resolution of these FCPA issues. I would commend all the documents to you to read and see what areas your company may need to look at more closely and how these Compliance and Enhanced Compliance Obligation Attachments may provide insight into areas where you might be lacking or need to enhance your compliance program and coverage.  These enhanced obligations could well become the new minimum best practices in the FCPA compliance arena.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

Mendelsohn and Denniston: A Compliance Dialogue

Last week I attended the 2012 Global Ethics Summit hosted by Ethisphere. The first event was a conversation between Mark Mendelsohn and Brackett Denniston, Senior Vice President and General Counsel of General Electric (GE). They both had some interesting observations on the current state of Foreign Corrupt Practices Act (FCPA) compliance. Dennison believes that the conversation on FCPA compliance has evolved to “What can organizations do to create a culture of compliance on a world-wide basis?” To answer this question he gave three overarching themes.

First it all starts with the ubiquitous “tone-at-the-top” but it means more than simply saying the right things on a regular basis. Denniston believes that senior management must “speak often and be sincere” in communicating this tone. If they are not sincere, he believes that employees will pick up on this immediately and any efforts to instill such a culture of compliance will be doomed to fail. Second, senior management must “walk the talk” through both discipline and a system of rewards. The discipline must be clear and delivered decisively. The rewards must be not only direct financial remuneration but also the internal promotion of persons who do business in an ethical manner, under the Company’s Code of Conduct. Lastly, a company as a whole must have the willingness to listen. He directed these remarks to helplines and other mechanisms where employees can report compliance violations or even raise concerns. He was clear that there must be be directly stated and enforced, that there is a no retaliation policy for all reports made in good faith. This also requires a company to keep accurate measurements of such reports and to design and refine its processes around these metrics.

Mendelsohn asked Denniston what were his three biggest challenges at GE regarding compliance and ethics. Denniston responded that the biggest challenge was in integrating acquisitions into the GE compliance culture. This is challenging in remote sites around the globe particularly in locations which do not have a senior management presence nor are visited by senior management on a regular basis. The second area is improper payments on a global basis. While noting that GE bans facilitation payments, these are still a challenge as are payments made through gifts, entertainment and travel. Lastly, he expanded his answer on the top three challenges to add regulatory compliance in general.

Denniston believes that the key for any company is how they will respond when a compliance issue arises. Within the GE world he said that the thing he worries about is that an issue will arise and the local business team will try to clean the matter and will not disclose it to the home office. From afar, such a response would appear as a cover-up of a reportable FCPA violation, even if no one in the US was involved. It could lead to a conclusion by the Department of Justice (DOJ) or Securities and Exchange Commission (SEC) of an entire failure of a company’s compliance program. Recognizing that the cover-up is always worse than the original event, this would seem to echo Number 3 of Paul McNulty’s Maxims of “What did you do when you found about it [a compliance violation]?”

Picking up on his point about one of the things a company must do is listen to its employees, Denniston re-emphasized that communication is important but that a company must also measure the effect that these communications have. Metrics are an important aspect to creating and maintaining a culture of compliance at GE because it allows the company to base its compliance program enhancements on quantifiable data. He added that this helps dissipate the confusion between quality in the overall company compliance regime and simple regulatory compliance.

In a very interesting response to a Mendelsohn question along the lines of “is there too much FCPA enforcement?” Denniston responded that he did not think so as he believes that the DOJ has “got it right.” However, he does not believe this is the case with the SEC. He said that the problem, in his opinion, is around how much “fuzziness” there is from the SEC on the credit a company will receive for a self-disclosure. This is true even if the SEC has a principle which is consistent; Denniston believes that it does not always play out so clearly in practice.

Dennison ended his remarks in responding to a Mendelsohn question on “the single best compliance innovation at GE, during his tenure?” Being a good lawyer, Denniston had three single best compliance innovations. They were (1) every year GE tried to introduce a substantive improvement to its compliance program. These improvements are generated from a variety of sources, from local business unit employees to his aforementioned metrics to lead to an enhancement. (2) The continued efforts in the company to increase reporting of any compliance issues so that they might be evaluated by an appropriate compliance professional. He gave an example of a geographic region which had an inordinately low number of reports of compliance issues, which Dennison viewed as a negative. He sought to have this number increased by a minimum of 20% annually, which was achieved. In other words, if there are no reports, GE wants to know why there are no reports. (3) He said that there is now the creation of an unanticipated risk list. This has turned into an early warning system of issues that might pop up on the compliance radar, however it also forces all employees engaged in the exercise to come up with compliance issues the company is not currently thinking about in any detail.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Banning Beer in the Clubhouse? How to Sustain a Culture of Trust and Integrity

Continuing our sports theme this week, I was interested in my friend, Jay Rosen’s former hometown team, the Boston Red Sox move to ban alcohol from the clubhouse. I found fascinating the commentary on this move, which seemed to me to break down into two categories: (1) Pro-supporting new manager Bobby Valentine, it was a good move and needed to instill some much needed discipline in the clubhouse, which had been lost under prior manager Terry Francona; and (2) Anti-dumb and useless PR move-supporting the prior manager Terry Francona, who broke the Curse of the Bambino by leading Boston to its first two World Series wins in 86 years. We should note that Valentine did not ban Buffalo wings from the clubhouse, which were also listed as evidence by the Red Sox front office as lack of clubhouse discipline.

I thought about those questions in the context of a presentation made that the SCCE Utilities and Energy Conference here in Houston this week. In a presentation by Duane Woods, Senior Vice President of Waste Management, entitled “Sustaining a Culture of Trust and Integrity in Challenging Times”, he talked about the efforts of Waste Management to build and sustain a culture of trust and integrity throughout the organization.

Policies and Procedures

He began with Policies and Procedures, which he described as follows: Policies are used to set the rules of conduct and the desired behavior for employees; Procedures serve to provide a detailed set of uniform processes for employees to follow and they support compliance with the policies. He said that Waste Management tries to use these tools through four disciplines:

1. Regulatory – Those required by law, such as Sarbanes-Oxley;
2. Performance – The financial performance of the company;
3. Customer – They can provide guidance to the organization about customer relations particularly in the area of credit; and
4. Brand and Reputation – Letting employees know what the company brand stands for. Woods stated that this is usually set forth in a company’s Code of Conduct.

These are things that drive loyalty. Woods acknowledged that all companies make mistakes. However, his point was that the key was to rectify the error and then recover the relationship with the customer.

Metrics

Woods next turned to metrics as he believes that if you don’t measure it, you can’t manage it. Metrics are present to help measure and track the successful implementation of policies, procedures and performance. They can also be used to help govern and reward behavior and to help support a culture of compliance. Metrics are critical to defining required and desired behavior. However, even policies, procedures, systems and metrics will not sustain Compliance or Ethics if there is not the right culture of compliance within the organization. If metrics and incentives are poorly designed and implemented they will cause undesired behavior and help to make a confused culture. He also noted that even the “best compliance programs may not ensure right decisions in tough situations.” He emphasized the following points:

• Alignment – Metrics should align with Vital Business Functions and Values.
• Simplicity – Keep it simple. A common problem faced by managers is overloading of metrics.
• Good enough is perfect – Select metrics that are easy to track and easy to understand.
• Indicators – Use metrics as indicators. Key Performance Indicators (KPIs) are metrics. A KPI does not troubleshoot anything, but rather indicates something is amiss.
• Less is more – Use only a few good metrics as too many metrics, even if they are effective, can overwhelm a team.
• Metrics drive both good and bad behavior.  People do what you pay them to do, so choose carefully.

Character

Woods started off this section of his presentation by noting that Warren Buffett, when hiring people, looks for three things. “The first is personal integrity, the second is intelligence, and the third is a high energy level. But, if you don’t have the first, the other two will kill you.” Woods stated that he believes you should hire leaders with demonstrated character, who are capable of inspiring trust and confidence in others. It is more important that leaders be authentic, they must be sincere. Honesty and congruent behavior must be maintained in that you have consistent behavior. Of course respect for others and holding yourself accountable for your direct employees is paramount. Lastly, Woods noted that you should be constantly assessing character talent, are your employees living the values you want?

With these, Woods believes that you can build a culture of character in your organization and to do so starts with trust, which he believes comes from living the values and delivering the results. Trust works on several levels, these include: (1) Individual; (2) Relationship; (3) Market-customer base; (4) Community; and (5) Regulatory. With trust as the base, Woods next turned to building a culture of character within your organization. He emphasized these steps as:

• Set clear expectations.
• Train with focus on integrity, mission and values
• Coaching – The importance of role play circumstances for people.
• Mentor to reinforce behavior.
• Accountability for all employees.
• Engage your workforce – Survey to find out who the key influencers in the company are. Not necessarily the designated leaders.
• Communication – Here Woods emphasized that you should over communicate. The importance of using stories as teaching tools and lessons learned.

Woods concluded by listing the primary benefits that he sees from having the right culture at your company. They include that your organization will become more self-governing, with less need for management intervention in this area. There will be less employee misconduct and greater employee innovation. There will be not only be more customer loyalty but great employee satisfaction, and when a real crisis arises, the employee base should work together to resolve it.

So now on to question time: How about those Red Sox and their banning of beer in the clubhouse? Do you think that is evidence of a culture of compliance or should people, who are old enough to legally drink, be allowed to make that choice on their own? Does the move strengthen the Red Sox in any of their communities: themselves, their fans, the American League East Division or in the eyes of Major League Baseball? What about some of the benefits that Woods listed: will the Red Sox players be more productive or indeed even have greater employee satisfaction? Will the employees become more self-governing and impose discipline among themselves? What about those pesky Buffalo wings that were NOT banned; what role do they play in all of this? Alas, I do not have answers for the above, only questions, questions, and more questions…

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Ryan Braun and Building Employee Trust in Your Compliance Program

Most people who have a modicum of interest in baseball now know that Ryan Braun was successful in the appeal of his 50 game suspension by Major League Baseball (MLB) for testing positive for performance enhancing drugs; i.e.: elevated levels of testosterone. The suspension had been levied based upon tests taken late last season, at the conclusion of which Braun was awarded the National League’s Most Valuable Player (MVP) award for the most sterling season, with a Batting Average of .332 with 33 home runs and 111 RBIs while leading the Brewers to the National League (NL) Central title. Although the entire process is required to be confidential under the MLB collective bargaining agreement with the players’ union, both the test results and notice of Braun’s appeal were leaked to the press by person or persons unknown.

Braun won his award because the sample of his urine that was tested was not handled in compliance with the MLB/Players’ Union agreed upon testing protocol. The worker who took the sample did not deliver it to FedEx on the same day the sample was taken from Braun because he said it was Friday night, after 8 PM and all the FedEx offices were closed. (A quick note here that anyone who has ever been an associate at a law firm knows just how bogus that excuse is as there is ALWAYS a FedEx office open. My suggestion is next time to try the airport.) Instead the employee of the drug testing company took the sample home and kept it in his refrigerator over the weekend. This failure to deliver the sample, as required by the agreed upon testing protocol, was enough to allow a tripartite panel of arbitrators to overturn the suspension by a 2-1 vote.

As equally important as it is to have a written process in place, it is as important to follow this process. In the realm of individual rights this is called procedural fairness and it is one of the things that will bring credibility to your Compliance Program. Following an agreed upon process is called the Fair Process Doctrine and this Doctrine generally recognizes that there are fair procedures, not arbitrary ones, in a process involving rights. Considerable research has shown that people are more willing to accept negative, unfavorable, and non-preferred outcomes when they are arrived at by processes and procedures that are perceived as fair. Adhering to the Fair Process Doctrine in two areas of your Compliance Program is critical for you, as a compliance specialist, or for your Compliance Department to have credibility with the rest of the workforce.

This is particularly true in the realm of discipline in your compliance program. If you define a process that is to be followed by all employees when an event occurs, then the company must also follow its procedures in the investigation and administration of discipline. Discipline must not only be administered fairly but it must be administered uniformly across the company for the violation of any compliance policy. Simply put if you are going to fire employees in South America for lying on their expense reports, you have to fire them in North America for the same offense. It cannot matter that the North American employee is a friend of yours or worse yet a ‘high producer’. Failure to administer discipline uniformly will destroy any vestige of credibility that you may have developed.

In addition to the area of discipline, which may be administered after the completion of any compliance investigation, you must also place compliance firmly as a part of ongoing employee evaluations and promotions. If your company is seen to advance and only reward employees who achieve their numbers by whatever means necessary, other employees will certainly take note and it will be understood what management evaluates, and rewards, employees upon this. I have often heard the (anecdotal) tale about some Far East Region Manager which goes along the following lines “If I violate the Code of Conduct I may or may not get caught. If I get caught I may or may not be disciplined. If I miss my numbers for two quarters, I will be fired”. If this is what other employees believe about how they are evaluated and the basis for promotion, you have lost the compliance battle.

So, just as Lin-sanity can inform your compliance program, the Ryan Braun suspension and reversal can also inform your compliance program. To build a solid compliance program, trust by your employees that they will be treated fairly is required. Companies can build trust by living their stated values as set out in their company Code of Conduct and compliance program. As reported in the New York Times (NYT), MLB has come “out firing against Braun, with Rob Manfred, the executive vice president for labor relations, saying in a statement that the league “vehemently disagrees” with” the arbitration ruling. If MLB wants to have any credibility it must follow its own agreed upon testing procedures. So quit whining, if you set up a procedure, you had best follow it. The Procedural Fairness Doctrine requires nothing less.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012