Right to Retire Or Termination: Remediation of Leadership To Foster Compliance

Many historians have long given 476 AD as the date of the fall of the Roman Empire. Further, it was from this date forward that Europe began its long slide into the abyss, which came to be known as the Dark Age. However, this view was challenged in 1971 by Peter Brown, with the publication of his seminal work “The World of Late Antiquity”. One of the precepts of Brown’s work was to reinterpret the 3rd to 8^th centuries not as simply a decline of the greatness that had been achieved in the heydays of the Roman Empire, but more on their own terms. It was in the year of 476 AD that the last Roman Emperor, Romulus Augustulus, left the capital of Rome in disgrace. However as Brown noted, he was not murdered or even thrown out but allowed to retire to his country estates, sent there by the conquers of the western half of the Roman Empire, the Goths. Not much conquering going on if a ruler is allowed to ‘retire’, it was certainly a replacement but not quite the picture of marauding barbarians at the gate.

I thought about this anomaly of retirement by a leader in the context where a company or other entity might be going through investigations for corruption and non-compliance with such laws as the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act. Yesterday I wrote about three recent articles and what they showed about a company’s oversight of its foreign subsidiaries. Today I want to use these same articles to explore what a company’s response and even responsibility should be to remediate leadership under which the corruption occurs. The first was an article in the New York Times (NYT), entitled, “Another Scandal Hits Citigroup’s Moneymaking Mexican Division” by Michael Corkery and Jessica Silver-Greenberg. Their article spoke about the continuing travails of Citigroup’s Mexican subsidiary Banamex. Back in February, the company reported “a $400 million fraud involving the politically connected, but financially troubled, oil services firm Oceanografía.”

This has led Citigroup to ever so delicately try to oust the leader of its Mexico operations, Mr. Medina-Mora, by encouraging him to retire. While Citigroup did terminate 12 individuals around the Oceanografía scandal earlier in the year, it has not changed the employment status of the head of the Mexico business unit. This may be changing as the article said, “In a delicate dance, Citigroup is encouraging its Mexico chairman, Manuel Medina-Mora, 64, to retire, according to four people briefed on the matter. The bank has been quietly laying the groundwork for his departure, which could come by early next year, the people said. Still, Mr. Medina-Mora’s business acumen and connections to the country’s ruling elite have made him critical to the bank’s success in Mexico. Citigroup and its chairman, Michael E. O’Neill, cannot afford to alienate Mr. Medina-Mora and risk jeopardizing those relationships, these people said.”

Should Mr. Medina-Mora be allowed to retire? Should he even be required to retire? What about the ‘mints money’ aspect of the Mexican operations for Citigroup? Was any of that money minted through violations of the FCPA or other laws? What will the Department of Justice (DOJ) think of Citigroup’s response or perhaps even its attitude towards this very profitable business unit and Citigroup’s oversight, lax or other?

Does a company have to terminate employees who engage in corruption? Or can it allow senior executives to gracefully retire into the night with full pension and other golden parachute benefits intact? What if a company official “purposely manipulated appointment data, covered up problems, retaliated against whistle-blowers or who was involved in malfeasance that harmed veterans must be fired, rather than allowed to slip out the back door with a pension.” Or engaged in the following conduct, “had steered business toward her lover and to a favored contractor, then tried to “assassinate” the character of a colleague who attempted to stop the practice.” Finally, what if yet another company official directed company employees to “delete hundreds of appointments from records” during the pendency of an investigation?

All of the above quotes came from a second NYT article about a very different subject. In the piece, entitled “After Hospital Scandal, V.A. Official Jump Ship”, Dave Phillips reported that two of the four VA Administration executives who engaged in the above conduct and were selected for termination, had resigned before they could be formally terminated. The article reported that the VA “had no legal authority to stop” the employees from resigning. Current VA Secretary Robert McDonald was quoted in the article as saying, “It’s also very common in the private sector. When I was head of Procter & Gamble, it happened all the time, and it’s not a bad thing — it saves us time and rules out the possibility that these people could win an appeal and stick around.” Plus, he said, their records reflect that they were targeted for termination. “They can’t just go get a job at another agency,” Mr. McDonald said. “There will be nowhere to hide.”

The third article was in the Wall Street Journal (WSJ) and entitled, “GM Says Top Lawyer to Step Down”. In this piece, reporters John D. Stroll and Joseph B. White, with contributions from Chris Matthews and Joann Lublin, reported that General Motors (GM) General Counsel (GC) Michael Millikin will retire early next year. Milliken is famously the GC who claimed not to know what was going on in his own legal department around the group’s settlements of product liability claims of faulty ignition switches. Milliken claimed he was kept “in the dark” by his own lieutenants about the safety issues involved with this group of litigation. Does Milliken have any responsibility for the failures of GM around this safety issue? What does his apparent graceful retirement say about the corporate culture of GM and its desire to actually change anything in the light of its ongoing travails? Of course one might cynically point to GM’s failure to even have a Chief Ethics and Compliance Officer as evidence of the company’s attitude towards compliance and ethics. (I wonder how that might look to the DOJ/Securities and Exchange Commission (SEC) if GM goes under any FCPA scrutiny?)

With Citigroup, the Department of Veterans Affairs and GM, we have three separate excuses for companies (and a Cabinet level department) not disciplining top employees for ethical and/or compliance failures. At Citigroup, the excuse is apparently that it does not want to rock the boat from a top producing foreign subsidiary by terminating the head of the subsidiary under investigation. At the Department of Veterans Affairs, the excuse seems to be they can go ahead and resign because we prefer to get rid of them that way. At GM, it is not clear why the GC who claimed not to know what was going on in even his own law department can ride off into the sunset with nary a contrary word in sight. Millikin’s conduct would seem to be the product of a larger cultural issue at GM.

I thought about how the DOJ might look at these situations for companies if a FCPA claim were involved. Even with McDonald’s observations about what happened when he was with Procter & Gamble; does a company show something less than commitment to having a culture of compliance if it allows an employee to retire? What does it say about Citigroup and its culture given the current dance it is having with its head of the Mexico unit? What about GM and its Sgt. Schultz of a GC and his ‘I was in the dark posture’? As stated by Mike Volkov, in his post entitled “Goodbye Mr. Millikin: GM’s Continuing Culture Challenges”, GM does under appear to understand the situation it finds itself in currently over its failures. He wrote, “GM still does not understand the significance of its governance failure…GM should have taken dramatic and affirmative steps to create a new culture – resources and new initiatives should be launched to rid GM of its current culture and replace it with a new speak up culture. It is a daunting task in such a large company but it has to be done. Until GM wakes up, missteps and failures will continue.” One might say the same for Citigroup and the Department of Veterans Affairs as well.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

Carlton Fisk, The Homer and Oversight of a Profitable Subsidiary

Today we celebrate one of the great moments in World Series history. At approximately at 12:34 AM on this date in 1975, Carlton Fisk came to bat at the bottom of the 12^th, in Game 6 of the World Series between the Boston Red Sox and Cincinnati Reds. He hit a pitch down the left field line. He stood at the plate, bouncing up and down and flailing at the ball as though he was helping an airplane land on a dark runway. “I was just wishing and hoping,” he said at a ceremony some years later. “Maybe, by doing it, you know, you ask something of somebody with a higher power. I like to think that if I didn’t wave, it would have gone foul.” Whether or not the waving was responsible, the ball bounced off of the bright-yellow foul pole above the Green Monster for a home run. Fenway’s organist played the Hallelujah Chorus from Handel’s Messiah while Fisk rounded the bases. One for the ages indeed as it appeared the Baseball Gods might finally be smiling on the Red Sox nation. Alas, they lost the next game and it was not to be for another 30 years.

I thought about Fisk’s homer and the ultimate heartbreak of Red Sox nation once again in 1975 when I read about several recent issues involving corruption and corporate responsibility for oversight, or perhaps more appropriately, the lack thereof. The first was an article in the New York Times (NYT), entitled “Another Scandal Hits Citigroup’s Moneymaking Mexican Division”, by Michael Corkery and Jessica Silver-Greenberg. Their article spoke about the continuing travails of Citigroup’s Mexican subsidiary Banamex. Back in February, the company revealed “a $400 million fraud involving the politically connected, but financially troubled, oil services firm Oceanografía.”

However, company investigators have unearthed another problem at the Mexico unit. The article reported “An internal investigation, begun by Citigroup in July, found evidence that the security unit was overcharging vendors and may have been taking kickbacks, a person briefed on the investigation said. The internal inquiry also found shell companies that had been set up to look like vendors and receive payments from the Banamex unit.” In a statement reported in the piece, Citigroup’s Chief Executive Officer (CEO) Michael L. Corbat “called the conduct of the individuals in the security unit ‘appalling’”.

What I found most interesting in the article was the response of Citigroup and what its implications might mean for the compliance practitioner, particularly one whose company is under scrutiny for a Foreign Corrupt Practices Act (FCPA) violation by the Department of Justice (DOJ) and Securities and Exchange Commission (SEC). The NYT piece made clear that the Mexico unit is so profitable that it figuratively “mints money” for the company. Moreover, “despite the latest headline-grabbing turmoil at Banamex, Citigroup does not want to cede any ground in Mexico where it dominates a large portion of the retail market.”

What is the responsibility for a US corporate parent when a foreign subsidiary ‘mints money’ for the company? Should the corporate parent pay closer attention to make sure the subsidiary is doing business in compliance with the FCPA and other relevant laws? In the past few posts, I have discussed some of the specific internal controls a compliance practitioner might consider for a company’s international operations. One of the problems Citigroup is facing with the conduct of its Mexico subsidiary is the company’s concern of “lax controls and oversight”. Moreover, there is concern that some part of the ongoing troubles in the Mexico unit relates to its head, Manuel Medina-Mora. Citigroup Chairman Michael O’Neill, was said to have “privately expressed concerns to board members that Mr. Medina-Mora, who is also co-president of the parent company, has not always relayed problems in the region to executives at the bank’s headquarters on Park Avenue, according to the people briefed on the matter. Instead of looping in executives in New York, Mr. Medina-Mora has at times chosen to handle the issues himself.”

How much oversight should a parent corporation have over a subsidiary? At a basic level it would seem that oversight should be enough to prevent and detect illegal conduct. Clearly, a Chief Compliance Officer (CCO) should be considering the entity-wide internal controls for a company. Under the FCPA accounting provisions, issuers can be held liable for the conduct of their foreign subsidiaries, even though the improper conduct occurred outside of the US. The scope of liability is based on the issuer’s incorporation of the subsidiary’s financial statements in its own records and SEC filings.

While a CCO should expect (and the DOJ & SEC for that matter) that internal controls at locations outside the US are of the same effectiveness as internal controls in US business units and at the US corporate office; unfortunately, that might not always be the case. It is often the case that corporate level internal controls are stronger than those in foreign business units. The Citigroup situation with its Mexican subsidiary would seem to be a clear example of the oft-cited reason that many companies were built through acquisitions, resulting in many business units (both in and outside the US) having completely different accounting and internal control systems than US corporate office. There is often a tendency to leave acquired companies in the state in which they were acquired, rather than trying to integrate their controls and conform them to those of current business units. After all, the reason for the acquisition was the profitability of the acquired company and nobody wants to be accused of negatively impacting profitability, especially one that ‘mints money’.

The second example is one a bit closer to home and it is that of the General Motors (GM) legal department. In an article in the Wall Street Journal (WSJ) entitled “GM Says Top Lawyer to Step Down”, John D. Stroll and Joseph B. White, with contributions from Christopher Matthews and Joann S. Lublin, reported that GM General Counsel (GC) Michael Millikin will retire early next year. Millikin was criticized after the GM internal investigation found that he ran the GM legal department in such a hands off manner that he did not know about his legal department’s own settlements for product liability claims involving faulty ignition switches until February of this year. His defense was that his own lawyers “left him in the dark” even though there was evidence that he had been repeatedly warned, “GM could face punitive damage awards related to its failure to address the safety defect.” Missouri Senator Claire McCaskill summed up sentiment about Milliken with her statement “This is either gross negligence or gross incompetence.” In other words if you are a GC or CCO you had better know what is going on in your own department. What would it say about a CCO who did not know that compliance department members were dealing with violations of the FCPA without informing him or her? It would say that the CCO failed to exercise leadership and oversight.

And while you are watching things closely, you may want to check out a clip of Carlton Fisk’s famous homer by clicking here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

Nixon Announces Resignation; GSK Just Resigns

On this day, 40 years ago, President Richard Nixon announced that he would resign the Office of the President, effective the next day on August 9 at noon. I can still remember my father instructing us to watch the resignation speech on television because, as he put it, it was history in the making. Before a nationally televised address to the country, Nixon said, “By taking this action,” he said in a solemn address from the Oval Office, “I hope that I will have hastened the start of the process of healing which is so desperately needed in America.” His action was hastened along by the Articles of Impeachment voted by the House of Representatives relating to his involvement with the Watergate Affair. With his resignation, Nixon was finally bowing to pressure from the public and Congress to leave the White House.

Yet, even before this truly historic speech and spectacle the next day of Nixon helicoptering off the South Lawn of the White House, Nixon had transformed the America we all lived in. One area that resonates up to this day is his opening with China. If it had not been for Nixon and his Secretary of State Henry Kissinger’s efforts, we might have waited a long time for an opening with China. But Nixon went there and opened China up to do business with the US and indeed the rest of the western world.

Unfortunately one of the much later fallouts from this visit and opening of China has been the corruption investigation by Chinese authorizes against western companies but most publicly the British pharmaceutical giant, GlaxoSmithKline PLC (GSK). And, more unfortunately, the bad news for GSK continues to trickle out into the press.

Next week, Shanghai’s No. 1 Intermediate People’s Court is scheduled to open a trial against Peter William Humphrey, a 58-year-old British national, and his wife, Yu Yingzeng, a 61-year-old American, on charges of illegally purchasing personal information about Chinese nationals. While the trial had originally been planned to be closed to the public, last month Chinese officials announced that the trial would be ‘open’ although the degree of openness is not completely clear.

Not only will the trial be open but the couple’s son, Harvey Humphrey, was allowed visited his parents in their detention center in Pudong, Shanghai, for the first time since their arrest. The visit came after some fierce lobbying by the US and UK consulates. As reported in the online publication FiercePharma, in an article entitled “GSK private eyes’ son allowed first visit to parents in China jail as trial nears”, their son said, “They didn’t quite believe I was coming. They were quite overwhelmed. My mum was shocked. My dad held himself together,” the younger Humphrey told the paper. “It’s a bit unusual for the Chinese to do this. I feel something has changed in the Chinese approach to my parents.” Son Harvey had written to the GSK’s Chief Executive Officer (CEO) Sir Andrew Witte last December to “take a few minutes to raise my father’s case” during a visit to the country, he told the Financial Times (FT), “I understand everything is complicated in China but it seems my parents are paying a big price”. But at this point there is no word on what if any involvement GSK might have in his parent’s defense.

It may be that GSK is way too busy right now worrying about all the other issues surrounding bribery and corruption. In an article in the Wall Street Journal (WSJ), entitled “FBI, SEC Start Glaxo Inquiries Over China”, Christopher M. Matthews and Hester Plumridge reported that in late July “Glaxo received an anonymous email claiming its employees in Syria bribed doctors and pharmacists over the past five years to promote products including painkiller Panadol and toothpaste Sensodyne. The bribes took the form of cash payments, speaking fees, trips, free dinners and free samples, said the email, which was reviewed by The Wall Street Journal. The email cited names and dates. Syrian health officials allegedly received bribes from Glaxo employees to fast-track registration of its Sensodyne dental products, including cash payments and a trip to a 2011 conference in Rome, the email maintains. Glaxo employees also were involved in smuggling a narcotic product from Syria into Iran, the email alleges. The product in question, pseudoephedrine, is a raw ingredient of Glaxo’s congestion medicine Actifed.”

GSK once again reiterated its previously announced position that it was firmly against the payments of bribes by its employees. In response to the allegations of bribes paid in Syria the WSJ article said, “Glaxo said it would thoroughly investigate all claims made in the Syria email, and said it has asked the sender for more information. The company said it has zero tolerance for unethical behavior, adding, “We welcome people speaking up if they have concerns about alleged misconduct.”” Too bad GSK didn’t seek more information about its Chinese operations when the company’s internal investigation came up with no evidence of bribery and corruption.

Much more problematic for GSK is the fact that both the SEC and DOJ have opened formal investigations into allegations of bribery and corruption by the company. The WSJ piece notes, “Federal Bureau of Investigation agents have been interviewing current and former GlaxoSmithKline employees in connection with bribery allegations in China, according to a person familiar with the matter, as fresh claims of corruption surfaced against Glaxo’s operations in Syria. The interviews have taken place in Washington, D.C., in the past few months and are part of a Justice Department investigation into Glaxo’s activities in China, the person added. The U.S. Securities and Exchange Commission also is investigating the company’s business in China, according to people familiar with the matter.”

As readers of this blog will recall from previous posts, in 2012 GSK pled guilty and paid $3 billion to resolve fraud allegations and failure to report safety. The press release noted that the resolution was the largest health care fraud settlement in US history and the largest payment ever by a drug company for legal violations. The criminal plea agreement also included certain non-monetary compliance commitments and certifications by GSK’s US president and Board of Directors, which specifically included an executed five-year Corporate Integrity Agreement (CIA) with the Department of Health and Human Services, Office of Inspector General. The plea agreement and CIA included provisions which required that GSK implement and/or maintain major changes to the way it does business, including changing the way its sales force is compensated to remove compensation based on sales goals for territories, one of the driving forces behind much of the conduct at issue in the prior enforcement action. Under the CIA, GSK is required to change its executive compensation program to permit the company to recoup annual bonuses and long-term incentives from covered executives if they or their subordinates, engaged in significant misconduct. GSK may recoup monies from executives who are current employees and those who have left the company. Additionally, the CIA also required GSK to implement and maintain transparency in its research practices and publication policies and to follow specified policies in its contracts with various health care payors.

The importance of the CIA for this anti-corruption investigation is that it not only applied to the specific pharmaceutical regulations that GSK violated but all of the GSK compliance obligations, including the Foreign Corrupt Practices Act (FCPA). In addition to requiring a full and complete compliance program, the CIA specified that the company would have a Compliance Committee, to include the Compliance Officer and other members of senior management necessary to meet the requirements of the CIA; the Compliance Committee’s job was to oversee full implementation of the CIA and all compliance functions at the company. These additional functions required a Deputy Compliance Officer for each commercial business unit, Integrity Champions within each business unit and management accountability and certifications from each business unit. Training of GSK employees was specified as a key component. Further, the CIA specifically state that all compliance obligations applied to “contractors, subcontractors, agents and other persons (including, but not limited to, third party vendors)”.

GSK is now under investigation, either internally or by anti-corruption regulators across the globe in at least four countries. Unlike other companies that have found systemic issues of bribery and corruption or systemic failures in internal controls, the allegations of bribery and corruption are not 10-15 years old. So today we commemorate Nixon’s resignation; and for GSK it may simply mean just resignation.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

Is Your Compliance Program Real?

The GSK attitude towards corruption in all its forms is simple: it is one of zero tolerance, whether committed by GSK employees, officers, complementary workforce or third parties acting for or on behalf of the company.

Source: GlaxoSmithKline – Code of Conduct

At the recent Corruption and Compliance Congress, Asia 2013, Seth Berman, Executive Managing Director, Stroz Friedberg LLC, said that ‘Is Your Compliance Program Real?’ is the question that would be asked of a company’s counsel who came in to discuss a potential violation of the Foreign Corrupt Practices Act (FCPA) with the Department of Justice. This question would seem to be apt, in light of the events now transpiring in China with GlaxoSmithKline (GSK) and the ongoing allegations of bribery and corruption that the company now finds itself in the middle of in China.

For those who may not know the story, GSK finds itself in serious bribery and corruption hot water in China over allegations that it funded a bribery scheme to get doctors to prescribe its drugs. According to a story in the Financial Times (FT), entitled “China steps up GSK bribery probe”, Andrew Jack and Leslie Hook reported that “The Chinese authorities have stepped up their investigation into GlaxoSmithKline accusing it of being the ringleader of a half-a-billion-dollar bribery scandal involving 700 companies.” They reported on a briefing given by “Gao Feng, the lead Chinese investigator on a probe into the UK drugs group, said police were examining Rmb3bn ($488m) in deals from as far back as 2007. Chinese police believe that GSK used travel agencies and consultancies as a conduit to bribe doctors and lawyers in order to boost sales and profits.”

In an article in the Wall Street Journal (WSJ), entitled “China Drops Hammer on Glaxo”, Laurie Burkitt and Chris Matthews reported on a televised interview of Liang Hong, the GSK China Vice President and Operations Manager, where he “described for viewers of China Central Television how staffers would allegedly organize conferences that never happened and divert the money to bribe government officials, hospitals and medical personnel to get them to use Glaxo’s products.” He was quoted as saying, “Dealing with some government departments requires some money that couldn’t be claimed normally under company expenses.” Burkitt and Matthews said that “The broadcast follows detailed allegations by China’s Ministry of Public Security on Monday accusing Glaxo of using travel agencies as vehicles to bribe hospitals, officials and medical personnel to sell more drugs at inflated prices. Officials also alleged the travel agencies offered what the officials called sexual bribes to Glaxo executives to keep company business.”

How strong do you think the GSK commitment to anti-corruption is? They certainly seem to say the correct things when confronted with such public allegations. In the FT article, it was reported that GSK said in a company released statement that “These allegations are shameful and we regret this has occurred. We are deeply concerned and disappointed by these serious allegations of fraudulent behaviour and ethical misconduct by certain individuals at the company and third-party agencies.”

But what about their actions? In another article in the FT, by Hook and Jack entitled “GSK is test case in China’s rules laboratory”, they listed a timeline in this matter. They noted that GSK had investigated claims of bribery and corruption and publicly announced that the company had found no such evidence of “bribery or corruption in relation to our sales and marketing…in China”. Further, the company claimed it was unaware of any allegations of bribery of doctors to prescribe its drugs until there was a public announcement by China’s Public Security Ministry on July 11.

We started with Seth Berman’s question and adapting it to GSK, just how real is the company’s compliance program? While I am sure they GSK management, much like Captain Renault in Casablanca is SHOCKED, SHOCKED, to discover that anyone in the company is engaged in corruption, the question remains just how real is the company’s compliance program. One of my FCPA mantras is the following: Document, Document and, Document. The reason being is that if you do not document what you have done, it never existed. So if you have performed the steps necessary to qualify third parties as sales or supply chain partners, it really only counts if you have documented each step in the process.

If your company has Chinese operations, what should you do about now? In another WSJ article by Chris Matthews, entitled “Western Companies Sweat as Glaxo Probe Unfolds”, he warns that “The rapidly unfolding bribery probe by Chinese authorities into the U.K. drug maker has alarmed Western companies with business there that are accustomed to highly-publicized corruption crackdowns on Chinese officials, but who see the Glaxo matter as new territory, China watchers said. The push against Glaxo could signal that a new anticorruption push in China could now also include foreign companies.” I would suggest that a review of your sales operations is in order, as in immediately. Matthews quoted Joe Warin, a partner at Gibson Dunn & Crutcher LLP, who said, “In particular, companies should examine relationships with travel agencies and event-planning companies, which have long been an “Achilles heel” in China”. The first thing that you should check on is to see the spend that you have with any Chinese travel agencies. You should then match up all receipts and other documentation with all costs to see if there is anything out of line.

However, you should also look at your own employee base. Regarding a company’s own employees, Matthew quoted Jerome Cohen, co-director of New York University School of Law’s U.S.-Asia Law Institute, for the following, “This is a fairly obvious warning that companies need to conscientiously scrutinize the activities of their employees there”. Remember the Eli Lilly FCPA enforcement action brought by the Securities and Exchange Commission (SEC) late last year? The bribery scheme which got Lilly into trouble in China involved its own employees, who inflated their expense accounts and used the extra money to pay bribes to secure sales.

It is clear that companies should follow Matthews’ advice that “multinationals need to scour their operations in China to limit their vulnerability to future investigations.” Now is the time to begin your own investigations because you certainly do not want to be like GSK and find out about allegations that your employees engaged in a multi-year, multi-million dollar bribery and corruption scheme through a public pronouncement from the Chinese Public Security Ministry.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

McNulty’s Maxim No. 3 and Response to Allegations of Bribery

In a Wall Street Journal (WSJ) article by Chris Matthews, Joe Palazzolo and Shira Ovide, entitled “U.S. Probes Microsoft Bribery Allegations”, they reported that the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) were investigating “kickback allegations made by a former Microsoft representative in China, as well as the company’s relationship with certain resellers and consultants in Romania and Italy”. A whistleblower alleged that an executive of Microsoft’s China subsidiary had told the whistleblower “to offer kickbacks to Chinese officials in return for signing off on software contracts”. Additionally, they reported that “investigators are also reviewing whether Microsoft had a role in allegations that resellers offered bribes to secure software deals with Romania’s Ministry of Communications”.

Interestingly, as reported by Chris Matthews in a WSJ post in Corruption Currents, entitled “Microsoft Responds to FCPA Allegations”, Microsoft publicly responded to the reports. Matthews reported that Deputy General Counsel (GC) John Frank wrote in a blog post “As our company has grown and expanded around the world, one of the things that has been constant has been our commitment to the highest legal and ethical standards wherever we do business”. Frank also said that “The matters raised in the Wall Street Journal are important, and it is appropriate that both Microsoft and the government review them.”

Commenting on this situation with Microsoft, Alexandra Wrage, President of Trace International, wrote an article on Forbes.com, entitled “Microsoft And The Rising Federal Scrutiny Of Bribery”, where she said, “All of this should not be discouraging to companies worried about complying with anti-bribery laws. Strong compliance programs, even those that fail to prevent all forms of bribery, do provide protection from liability. “[A] company’s failure to prevent every single violation does not necessarily mean that a particular company’s compliance program was not generally effective,” write the DOJ and SEC in their recently published Resource Guide to the FCPA. “[The] DOJ and SEC…do not hold companies to a standard of perfection,” the Guide continues. This may not be enough to guarantee corporate compliance officers a full night’s rest, but it should provide some comfort.”

Wrage also noted that the Microsoft investigation underscores that fact that with any company that does business internationally you cannot watch all the people, or indeed all the third parties, all the time and that violations of anti-corruption laws such as the FCPA or anti-bribery laws, such as the UK Bribery Act, are a constant risk in worldwide business operations. She believes that Microsoft, by all accounts, would appear a robust anti-bribery compliance program. She understands that Microsoft’s Standards of  Business Conduct intones a strict policy against bribes, quoting it for the following:

“Microsoft prohibits corruption of government officials and the payments of bribes or kickbacks of any kind, whether in dealings with public officials or individuals in the private sector. Microsoft is committed to observing the standards of conduct set forth in the United States Foreign Corrupt Practices Act and the applicable anti-corruption and anti-money laundering laws of the countries in which we operate.”

The company also requires all outside vendors to read and comply with the Microsoft Vendor Code of Conduct, which also prohibits incentives such as kickbacks or bribes.

But, as she says, for a large multinational like Microsoft, which has offices in more than 100 countries, it does not always mean that thousands of business partners all across the globe will be compliant all of the time. Indeed, as admitted by Microsoft Deputy GC Frank in his blog post, “In a company of our size, allegations of this nature will be made from time to time. It is also possible there will sometimes be individual employees or business partners who violate our policies and break the law. In a community of 98,000 people and 640,000 partners, it isn’t possible to say there will never be wrongdoing.”

I think the final quote from Frank above, points to the specific usefulness of the Guidance, which states, “In the end, if designed carefully, implemented earnestly, and enforced fairly, a company’s compliance program—no matter how large or small the organization—will allow the company generally to prevent violations, detect those that do occur, and remediate them promptly and appropriately.” These three clauses point to Paul McNulty’s three maxims but the Microsoft response points to McNulty Maxim No. 3, “What did you do about it?

I have asked Paul what he meant by this which he broke down into two parts. The first part is did you investigate it thoroughly and did you remediate those factors which led to the underlying issue? As reported by Matthews, Palazzolo and Ovide “The allegations in China were also the subject of a 10-month internal investigation that Microsoft concluded in 2010, according to people briefed on the internal investigation. The probe, conducted by an outside law firm, found no evidence of wrongdoing, these people said.” As noted above, DOJ and SEC lawyers are now looking at these allegations, as well as those issues in Romania and Italy.

The second part is what remediation did you do? At this point it is not clear what remediation, if any, will be appropriate so we may have to leave that prong open at this time. However, there is one other matter brought up by the Guidance that is certainly raised in the context of this Microsoft matter that should be looked at. It is government involvement. One of the nine factors listed in the US Sentencing Guidelines state, “the corporation’s timely and voluntary disclosure of wrongdoing and its willingness to cooperate in the investigation of its agents”. Further, the Guidance makes clear throughout that a company benefits from self-disclosing and cooperating with the government. While it is not clear if Microsoft self-disclosed anything back in 2010 when it conducted its internal investigation, it does appear that it is cooperating with the DOJ and SEC at this time.

While several commentators have pointed to this Microsoft matter as an example of how difficult it might be to do business in full compliance with the US Foreign Corrupt Practices Act (FCPA) all the time, I draw a different lesson from this matter. I believe that an aggressive approach to McNulty Maxim No. 3 shows that it is not about how hard it is to do business internationally, or that the FCPA is too difficult to follow; but it is the strength of your compliance program and your response to allegations which should be the determinative factor for compliance. I think McNulty’s advice was good when I initially heard and I think it is good now. Moreover, it is a part of the FCPA Guidance which shows it is not just how McNulty might think through these issues but how the DOJ and SEC do so as well.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

How Does Your Organization Treat Whistleblowers?

As almost everyone knows, Lance Armstrong spoke for the first time about his performance enhancing drug (PED) use recently on Oprah. On the first night he admitted for the first time that he used PEDs during his seven wins at the Tour De France. The title of my colleague Doug Cornelius’ piece in Compliance Building really said it all in his article “Lance Armstrong – A Lying Liar Just Like Madoff”. Cornelius said “What caught my attention about the Armstrong interview was the window into the mind of a pathological liar. Armstrong had been telling the lie over and over and over. He lied to the public. He lied to the press. He lied to cancer survivors. He lied under oath.”

One of the areas which came up for me was how the people who blew the whistle on Armstrong’s use of PEDs before his admission were treated and how Armstrong subsequently treated them. Armstrong admitted that he was a ‘bully’ to those who said, hinted, or even implied that he had taken PEDs. He attacked ex-teammates; wives of ex-teammates and even a masseur who saw him take such substances. He put on an aggressive PR campaign for the better part of the past decade, to which the wife of ex-Tour De France winner Greg LeMond said “I can’t describe to you the level of fear that he brings to a family.”

While I would hope that most American and European companies have moved past the situation where whistleblowers are ostracized or worse threatened, one can certainly remember the GlaxoSmithKline (GSK) whistleblower Cheryl Eckard. A 2010 article in the Guardian by Graeme Wearden, entitled “GlaxoSmithKline whistleblower awarded $96m payout”, he reported that Eckard was fired by the company “after repeatedly complaining to GSK’s management that some drugs made at Cidra were being produced in a non-sterile environment, that the factory’s water system was contaminated with micro-organisms, and that other medicines were being made in the wrong doses.” She later was awarded $96MM as her share of the settlement of a Federal Claims Act whistleblower lawsuit. Eckard was quoted as saying, “It’s difficult to survive this financially, emotionally, you lose all your friends, because all your friends are people you have at work. You really do have to understand that it’s a very difficult process but very well worth it.”

More recently there was the example of NCR Corp., as reported in the Wall Street Journal (WSJ) by Christopher M. Matthews and Samuel Rubenfeld, in an article entitled “NCR Investigates Alleged FCPA Violations”, who stated that NCR spokesperson Lou Casale said “While NCR has certain concerns about the veracity and accuracy of the allegations, NCR takes allegations of this sort very seriously and promptly began an internal investigation that is ongoing,” regarding whistleblowers claims of Foreign Corrupt Practices Act (FCPA) violations. In a later WSJ article by Matthews, entitled “NCR Discloses SEC Subpoena Related to Whistleblower”, he reported that NCR also said “NCR has certain concerns about the motivation of the purported whistleblower and the accuracy of the allegations it received, some of which appear to be untrue.”

Lastly, is the situation of two whistleblowers from the British company EADS. As reported by Carola Hoyos in a Financial Times (FT) article, entitled “Emails tell of fears over EADS payments”, Hoyos told the story of two men who notified company officials of allegations of bribery and corruption at the company and who suffered for their actions. The first, Mike Paterson, the then financial controller for an EADS subsidiary GPT, internally reported “unexplained payments to the Cayman Island bank accounts for Simec International and Duranton International, which totaled £11.5M between 2007 and 2009.” Hoyos reported that Paterson was so marginalized in his job that he was basically twiddling his thumbs all day at work.

The second whistleblower was Ian Foxley, a retired British lieutenant-colonel, who had joined the company in the spring of 2010 stationed in Saudi Arabia, to oversee a £2M contract between the British Ministry of Defence (MOD) and the Saudi Arabian National Guard. In December 2010, Foxley discovered some of the concerns which Mike Paterson had raised. According to Hoyos, “The morning after he discovered Mr. Paterson’s concerns he assessed the emails that Mr. Paterson had told him he had written over the previous three years.” This led Foxley to flee Saudi Arabia with documents of these suspicious payments, which he has turned over to the Institute of Chartered Accountants and the UK Serious Fraud Office (SFO).

What does the response of any of these three companies say about the way that it treats whistleblowers? Is it significantly different from the bullying Armstrong admitted he engaged in during his campaign to stop anyone who claimed that he was doping? While I doubt that companies will ever come to embrace whistleblowers, the US Department of Justice’s (DOJ’s) recent FCPA Guidance stated that “An effective compliance program should include a mechanism for an organization’s employees and others to report suspected or actual misconduct or violations of the company’s policies on a confidential basis and without fear of retaliation.” However, by marginalizing, attacking or even making a whistleblower fear for their life, such actions can drive a whistleblower to go the DOJ, Securities and Exchange Commission (SEC) or SFO. The Guidance recognized that “Assistance and information from a whistleblower who knows of possible securities law violations can be among the most powerful weapons in the law enforcement arsenal.”

So what is the compliance professional to make of the Armstrong confession and how can it be used for a compliance program? A recent White Paper, entitled “Blowing the Whistle on Workplace Misconduct”, released by the Ethics Resource Center (ERC) detailed several findings that the ERC had determined through surveys, interviews and dialogues. One of the key findings in this White Paper was that that a culture of ethics within a company does matter. Such a culture should start with a strong commitment to ethics at the top, however it is also clear that this message must be reinforced throughout all levels of management, and that employees must understand that their company has the expectation that ethical standards are vital in the business’ day-to-day operations. If employees have this understanding, they are more likely to conduct themselves with integrity and report misconduct by others when they believe senior management has a genuine and long-term commitment to ethical behavior. Additionally, those employees who report misconduct are often motivated by the belief that their reports will be properly investigated. Conversely, most employees are less concerned with the particular outcome than in knowing that their report was seriously considered.

This is the ‘Fair Process Doctrine’. This Doctrine generally recognizes that there are fair procedures, not arbitrary ones, in a process involving rights. Considerable research has shown that people are more willing to accept negative, unfavorable, and non-preferred outcomes when they are arrived at by processes and procedures that are perceived as fair. Adhering to the Fair Process Doctrine in two areas of your Compliance Program is critical for you, as a compliance specialist or for your Compliance Department, to have credibility with the rest of the workforce.

In this area is that of internal company investigations, if your employees do not believe that the investigation is fair and impartial, then it is not fair and impartial. Furthermore, those involved must have confidence that any internal investigation is treated seriously and objectively. One of the key reasons that employees will go outside of a company’s internal hotline process is because they do not believe that the process will be fair.

This fairness has several components. One would be the use of outside counsel, rather than in-house counsel, to handle the investigation. Moreover, if company uses a regular firm, it may be that other outside counsel should be brought in, particularly if regular outside counsel has created or implemented key components which are being investigated. Further, if the company’s regular outside counsel has a large amount of business with the company, then that law firm may have a very vested interest in maintaining the status quo. Lastly, the investigation may require a level of specialization which in-house or regular outside counsel does not possess.

Phrasing it in another way, Mike Volkov, writing in his blog Corruption, Crime and Compliance, in an article entitled “How to Prevent Whistleblower Complaints”, had these suggestions: (1) Listen to the Whistleblower – In dealing with a whistleblower, it is critical to listen to the whistleblowers concerns. (2) Do Not Overpromise – At the conclusion of an initial meeting with a whistleblower, the company representative should inform the whistleblower that the company will review the allegations, conduct a “preliminary” investigation and report back to the whistleblower during, or at the conclusion of, any investigation. (3) Conduct a Fair Investigation – Depending on the nature of the allegations, a follow up inquiry should be conducted. The steps taken in the investigation should be documented.

I would add that after your investigation is complete, the Fair Process Doctrine demands that any discipline must not only be administered fairly but it must be administered uniformly across the company for the violation of any compliance policy. Simply put if you are going to fire employees in South America for lying on their expense reports, you have to fire them in North America for the same offense. It cannot matter that the North American employee is a friend of yours or worse yet a ‘high producer’. Failure to administer discipline uniformly will destroy any vestige of credibility that you may have developed.

Lance Armstrong has and will continue to provide the ethics and compliance practitioner with many lessons. You can use his treatment of whistleblowers as an opportunity to review how your company treats such persons who make notifications of unethical or illegal conduct. With the increasing number of financial incentives available to persons to blow the whistle to government agencies, such as the SEC under the Dodd-Frank Act, it also makes very good business sense to do so.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013