FCPA Compliance and Ethics Blog

March 7, 2014

Machiavelli for Chief Compliance Officers

The PrinceLast year was the 500th anniversary of the publication of one of the most significant books on political theory ever written, The Prince by Niccolò Machiavelli. Just how evil do many people view the treatise? Consider that the book alone is responsible for bringing the word “Machiavellian” into usage as a pejorative term. It also helped make “Old Nick” an English term for the devil, and even contributed to the modern negative connotations of the words “politics” and “politician” in western countries (imagine him pre-saging the US Congress by 500 years). However, it is also view by many as one of the first works of modern philosophy, especially modern political philosophy, in which the effective truth is taken to be more important than any abstract ideal. It was also in direct conflict with the dominant Catholic and scholastic doctrines of the time concerning how to consider politics and ethics.

Many also find it a useful learning tool for a company’s management; though not the part about sawing a poor performing employee in half, literally. For instance in the Texas Lawyer, Work Matters column, Michael P. Maslanka wrote an article, entitled “Machiavelli’s 6 Insights for the General Counsel”. Duly inspired, I have adapted his thoughts for the Chief Compliance Officer (CCO).

Lesson No. 1 – Heed Selected Advice from Selected Advisors

While in medieval Florence, the Prince ruled as the supreme monarch, he still needed advisors. Today, we are called subject matter experts (SMEs). Maslanka advises that “the prince decides from whom and about what he wants counsel, plus when he wants the advisers to offer it.” More importantly, a “prince’s demeanor must encourage truth telling. This creates a virtuous circle from which “everyone may see that the more freely he speaks, the more he will be accepted.””

For the CCO this means that you should find a trusted SME or set of SMEs which you can bounce issues off and they will answer the question. This does not mean to provide you a Memo or some type of cover. You need advisors who will give answers as to what you can and cannot do under such laws as the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act. Moreover, they should be able to point out how to manage risks with increasing oversight as the risk profile increases. 

Lesson No. 2 –  Niccolò is Not Tony Soprano

Unlike Tony, who can do whatever he wants, whenever he wants. Maslanka writes that “As law professor Philip Bobbitt observes in “The Garments of Court and Palace: Machiavelli and the World He Made,” this reasoning undergirds international law, allowing the aggrieved party to disavow its obligations because the reasons for entering into the agreement initially have evaporated.”

For the CCO this means something like the following story. If a company president says that he wants to engage in some transaction or engage a particular agent and you tell him if he does so, he runs the risk of violating the FCPA; he might have a couple of responses. First, he might say that such risk is above his risk tolerance and he will not engage in the behavior. However, he might also say, that you are the compliance professional, you figure out a way to do it legally. What I think that means is that as the risk goes up, the management of that risk also goes up. Would such a response be more costly or more intrusive? Probably, but if there is a way to manage a compliance risk and not violate the FCPA, I think you can legitimately suggest that to your company president.

Lesson No. 3  If you treat others well, they will treat you well

Channeling his inner Machiavelli and HR 101, Maslanka quotes from The Prince when he writes, “A prince must … show himself a lover of merit, give preferment to the able, and those who excel in every act.” Maslanka then notes, “Who invented the suggestion box (aka incentivized ideas)? That’s right: Niccolò. “The prince should offer rewards to whoever … seeks in any way to improve his city or state.””

For the CCO this means that if you are honest and fair with people they will be much more willing to accept bad news in return. This is the basis of the Fair Process Doctrine. If a whistleblower brings allegations of corruption or a violation of your company’s Code of Conduct, keep that whistleblower apprised of the situation as is reasonable to do so.

Lesson No. 4 – People are bad. Work with it

No doubt channeling his inner FCPA Professor on rogue employees, Machiavelli says that there are bad people out there. Maslanka writes, “Not only are they bad but they “are ungrateful, fickle, desolators, apt to flee peril, covetous of gain.”” There are people who will see compensation as the be-all and end-all of corporate life. There are those beyond that who will work to defraud companies. Maslanka’s reading of The Prince leads him to write, “Ditch the naïveté and embrace a complex world. Use a one/two punch: Yes, we must have good laws, but we also must have “good arms.” Yes, be a lion (it’s good for dismaying wolves) but also be a fox (that’s good for recognizing traps).”

For the CCO this means you should have a effective process to ‘prevent, detect and remediate’ violations of your FCPA compliance program.

Lesson No. 5 – Be neither a yellow stripe nor a dead armadillo

Maslanka states “Jim Hightower, former Texas agriculture commissioner, famously remarked that the only items in the middle of the road are yellow stripes and dead armadillos. Machiavelli could not have agreed more. His advice: Take sides. Do not stay neutral. Cowboy up.” In other words, man up.

For the CCO, I think this translates into ‘take a stand’ when you have to do so. Yesterday I wrote about CCOs and the analogy of the Alamo. If you have to draw a line in the sand, do so. The responses to the blog post were interesting in that they were thankful that I pointed out what might happen to a CCO when they do draw the proverbial ‘line in the sand’ but they thought they were better for having done so. Unfortunately if a company moves forward and does not heed such advise it may be the entity that faces sanctions for violating the FCPA.

Lesson No. 6 – Adapt, adapt, adapt

Maslanka wrote, “before Charles Darwin, Machiavelli grasped the power of adaptation. Whoever “adapts his mode of proceeding to the quality of the times is happy and similarly, he whose procedure disagrees with the times is unhappy.” Adaptation is crucial because fortune changes, the earth moving under our feet without warning. Machiavelli’s counsel: Adapt a mindset of being impetuous, not cautious; ferocious, not timid; calculating, not blindly trusting.” In other words, when in doubt, act.

For the CCO this means that you must assess and then act upon that assessment. In the compliance realm this is particularly true because risks change, now so quickly it is sometimes hard to keep track. Even if you perform a risk assessment every two years and believe you have assessed and remediated the new risks; how do you deal with the new environment in places like Ukraine and Turkey? What about China? Have you looked into your Chinese subsidiary’s use of travel agencies? How up to date is the due diligence on your third parties?

Maslanka ends his article with the following, “Machiavelli never wrote that the ends justify the means, and he didn’t intend that to be his message. He believed in what people now call “servant leadership,” which would be a subordination of the prince’s needs and ego to the greater good. In his case, that was a unified Italy, free of foreign domination, achieved by using the principled and humane values—yes, humane values—that he wrote about in “The Prince.” It’s this servant leadership that suits GCs and the C-level executives that they advise.”

I would heartily agree with his sentiment but revise ‘GC’ to CCO.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

March 6, 2014

Remember the Alamo: Analogy for Compliance Officers?

Remember the AlamoToday is the anniversary of the most historic day of many in the history of the great state of Texas, the date of the fall of the Alamo. While March 2, Texas Independence Day, when Texas declared its independence from Mexico and April 21, San Jacinto Day, when Texas won its independence from Mexico, probably both have more long-lasting significance, if it is one word that Texas is known for around the world, it is the Alamo. The Alamo was a crumbling Catholic mission in San Antonio where 189 men, held out for 13 days from the Mexican Army of General Santa Anna, which numbered approximately 1,800. But on this date in 1836, Santa Anna unleashed his forces, which over-ran the mission and killed all the fighting men. Those who did not die in the attack were executed and all the deceased bodies were unceremoniously burned. Proving he was not without chivalry, Santa Anna spared the lives of the Alamo’s women, children and their slaves. But for Texans across the globe, this is our day to Remember the Alamo.

While Thermopylae will always go down as the greatest ‘Last Stand’ battle in history, the Alamo is right up there in contention for Number 2. Like all such battles sometimes the myth becomes the legend and the legend becomes the reality. In Thermopylae, the myth is that 300 Spartans stood against the entire 10,000 man Persian Army. However there was also a force of 700 Thespians (not actors; but citizens from the City-State of Thespi) and a contingent of 400 Thebans who fought and died alongside the 300 Spartans. Somehow, their sacrifice has been lost to history.

Likewise, the legend that lifts the battle of the Alamo to the land of myth is the line in the sand. The story goes that William Barrett Travis, on the day before the final attack, when it was clear that no reinforcements would arrive in time and everyone who stayed would perish; called all his men into the plaza of the compound. He then pulled out his saber and drew a line in the ground. He said that they were surrounded and would all likely die if they stayed. Any man who wanted to stay and die for Texas should cross the line and stand with him. Only one man, Moses Rose, declined to cross the line. The immediate survivors of the battle did not relate this story after they were rescued and this line in the sand tale did not appear until the 1880s.

But the thing about ‘last stand’ battles is they generally turn out badly for the losers.  Very badly. I thought about this when a former Department of Justice (DOJ) official said at Compliance Week last year that he viewed anti-corruption compliance officials as “The Alamo” in terms of the last line of defense in the context of preventing violations of the Foreign Corrupt Practices Act (FCPA). I gingerly raised my hand and acknowledged his tribute to the great state of Texas but pointed out that all the defenders were slaughtered, so perhaps another analogy was appropriate. Everyone had a good laugh back then at the conference. But in reflecting on the history of my state and what the Alamo means to us all; I have wondered if my initial response too facile?

What happens to a Chief Compliance Officer (CCO) or compliance practitioner when they have to make a stand? Do they make the ultimate corporate sacrifice? Will they receive the equivalent of a corporate execution as the defenders of the Alamo received? This worrisome issue has certainly occurred even if the person ‘resigned to pursue other opportunities.’ My fellow FCPA Blog Contributing Editor Michael Scher has been a leading voice for the protection of compliance officers, as have Donna Boehme and Michael Volkov. In a post entitled “Michael Scher Talks to the Feds” he quotes, “a compliance officer (CO) working in Asia asked for recognition and protection: “A CO will not stand up against the huge pressure to maintain compliance standards if he does not get sufficient protection under law. Most COs working in overseas operations of U.S. companies are not U.S. citizens, but they usually are first to find the violations. Since the FCPA deals with foreign corruption, how could the DOJ and SEC not protect these COs?”” In the same post, he asked of the DOJ “Wal-Mart’s compliance officers and professionals allegedly were intentionally obstructed by senior executives from conducting a compliance review and subjected to career-ending retaliation. If confirmed, will the DOJ and SEC’s settlement demonstrate that such harassment of compliance professionals is not condoned? Will the DOJ and SEC also make it clear that compliance officers working for multi-national companies like Wal-Mart in countries outside of America will receive the same protections as those working in America?”

Writing about the MF Global scandal in the New York Times (NYT) in an article entitled “Another View: MF Global’s Corporate Governance Lesson” Michael Peregrine stated that the “compliance officer is the equivalent of a “protected class” for governance purposes, and the sooner leadership gets that, the better.” Particularly in the post Sarbanes-Oxley (SOX) world, a company’s CCO is a “linchpin in organizational efforts to comply with applicable law.” When a company fires (or asks him/her to resign), it is a significant decision for all involved in corporate governance and should not be solely done at the discretion of the Chief Executive Officer (CEO). Jonathan Marks has long advocated that the departure of a CCO from a company is such a material event that it should be disclosed by public companies.

In the area of anti-money laundering (AML) compliance professionals, Reuters reported, in an article entitled “Bankers anxious over anti-money-laundering push to go after individuals”, that at the Securities Industry Financial Markets Association conference, John Davidson, E*Trade Financial’s global head of AML, said that the “new push by regulators and lawmakers to hold individuals, rather than just institutions, accountable for regulatory violations involving money laundering is spooking members of the U.S. financial industry.” He further said that this aggressive trend and a new vigorous AML bill, introduced in Congress by Representative Maxine Waters, entitled “Holding Individuals Accountable and Deterring Money Laundering Act”, were all “a little scary.” He found the trend towards more AML enforcement against individuals “an incredibly disturbing trend.” The reason it is so scary, an un-named top level compliance officer said, is “that compliance officers at the largest Wall Street institutions were feeling especially nervous because the power structures in those institutions sometimes did not give compliance officers enough authority to act.”

Upon further reflection I now believe the Alamo reference appropriate for compliance officers. It is because sometimes we have to draw a line in the sand to management. And when we do, we have to cross that line to get on the right side of the issue, the consequences be damned. Remember the Alamo!

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

January 20, 2014

Lessons from a Soccer Manager for the Compliance Practitioner

Soccer BallCompliance leadership can take many forms and inspiration can come from many different sources. I was reminded of this when I read an article in this past weekend’s Financial Times (FT), entitled “How I coach Ronaldo and other secrets”, by Simon Kuper who wrote the piece based upon his interview of Real Madrid manager, Carlo Ancelotti.

Ancelotti grew up professionally playing in Italy’s Seria A, the top league in that soccer-crazed country. So he brings a player perspective to his job. He also rose in the soccer coaching ranks, with stops at Juventus and AC Milan in Italy; then Chelsea in England; followed by Paris Saint-Germain in France before taking over the reins at Real Madrid in Spain. So he has been both a practitioner and an executive. I found some of his thoughts on coaching very insightful for the compliance practitioner.

Coaching a Multi-National Team – Translating Your Compliance Program into Native Languages

While at AC Milan, Ancelotti coached a wide number of different nationalities so being able to communicate with them was critical. This was important when coaching in Italy but Ancelotti found it much more difficult when he moved to England to take over as the manager for Chelsea. He said the hardest part of the communication piece was how “to show emotion”. As any compliance practitioner for an international business concern recognizes, communicating in a multiplicity of languages is a paramount skill.

This is an area that is receiving increasing attention from the Department of Justice (DOJ) as a component of a best practices compliance program. In the FCPA Guidance, under the Ten Hallmarks of an Effective Compliance Program, it intones that a company’s Code of Conduct and it’s compliance policies need to be clear and concise. However, equally noted is that the Guidance makes clear that if a company has a large employee base that is not fluent in English such documents need to be translated into the native language of those employees.

Trusting Your Players – Getting Buy-In For Your Compliance Program

While managing Chelsea, before the 2010 FC Cup final against Portsmouth, “Ancelotti did something unusual: after naming the starting 11, he asked them to decide the match strategy themselves.” He recalls: “Everyone said one thing. For example, [goalkeeper Petr] Cech said, ‘You have to control the space behind, to avoid the counter-attack.’ That season we played 60 games, and 60 times I made the strategy. So I think the players understood very well what they had to do.” When asked why he would try something so risky before such an important match, Ancelotti responded, “I was sure the players followed the strategy, because they made the strategy. Sometimes I make the strategy, but you don’t know if the players really understand.” His tactic worked and Chelsea beat Portsmouth 1-0 to complete the rare double of winning the English Premier League and the FA Cup.

What Ancelotti had hit upon was engaging his players. You should view every interaction as an opportunity to tap into the expertise of your workforce. This requires you to let employees say what they think. One of the first (and most insistent) questions you will face as a compliance practitioner is explaining how and why the Foreign Corrupt Practices Act (FCPA) applies to a country and culture far from the United States. Another related question is often along the lines of the endemic corruption in a country and how the business unit personnel cannot do business any other way. Let your co-workers express these thought and sentiments and then explain why the law(s) applies and how they can do business going forward. The business unit will usually have a solution to these problems and if you can get them to engage with you, it may well be a solution for you and the company. My experience is that they will generally have the correct response for you, even if they do not understand the nuances of the FCPA, UK Bribery Act or other anti-corruption law. But if you can have the employees understand that it is there program, you will have greater buy-in and greater participation in your compliance regime.

Managing from the Ground Up – Thoughts on Building a Compliance Program

After his stint at Chelsea, Ancelotti moved on to Paris Saint-Germain in France. Here he found a different set of challenges. The first was dedication to the program and lack of professionalism. As Ancelotti explained, “The problem of the English player – sometimes it’s difficult for them to understand that they don’t have to work 100 per cent in training. There are some training sessions where it’s important not to work 100 per cent. The French don’t understand why they have to work 100 per cent every day.” This attitude was acerbated by factionalism; the team was made up of ethnic factions. Ancelotti said, “We had the South Americans, the French, the Italians,” and “The relationship is not easy. The South Americans like to play with each other. The Italians the same. The players were not used to having a winning mentality.” Simply put, he had to change the attitude of the players.

How can you begin this process in a compliance regime? Writing in the Harvard Business Review (HBR) authors Linda Hill and Kent Linebeck, in an article entitled “Are You A Good Boss or a Great One”, said that leadership had three imperatives, which are to (1) Manage Yourself; (2) Manage Your Network; and (3) Manage Your Team. These three imperatives provide a good framework for the compliance practitioner.

Most employees ask the question “Can I trust this person?” Leadership results, in large part, by the answer to this question. Trust has two components; the first is that the leader has confidence in his or her own competence; and the second is that employees have trust in the manager’s character. This means that your motives are good and that you want people to do well. If these characteristics are present a manager should be able to influence others.

Next building key relationships throughout an organization leads to the road for success. This means nurturing a broad network of company employees who can influence specific areas and the departments within a company. As scarce resources must be reckoned with on any project, the person who can show the interdependence of seemingly disparate groups, which may have conflicting goals and priorities, is the manager who achieves the most. This relationship building can be a key way to influence others within an organization over which a manager does not have direct control.

Lastly, managing a team is a different dynamic than managing one-on-one. If a manager can influence a team, they have a greater chance of success as employees tend to be more creative and productive when working in groups. Accountability to other team members and a genuine conviction that they are all in it together can lead to a group coalescing into a team. The culture of any team is important: values, standards and norms guide employees in what is expected of them. Attention must be paid to all team members and recognition for individual efforts within the team can bring greater effectiveness as well.

To be a great compliance leader, the compliance professional must use all of these techniques. To achieve many compliance goals within a company requires a manager to exert a great amount of influence. The techniques set out by the authors provide direct tools for the compliance professional to utilize in this task. Managing employees within any compliance department is the first step. A compliance professional must reach out across an organization to all groups and departments to develop relationships, which can be used in furthering a company’s compliance goals. A compelling team creates the foundation of this strong network and a strong network will allow your compliance team a path to achieve its goals within the company. But knowing where you are going is only half of the journey. The authors end with the admonition that “you need to know at all times where you are on the journey and what you must do to make progress.”

Obviously Ancelotti has been successful at many different stops in his career. Some of the tips that Kuper wrote about in this article can be useful for the compliance practitioner dealing with a diverse multi-national employee base.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 5, 2013

Psychopaths in the Board Room? And I Thought the Astros Had a Bad Season

I did not think it would be possible that another Houston professional sports team could under-perform the sad-sack Houston Astros in 2013, who ended the season with a winning percentage of .313%. However the Houston Texans are actually playing worse than the Astros, coming into Thursday night’s game with Jacksonville with a brisk winning percentage of .167%. Amazingly enough however, the Texans have not yet been knocked out of the Wild Card hunt in the American Football Conference. Of course, the Astros were trying to lose, having loaded the team with minor leaguers and paying them all the league minimum salary to go in the tank. The Texans 10-game loss run is a bit more inexplicable, with some injuries, some bad luck, certainly poor coaching and a head-case of a starting quarterback throwing more touchdown passes to the opposition than to his own team all being part of the equation. Of course the Astros still have owner Jim “I made a $100MM so I must know what I am doing” Crane so there is always hope the Astros can out depth charge the Texans.

I thought about Jim Crane when I read an article in the Risk and Compliance Journal, a Wall Street Journal (WSJ) online publication, by reporter Gregory J. Millman, entitled “The Morning Risk Report: How to Avoid Hiring a Psychopath as CEO”. In this article he discussed a study by led by Dr. Paul Babiak which was titled “Corporate psychopathy: Talking the walk”. In this industrial and organizational psychology study, it found that Chief Executive Officers (CEOs) as a group had “four times the concentration of full blown psychopaths than the population at large.” Babiak told the Risk & Compliance Journal “These psychopaths in our study had absolutely poor performance ratings but were still being promoted because of high charisma, self-confidence, and communication skills.” He indicated that “part of the problem is that those positive attributes are often mistaken identifications of what are really core psychopathic characteristics of grandiosity, manipulativeness, and thrill-seeking.” Do those characteristics sounds like any professional sports team owners you have heard of?

While I am sure that the Major League Baseball (MLB) vetting process would weed out any such psychopaths, I thought about how such grandiosity might play out in the real world and impact anti-corruption compliance programs such as those required by the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act. Recently Siemens AG announced that its new President and CEO Joe Kaeser, was taking over the legal and compliance roles at the company’s Managing Board. In an additional downgrade to the company’s compliance function, the former Chief Compliance Officer (CCO), Peter Solmssen, will resign from the Managing Board by mutual agreement, effective December 31, 2013. The CCO position will be folded into the General Counsel’s (GC) position but the new GC/CCO Andreas Christian Hoffmann will not report to the Board. While I am not certain that resigning “by mutual consent” is German corporate-speak for “resigned to pursue other opportunities” it certainly does not sound like it was voluntary. Siemens did not give any reason for its compliance downgrade, only thanking Solmssen for his service. Presumably it was not because of the robustness of the Siemens compliance program or how serious the company takes compliance.

In an article in the online publication, DW on December 2, 2013, entitled “Siemens bribery case spreads to Brazilian politics”, it was reported that “In May this year, German engineering firm Siemens reported itself to Brazilian law enforcement authorities. It unveiled its involvement in a price-fixing cartel, and admitted to paying bribes in order to win contracts to build the Sao Paolo Metro.” The article also stated that “In May 2013, Siemens struck a deal with CADE to avoid criminal proceedings for its involvement in a cartel when bidding for the construction, fitting and maintenance of metro trains in Sao Paulo and Brasilia. The German firm revealed that five global engineering firms colluded to raise bids to 20 percent higher than quotes typically found on the market.” In other words, it looks like Siemens compliance program may have had some holes in it.

How does the move by the new Siemens CEO to downgrade the company’s compliance function put the company at risk? Under the FCPA and Bribery Act, it is important a CCO have direct access to the Board of Directors or Audit Committee. (I would add parenthetically that having a CEO represent a company’s legal function at the Board level is quite simply a recipe for disaster but as this blog focuses on compliance, I will stick with the CCO role.) The FCPA Guidance states, “Those individuals must have appropriate authority within the organization, adequate autonomy from management, and sufficient resources to ensure that the company’s compliance program is implemented effectively. Adequate autonomy generally includes direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors (e.g., the audit committee).” If the information reported in the DW article regarding Siemens and the allegation of bribery and corruption in Brazil are sustained, Siemens may not be able to show that it had a best practices compliance program, with its recent CCO and compliance function downgrades.

We started with megalomaniacs and psychopaths in the CEO seat. In his article Millman provides some of the things that a company might do to help to ameliorate these characteristics. Millman wrote that “Dr. Babiak suggests three things that companies can do to minimize their risk of putting a psychopath on the fast track to the corner office. First: look at performance first to determine whether it’s real or fluff, because psychopaths can often fake everything but performance. Second: get input from people who work under and around the candidates, preferably using a 360-degree evaluation approach that assures respondents of anonymity, because psychopaths often suck up and kick down. Third, use psychological tests to identify red flags. Those steps will help companies spot likely problem cases before they get promoted. That’s important because the farther they rise, the harder they are to stop.” I wonder if Siemens used any of these tools available them before they gutted their compliance function?

And I thought the Astros had a bad year…

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

November 22, 2013

The SEC Talks About Chief Compliance Officers

Recently, the SEC’s Division of Trading and Markets provided guidance on the potential liability of compliance and legal personnel at registered broker-dealers through a series of answers to eight Frequently Asked Questions (FAQs). Following the recent and controversial Urban case and public comments made by SEC Commissioners since, then there have been many questions in the industry about when a Chief Compliance Officer (“CCO”) becomes a “supervisor” for purposes of liability under Sections 15(b)(4) and 15(b)(6) of the Exchange Act. These Compliance FAQs aim to address some of those industry concerns. Although these FAQ’s deal with compliance officers at registered broker-dealers, I think they can provide some insight into how the SEC views a CCO in an anti-corruption compliance context. I site to the SEC’s FAQ in full, although the end notes have been removed.

Question 1.

Is a chief compliance officer or any other compliance or legal personnel a supervisor of broker-dealer business personnel solely by virtue of the compliance or legal position?

Answer: No. Compliance and legal personnel are not “supervisors” of business line personnel for purposes of Exchange Act Sections 15(b)(4) and 15(b)(6) solely because they occupy compliance or legal positions. Determining if a particular person is a supervisor depends on whether, under the facts and circumstances of a particular case, that person has the requisite degree of responsibility, ability or authority to affect the conduct of the employee whose behavior is at issue.

Question 2.

What does it mean to have the requisite degree of responsibility, ability or authority to affect the conduct of another employee?

Answer:

A person’s actual responsibilities and authority, rather than, for example, his or her “line” or “non-line” status, determine whether he or she is a “supervisor” for purposes of Exchange Act Sections 15(b)(4) and 15(b)(6). Among the questions to consider in this regard:

Has the person clearly been given, or otherwise assumed, supervisory authority or responsibility for particular business activities or situations?

Do the firm’s policies and procedures, or other documents, identify the person as responsible for supervising, or for overseeing, one or more business persons or activities?

Did the person have the power to affect another’s conduct? Did the person, for example, have the ability to hire, reward or punish that person?

Did the person otherwise have authority and responsibility such that he or she could have prevented the violation from continuing, even if he or she did not have the power to fire, demote or reduce the pay of the person in question?

Did the person know that he or she was responsible for the actions of another, and that he or she could have taken effective action to fulfill that responsibility?

Should the person nonetheless reasonably have known in light of all the facts and circumstances that he or she had the authority or responsibility within the administrative structure to exercise control to prevent the underlying violation?

Question 3.

Can compliance and legal personnel provide advice and counsel to business line personnel without being considered supervisors of the business line personnel for purposes of the Exchange Act?

Answer: Yes. Compliance and legal personnel play a critical role in efforts by broker-dealers to develop and implement an effective compliance system throughout their organizations, including by providing advice and counsel to business line personnel. Compliance and legal personnel do not become “supervisors” solely because they have provided advice or counsel concerning compliance or legal issues to business line personnel, or assisted in the remediation of an issue. If their responsibilities or authorities extend beyond compliance and legal functions such that they have the requisite degree of responsibility, ability or authority to affect the conduct of business line personnel, additional inquiry may be necessary to determine if they could be considered supervisors of the business line personnel.

Question 4.

Can a broker-dealer establish and implement a robust compliance program without its compliance and legal personnel being considered to be supervisors for purposes of the Exchange Act?

Answer: Yes. Broker-dealers have a duty to build effective compliance programs that are reasonably designed to ensure compliance with applicable laws and regulations. Among the things that firms should consider including in their programs are robust compliance monitoring systems, processes to escalate identified instances of noncompliance to business line personnel for remediation, and procedures that clearly designate responsibility to business line personnel for supervision of functions and persons.

Broker-dealers should consider clearly defining compliance and advisory duties and distinguishing those duties from business line duties in order for persons who perform only compliance and legal functions to avoid becoming supervisors of business line employees. Management at broker-dealers can greatly benefit from the participation and input of compliance and legal personnel.

Question 5.

Can compliance or legal personnel participate in a management or other committee without being considered supervisors of business activities or business personnel for purposes of the Exchange Act?

Answer: Yes. Compliance and legal personnel play a critical role in efforts by broker-dealers to develop and implement an effective compliance system throughout their organizations, including by participating in management and other committees. Compliance and legal personnel do not become “supervisors” solely because they participate in, provide advice to, or consult with a management or other committee. As explained above, the determination whether a particular person is a supervisor depends on whether, under the facts and circumstances of a particular case, that person has the requisite degree of responsibility, ability or authority to affect the conduct of the employee whose behavior is at issue.

Question 6.

Can compliance or legal personnel provide advice to, or consult with, senior management without being considered supervisors of business activities or business personnel for purposes of the Exchange Act?

Answer: Yes. Compliance and legal personnel play a critical role in efforts by broker-dealers to develop and implement an effective compliance system throughout their organizations, including by providing advice and counsel to senior management. Compliance and legal personnel do not become “supervisors” solely because they provide advice to, or consult with, senior management. In fact, compliance and legal personnel play a key role in providing advice and counsel to senior management, including keeping management informed about the state of compliance at the broker-dealer, major regulatory developments, and external events that may have an impact on the broker-dealer. In this regard, compliance and legal personnel should inform direct supervisors of business line employees about conduct that raises red flags and continue to follow up in situations where misconduct may have occurred to help ensure that a proper response to an issue is implemented by business line supervisors. Compliance and legal personnel may need to escalate situations to persons of higher authority if they determine that concerns have not been addressed.

Question 7.

What is the status of the initial decision in the Theodore W. Urban matter?

Answer: Under the Commission’s rules of practice, if a majority of the Commissioners do not agree on the merits (as was the case in Urban), the initial decision “shall be of no effect.”

Question 8.

What responsibilities does a person working in a compliance or legal capacity have if he or she is a supervisor for purposes of the Exchange Act?

Answer: Once a person has supervisory obligations, he or she must reasonably supervise with a view to preventing violations of the federal securities laws, the Commodity Exchange Act, the rules or regulations under those statutes, or the rules of the Municipal Securities Rulemaking Board. That person must reasonably discharge those obligations or know that others are taking appropriate action. It is not reasonable for a person with supervisory obligations to be a mere bystander to events that occurred, or to ignore wrongdoing or “red flags” or other suggestions of irregularity.

Exchange Act Section 15(b)(4)(E) provides an affirmative defense to potential liability for failure to supervise if a firm has established procedures and a system for applying those procedures that would reasonably be expected to prevent and detect, insofar as practicable, a violation, and the supervisor has reasonably discharged his or her duties pursuant to the procedures and system, without reasonable cause to believe that the procedures and system were not being complied with.

As noted in a Sydley and Austin client alert, “the Compliance FAQs address the question of what a person working in a compliance or legal capacity should do if he or she is also a supervisor for purposes of the Exchange Act. According to the staff, once a person has supervisory obligations, he or she must “reasonably supervise with a view to preventing violations of the federal securities laws…. It is not reasonable for a person with supervisory obligations to be a mere bystander to events that occurred, or to ignore wrongdoing or ‘red flags.’” The existence of an effective compliance program is essential for protecting compliance and legal personnel from liability once they act in a supervisory capacity. As the Compliance FAQs point out, an affirmative defense to potential liability for failure to supervise exists, but only if the firm “has established procedures and a system for applying those procedures that would reasonably be expected to prevent and detect…a violation, and the supervisor has reasonably discharged his or her duties pursuant to the procedures and system.

Compliance officers need to sit up and take notice of these FAQs.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 20, 2013

Tribute to Stan The Man and 11 Rules for Compliance Success

Today we honor Stan ‘The Man’ Musial who played 22 seasons for the St. Louis Cardinals (1941–1963) who passed away on Saturday. Musial was a record 24-time All-Star selection and is widely considered to be one of the greatest hitters in baseball history. He compiled 3,630 hits  He also amassed 475 home runs during his career, was named the National League‘s Most Valuable Player (MVP) three times and won three World Series championship titles. Musial was a first-ballot inductee to the Baseball Hall of Fame in 1969. I actually got to see Musial play at the old Colt Stadium, where the Houston Colt 45’s played in before the Astrodome was built and before they became the Astros. My father, who grew up in Tulsa listening to the St. Louis Cardinals and so passed on his passion for the Cards to me. We could even listen to the Cardinals on the radio in Houston as the uber-powerful AM station KMOX broadcast throughout the Midwest and South. Because of this anomaly I am still a fan of baseball on the radio. So today we celebrate one of the very greatest baseball players of all-time.

In the 60s I was given a long-playing album about hitting in which Musial narrated. It came with a book which you were to turn the pages while Stan The Man taught you how to hit. While it might have talked about his unique corkscrew stance, phenomenal eye-hand coordination or bat level when swinging at an off-speed pitch the one thing I have remembered throughout the years was practice and practice and practice. That is how Musial became one of the greatest hitters of all-time.

I was reminded about this when I read an article in this month’s Inc. magazine and entitled “The Rules” by authors Adam Bluestein, Leigh Buchanan, Issie Lapowsky and Eric Schurenberg. In the article the authors interviewed some of the world’s top entrepreneurs “as well as thinkers from business schools to come up with 11 nuggets of hard-earned wisdom and meticulously researched insight” or as the magazine’s cover promised “11 Rules for Success”. I believe that they are a good review for any Chief Compliance Officer (CCO) and present an entrepreneurial way to think about an overall best practices compliance program.

  1. Do less - Evan Williams the co-found of Twitter. Williams believes many things are actually distractions and leaders lack the perspective of focus. I liked this insight from Williams, “When you are obsessing about one thing, you can reach insights about problems that are hard to solve.” As a CCO, you need to step back and take a look at your overall compliance program on at least an annual basis.
  2. Embrace accidents - Tony Hsieh, the Chief Executive Officer (CEO) of Zappos. Here Hsieh is referring to serendipity. I would use the old football adage that when preparation meets opportunity, luck arises. Hsieh believes that if you make enough contacts at some point you will be able to ‘connect the dots’ to create something spectacular. Talk to other compliance professional, go to conferences and events, have dinner with your peers when you are traveling, talk-talk-talk to others in the profession. You never know when one of their experiences may help you.
  3. Choose your playing field - Roger Martin, the Dean of the Rotman School of Management and co-author of Playing to Win: How Strategy Really Works. Martin believes that you must have more than just aspirations or even vision, you must have a strategy. I think this is why my colleague Stephen Martin says it is so important to have a 1 and 3 and 5 year plan for your compliance program. As Roger Martin puts it “The heart of strategy is defining where you are going to play and how you are going to win.”
  4. Fail - Arianna Huffington, the co-founder and Editor-in-Chief of the Huffington Post. Huffington says that she learned from her mother that failure is a “stepping-stone to success, as opposed to the opposite of success. When you fail that way, it changes dramatically what you’re willing to do, how you’re willing to invent and the risks that you’ll take.” In other words, learn from your failures.
  5. Let others lead - Michael Useem, Professor at the Wharton School. Useem emphasizes that leadership is “a team sport.” You should endeavor to build leadership in the ranks of your organization “by empowering people to independently make good decisions.”
  6. Slow down – Danny Meyer, founder and CEO of Union Square Hospitality Group. Meyer believes that a company should move slowly and deliberately. With his business he believes that this strategy allowed his company to “develop a soul”. But more than this it allowed his business to make a name for itself with its customers because they came to know not only what it sold but more importantly what it stood for. In this world, the life of innovation is quite short so Meyer believes that the product differentiator is how a business does something rather than what it sells
  7. Emphasize steady progress - Teresa M. Amabile, Harvard Business School Professor. Amabile studied a large number of employees and found that on their most productive days “they were able to move forward in their work, even if it was just an incremental step forward.” She believes that managers must pay attention and see if employees are making steady progress and if not, why not. She asked, “Do they have clear goals and autonomy about how to pursue those goals? Do they have sufficient resources?”
  8. No tricks - Phil Lubi, founder of Evernote. Lubi believes that you should play to both your strengths and weaknesses. Do not hide behind what he termed “false choice.” Be honest and let investors and your Board of Directors know the truth. By doing so he believes that you will build more durable relationships.
  9. Stop thinking about yourself - John Mackey, co-founder of Whole Foods. Mackay believes that you need to step back and look at the big picture.  For Mackay this came when he recognized that his company’s Board of Directors did not only have a fiduciary duty to the shareholders but was also a stakeholder in the company. His advice to entrepreneurs is to “think about your business and all the relationships it has. You have to develop a feeling for who your stakeholders are and figure out how to make them all winners.”
  10. Don’t discount the role of luck - Michael Maubossin, investment strategist at Legg Mason Capital Management. In a somewhat counter-intuitive analysis, Maubossin believes that you should not only look at companies that succeed but also those that fail. This is because if you only look at company’s which succeed, you will miss those which employ the same strategy but failed. He believes that by recognizing alternative outcomes, and the role of luck, you can keep “your mind open to other possibilities, so you can manage or mitigate them.” This means that you can learn from compliance failures as well as compliance successes. Foreign Corrupt Practices Act (FCPA) enforcement actions usually provide significant information on what got a company into FCPA hot water and this is information that you can learn from.
  11. Don’t be immune to new ideas - Bob Metcalfe, founder of 3Com. Metcalfe believes that “If you have an ongoing business, it’s hard to innovate, because innovation likely threatens what you have.” But he emphasizes that if you are standing still, it is likely that not only are other companies catching up to you, they are also passing you in the business world. In the compliance world, the concept of best practices is constantly evolving. As anti-corruption and anti-bribery compliance programs and criteria evolve, today’s ‘enhanced compliance obligation’ may be tomorrow’s best practice.

The Inc. article provided some interesting insights into what made some of the world’s top entrepreneurs very successful. You might see how these insights could help you improve your compliance program. And while it doesn’t have quite the same rhyming scheme as Paul Simon’s Mrs. Robinson, here’s to you Stan ‘The Man’ Musial. I hope that you enjoy an inning or two at the great game in the hereafter.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 7, 2013

Leadership in the Compliance Function – Do You Encourage or Stifle?

There are many ways for a Chief Compliance Officer (CCO) to exercise leadership in not only the compliance function but also across the many disciplines in which compliance impacts in any corporation. In this Sunday’s New York Times (NYT), there were two diametrically opposite styles of leadership and management discussed in two articles. The first was found in the Corner Office Column, in an article entitled, “The Six Steps of Leadership (Plus Courage)” in which reporter Adam Bryant interviewed G.J. Hart, Chief Executive Officer (CEO) and President of California Pizza Kitchen. The second was found in the Off The Shelf Column where Fred Andrews, in an article entitled “The Military Machine as a Management Wreck”, discussed the recent book “Bleeding Talent” by author Tim Kane. I found that both of these articles provided some interesting techniques which the CCO or compliance practitioner could use in helping to set compliance as not only a key goal for any company, the articles also offered practical tips for day-to-day use in bringing the compliance perspective to the myriad of issues a compliance practitioner faces on a daily basis.

Hart related that his leadership style has evolved for the better because he has learned more patience and tolerance. He admitted that he used to “want things yesterday and would be very anxious about moving things along faster. But now I understand that tomorrow’s another day and that things will move along.” I have worked in industries where the joke was “If I want it today, I will ask for it tomorrow.” The reality, as put by Hart, is to think “about whether something really matters and how it will make a difference, versus thinking that everything matters and everything makes a difference.”

Hart said that the most important lesson he has learned is leadership qualities. He calls them “the six steps of leadership, surrounded by courage.” He believes that courage is always implicit because in any leadership role, you are stepping out, having the courage to be different “because you have to be different to be a leader.” Hart’s six steps are:

  1. Be the best you can be. Hart relates that you cannot “lead anybody if you can’t lead yourself. So you have to be honest with yourself about your good qualities, your bad qualities and the things you need to work on.”
  2. Dream and dream big. Hart recognizes that there is a “world of possibilities for yourself and for your organization.” You must have a dream and you must move towards it. This does not mean that you will “ever necessarily get there, but if you don’t dream, you’ll never even get started.”
  3. Lead with your heart first. Hart believes that your employees need to see that you are human and that you have a “human side” by showing people that you have compassion. It is all about being real. He states “It doesn’t mean that you don’t set expectations and standards. But if you lead with your heart, people figure out whether you’re genuine, whether you’re real.”
  4. Trust the people you lead. Hart recognizes that this may be the hardest trait for a leader to develop because this trait is all about letting go as a leader and allowing your employees to grow into their own style of leadership roles. Hart believes that only by allowing your employees to learn by making their own mistakes or falling down and picking themselves up and moving forward will they grow professionally. He believes that your role as a leader is to pick them back up.
  5. Do the right thing, always. Hart recognizes this is easy to say but as a leader this is where the rubber meets the road. In leadership Hart emphasizes that if your choice is following a rule or doing the right thing, you should do the right thing. He believes that this is particularly true “as it relates to people, and you genuinely believe in that person, sometimes it takes courage to do the right thing and give that person a second chance. Because we’ve all made mistakes and somebody picked us up.”
  6. Serve the people you lead. Hart believes that leadership is ultimately “about serving the people you lead.” It means that you should put a cause before yourself and to lead to make a difference. He ends noting that his role as a leader is to be “a catalyst for change, to create an environment where people can grow and prosper.”

In Andrews’ article, he wrote that the US military is now an “institution which is idiotic.” Andrews writes that Kane believes that “it dictates the jobs, promotions and careers of the millions in its ranks through a centralized, top-down, one-size-fits-almost-all system that drives many talented officers to resign in frustration. They leave, he says, because they believe that the military personnel system — every aspect of it — is nearly blind to merit.” This is in spite of the fact that Kane believes that “America’s armed forces are a leadership factory. He goes on to say that “former military officers are three times as likely to become corporate C.E.O.’s as their raw numbers would suggest.”

So what is the problem? Kane believes that “the root of all evil in this ecosystem” which is the Defense Officer Personnel Management Act, enacted by Congress in 1980. Andrews writes that this Act “binds the military into a system that honors seniority over individual merit. It judges officers, hundreds at a time, in an up-or-out promotion process that relies on evaluations that have been almost laughably eroded by grade inflation. A zero-defect mentality punishes errors severely. The system discourages specialization — you can’t expect to stay a fighter jock or a cybersecurity expert — and pushes the career-minded up a tried-and-true ladder that, not surprisingly, produces lookalikes.” Kane’s revolutionary idea to overcome this inertia is to create “an internal labor market for job assignments and promotions.” This change would allow a commander to choose a subordinate rather than having the Pentagon make the decision for him or her.

I have worked in both types of organizations. I can personally attest to the greater creativity and flexibility which led to greater innovation, where leaders viewed themselves as stewards such as Hart believes himself to be. I have also worked in military like organizations where the thing that got one promoted was be as similar to the next level up the rank and where innovation was definitely not viewed as a plus. The difficulty for a CCO may be that he or she works in such an organization. But even if a CCO or compliance practitioner does work in a military style organization, Hart’s six elements of leadership can be used to create a more vibrant, and ultimately successful, compliance program.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

December 5, 2012

Five Essentials of a Chief Compliance Officer Position

Most of Shakespeare’s histories involve issues relating to kingship and how a king might reign. In some of the plays, such as Henry V, the example is of a positive nature. In others, such as Richard III, you may need to draw from the inverse to see how one should decidedly not govern. The tragedies tend to emphasize a tragic flaw which brings down someone who is not necessarily a king, such as Hamlet or Coriolanus.

What are some of the characteristics of the position of a Chief Compliance Officer (CCO) for a company subject to the Foreign Corrupt Practices Act (FCPA), UK Bribery Act or other international anti-bribery and anti-corruption laws? That question was recently explored in an article in the Society of Corporate Compliance and Ethics (SCCE) bi-monthly magazine, Compliance & Ethics Professional, in an article entitled “Five essential features of the Chief Ethics and Compliance Officer position”, by author Donna Boehme. She believes that while all CCO positions should be “fit-for-purpose” there are five essential features which are consistent to all such positions. They are as follows:

1.      Independence

It is incumbent that any CCO must have “sufficient authority and independence to oversee the integrity of the compliance program.” Some indicia of independence would include a reporting line to the company’s Board of Directors and Audit/Compliance Committee but more importantly “unfiltered” access to the Board. There should also be protection of employment including an employment contract with a “nondiscretionary escalation clause” and a requirement for Board approval for any change in the terms and conditions of employment, including termination. There must also be sufficient resources in the form of an independent budget and adequate staff to manage the overall compliance program.

2.      Empowerment

Boehme believes that a CCO must have “the appropriate unambiguous mandate, delegation of authority, senior-level positioning, and empowerment to carry out his/her duties. Such can be accomplished through a “board resolution and a compliance charter, adopted by the board.” Additionally the CCO job description should be another manner in which to clarify the CCO “mandate, and at a minimum should encompass the single point accountability to develop, implement and oversee an effective compliance program.” All of the above should lead in practice to a “close working relationship with an independent board committee.”

3.      Seat at the Table

Boehme believes that the CCO must “have formal and informal connections into the business and functions of the organization – a seat at the table at important meetings where all major business matters (e.g., risk, major transactions, business plans) are discussed and decided.” She argues that, at a minimum, the CCO should participate in “budget reviews, strategic planning meetings, disclosure committee meetings, operational reviews, and risk and crisis management meetings.”

4.      Line of Sight

Here the author urges that the CCO should have “unfettered access to relevant information to be able to form independent opinions and manage the [compliance] program effectively.” This does not mean that the CCO should have veto power over functions such as safety or environmental or that such functions must report to the CCO, but unless there is visibility to the CCO for these risk areas, the CCO will not able to adequately assess and manage such risks from the compliance perspective. The correct structuring of the CCO role to allow it visibility into these areas will help the CCO coordinate compliance convergence training.

5.      Resources

It is absolutely mandatory that the CCO be given both the physical resources in terms of personnel and monetary resources to “get the job done.” I have worked at places where the CCO had neither and the CCOs did not succeed because they never even had the chance to do so. Boehme focuses on both types of resources. Under monetary resources she points, as an indicia, to the independence of the CCO from the General Counsel (GC), “rather than a shared budget”. This can also bleed over to ‘headcount’ and shared or dotted line reporting resources. There should be independent resources reporting into the compliance function.

Unlike Shakespeare’s histories or tragedies, the author gives you her opinion on what the role of the CCO should consist of in today’s compliance arena. Boehme’s article is an excellent guide for the CCO or Compliance Professional to use in reviewing the situation in his or her company. Her five essential features are based on the Department of Justice’s (DOJ) thinking on the issue in the form of the US Sentencing Guidelines, FCPA enforcement actions and evolving best practices. If your company is not following these it may well not be deemed to have a commitment to compliance or meet the minimum best practices standards.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

May 30, 2012

Pink Floyd’s The Wall and Compliance

Roger Waters is currently touring with a massive audio visual presentation of Pink Floyd’s “The Wall”. The show is so spectacular that it was recently profiled on 60 Minutes. I thought about the album, Water’s show and the message of The Wall reading this week’s Corner Office Section in the Sunday New York Times (NYT).

One of the most important things that I got out of this interview is that sometimes you just hit the brick wall. You carefully plan a strategy, implement the planned strategy and then measure the results but it falls completely flat. In other words, you hit the proverbial brick wall. So what should happen? Should you be fired for trying something that does not work? Be sent off for a two year punishment detail at some far flung company outpost? This is not the tack taken by Kyle Zimmer, Chief Executive Officer (CEO) and co-founder of First Book as discussed in an article, entitled “So, Your Idea Hit a Brick Wall. Congratulations!” by reporter Adam Bryant. Zimmer instead may reward such activity through her company’s ‘Brick Wall Reward’; which is Zimmer’s way of saying, “It’s O.K., you did the thinking, and you gave it your best shot, and it crashed, but it was an honorable step.”

Failure as a Positive

Why does Zimmer believe that such failure can be ‘an honorable step’? She considers that our culture teaches us to “fear failure” which she thinks is a huge mistake. The reason is that if you are out there trying something, “you’re going to fail way more than you succeed.” Or put another way, “You can fail without ever succeeding, but you can’t succeed without ever failing.” To that end Zimmer begins to explore this question during her initial interview process with prospective hires. She asks the interviewee “Have you ever started anything? From the time you were little, did you invent anything? An organization? Did you start a club?” Then I’ll ask, “What was the hardest part of that? What about failure? Talk to me about failure.” She believes that not only do people learn from their mistakes and become better employees but also in her organization, “the times we’ve been most creative were a result of the pressure of a failure or near failure.”

Everyone Needs a Reason to Play

Zimmer gave several other concepts which she has learned that are excellent tips for the compliance practitioners. One expanded upon the old 90s maxim ‘Win-Win”. She explained that team concept is paramount for a chance at long term success. This is because more people are invested in the outcome; they will be more willing to participate. Zimmer stated, “I learned that the best business deals are the ones that are brilliantly crafted so that everybody has a reason to play.” So, more than making others in your organization winners, try a new initiative with your employees, if you can invest them in the process, you will have a greater chance to sustain the initiative.

Humility

Not a word usually associated with lawyers. However, in addition to being a CEO, Zimmer is also a Juris Doctor. But particularly in starting the entity, First Book, which is a non-profit company which provides books for children in need, Zimmer realized that she was learning about the publishing industry ‘from the ground up”. Even if she wanted to have all the answers, she simply could not because she did not have the professional training. So she learned to reach out to “as many brilliant minds” as she could find. Ultimately, she realized “that it really didn’t matter if I knew anything. What mattered is whether I could get people to the table who did, because you’re never going to know enough.”

Be a Builder

Zimmer values the concept of team building quite high on the scale of importance in First Book. For this trait, Zimmer looks for employees who “have tried things, and have failed, and have risen above it.” If someone is accomplished, this generally means that the person is a builder and has already developed the skills to overcome setbacks. She has found that “people who have tried things on their own and struggled are the ones who are least protective of their work and the most collaborative.” This is because in the corporate world the myth of the lone scientist working in his or her lab to create the next thing is simply that, a myth. She believes that organizational accomplishment is a team sport and those are the people that she wants in her company.

Just as Roger Water’s message in his current tour is that it is really only walls that separate us and that they can come down, I found Zimmer’s ideas to be quite useful in the compliance context. Fear of failure is rife in the corporate world but she clearly articulates some reasons why it should not be viewed as such. More importantly, her thoughts on  team concepts and that if employees are invested in the process, it will make for stronger and more long-lasting end results and these are important points for the compliance practitioner to take away from this article.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

March 22, 2012

Three Keys to the Role of a Chief Compliance Officer

There is an ongoing debate in the compliance world about whether a company can or should combine or separate the role of the Chief Compliance Officer (CCO) from that of the General Counsel (GC). However, before a company can answer this question, it must meet No. 6 of the Department of Justice’s (DOJ) minimum best practices requirement for a Foreign Corrupt Practices Act (FCPA) based compliance program. Requirement No. 6 reads:

The company will assign responsibility to one or more senior corporate executives for the implementation and oversight of the company’s anti-corruption policies, standards, and procedures. Such corporate official(s) shall have direct reporting obligations to independent monitoring bodies, including internal audit, Company’s Board of Directors, or any appropriate committee of the Board of Directors, and shall have an adequate level of autonomy from management as well as sufficient resources and authority to maintain such autonomy.

This requirement clearly mandates that a company must have one or more senior level executives to oversee the company’s compliance program. At the recent Ethisphere 2012 Global Ethics Summit this issue was explored. Alan Yuspeh, Senior Vice President and Chief Compliance and Ethics Officer for Hospital Corporation of America, said that he believed there were three keys to the role of a company’s head of compliance.

a.      Senior Management

Yuspeh believes that whoever heads compliance at a company must be included in the ranks of the company’s senior management. This is because when such a person speaks, they need to do so as a peer and not as a subordinate, to company management. Senior management status is also important when dealing with the Board of Directors.

b.      Clear Commitment

Here Yuspeh spoke about a clear commitment from the top management of the company to the position of the head of compliance. This is more than simply the ubiquitous “Tone-at-the-Top” as it means a commitment to the position of head of compliance; a commitment to funding and achieving the goals of meeting a minimum best practices compliance program. This means that top management cannot simply cut-off compliance at the knees every time it makes an unpopular decision. Further, the money must be made available to hire the necessary staff, travel and train employees, implement and help to perform the requisite investigations of third parties. If such monies are not made available, your company truly has a paper program.

c.       Keep Compliance Involved

The third element that Yuspeh mentioned was whoever heads compliance must “constantly fight to keep compliance involved” in all appropriate aspects of the company’s business. This is more than compliance simply having a seat at the table. The head of compliance must insure that the compliance function is inculcated down into the DNA of the company. So, just as a Chief Executive Officer (CEO) might ask what is the Legal Department’s view on a certain contract or issue facing the company, the head of a company’s Compliance function should also be thought of as a person who’s group is a “go-to” group within the company for advice.

Smaller companies may not have a Compliance function within their organization but it is clear from the DOJ’s minimum best practices that there must be a person who heads that function within a company. Yuspeh has laid out what he believes the practical guidelines are for a head of compliance within an organization. His comments speak to the requirements of the DOJ as laid out in requirement No. 6. Does the head of compliance in your organization meet these criteria?

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Customized Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 4,229 other followers