FCPA Compliance and Ethics Blog

September 26, 2013

The Cost of Stupid is Less Than the Cost of Bribery and Corruption

After the butt-slide play, you might think that the sad sack Houston Astros could not sink even lower but I guess setting the Major League Baseball (MLB) record for the worst record for three straight years is not enough. Yesterday, as reported by Sam Gardner in Fox Sports Online, in a post entitled “Buzz: Astros botch Ladies Night”, the Astros managed to insult over 50% of the population with the following promotion sent out by Twitter,

9/27 is Ladies Night by @StateFarm! Ladies can learn about baseball, enjoy music, food, drinks & more! For info & tix http://www.astros.com/ladies

The Astros, teaching anyone about baseball? Really? Here are some of the tweets back in response:

Yvette Betancourt  @Yvetteab

@astros implying women don’t know about baseball?

Christie @ATXChristina

@astros @StateFarm eff both of you. Baseball was the first game I learned about as a kid. Used to keep score at games. #Misogyny

Patrick Monaghan @pkmonaghan

#Astros tweets from 1950? I learned baseball scorekeeping FROM MY MOTHER. My wife has seen more games than you. Jesus. @astros @StateFarm

And my personal favorite:

Hunter Felt @HunterFelt

@scATX What’s worse? The assumption that women would need to be taught about baseball or the idea that the @astros could do so?

Unfortunately, the Astros can only increase the cost of being so idiotic. But it did make me wonder what might be some of the costs of allegations of bribery and corruption? For the British company, GlaxoSmithKline PLC (GSK) apparently it means a big hit on sales in its Chinese operations since the story broke about its alleged corruption of Chinese medical services professionals, this past summer. In an article in the Financial Times (FT), entitled “GlaxoSmithKline China sales face growing pressure”, reporters Andrew Jack, Patrick Jenkins and David Oakley, noted that sales of the company’s products in China had dropped over 30% since the publication of the original allegations. They also reported that “As the Chinese authorities have expanded corruption and pricing probes into western and domestic drug companies since July, analysts have forecast slowed growth for the industry after a long period of expansion driven by extended medical cover and marketing to a rising middle class.” They quoted Andrew Baum, a pharmaceutical analyst with Citi, who said that “indications from his latest research suggested an absolute drop in revenues as a result of manufacturers “suspending activities” and “hospitals that are wary” of talking to drug companies following the clampdown.” While Baum “expected GSK to suffer the greatest impact, but predicted other multinational pharmaceutical companies would also report absolute sales declines in China of 10-20 per cent.”

In another FT article, entitled “Bribery fears infect drug dealings in China”, by Andrew Jack and Patti Waldmeir, they highlighted some of the current allegations against western pharmaceutical companies as explained in the bribery box score below:

Company Amount of Alleged Bribe Source of Allegation Bribery Scheme
GSK $500MM Chinese police investigation Use of intermediaries, travel agencies to bribe doctors
Eli Lilly $4.9MM Former employee Kickbacks to doctors to prescribe the company’s products
Sanofi $277K Whistleblower Bribes paid to doctors described as research grants
Novartis $8200 Company sales rep Payments to 200 hospitals for non-existent post-trial surveys

However, there are more, and perhaps even greater, costs associated with bribery and corruption; those of which can be effected upon the population of a country where the bribery occurs. As the Foreign Corrupt Practices Act (FCPA) is a supply side-focused law, we here in the US compliance community usually try to point out the costs to businesses which engage in bribery and corruption, such as the drop in sales experienced by GSK. Jack and Waldmeir pointed to the costs for those in China where bribery in the health care industry is alleged to have occurred. The article discussed three different allegations of corruption and how they all have potentially devastating effects.

Fake Clinical Trials

The article pointed to one set of allegations which involved “multi-nationals conducting “phase IV” clinical trials”. These trials are performed after a drug is approved and “which critics claim are often for marketing purposes.” The corruption involved a third party to the companies involved who “filled out fake “clinical research forms” on trials which never took place.” Under this scenario, doctors were on record for participating in the trials but never actually participated because there were no such trials. Subsequently, any results which were claimed had no basis in fact.

Commissions for Prescriptions

Another scheme highlighted was commission payments to doctors for one company’s pharmaceutical products prescribed to patients. While the medical student attempted to backtrack by saying the doctors would only prescribe one drug over another similar drug if they received ‘commissions’; such waffling misses the entire point. The recommendation was made based upon the self-interest of the doctor in receiving the commission and not based upon the needs of the patients.

Infant Formula

In one of the worst examples of the effects of corruption, in 2008, thousands of Chinese infants became sick after drinking tainted baby milk which had been sold as safe for consumption. In response to this horrific event, “middle-class parents will go to any length to buy imported formula which they think is safe.” Moreover, “doctors and nurse often urge parents to start their newborns on formula, right from the maternity ward.” Unfortunately the Chinese media have alleged that “medical staff has been bribed to favor one brand over another”.

Entering into this imbroglio, is the French company Groupe Danone, which professed that it was “shocked” at such allegations aimed towards them, when the Chinese state television aired allegations that the “company bribed doctors and nurses to recommend its brand.” The national television company quoted a company manager who said that “the company pays hundreds of Yuan each year to bribe staff in Tianjin hospitals to feed newborns” the company’s brand. This bribery scheme extended past doctors to include nurses as well; both of whom received monthly incentive payments to use and recommend the company’s product.

Yet these allegations of wide-spread bribery and corruption are having other effects as well. Jack and Waldmeir cited to Marc de Garidel, chief executive of Ipsen SA, who said that some western companies have stopped doing promotions in China altogether. Obviously there is more and greater scrutiny by Chinese officials on not only western companies but Chinese health care providers as well; to the point that de Garidel said that in some areas, doctors did not even want to meet with pharmaceutical company representatives. Furthermore, and always omnipresent is the possibility of joint prosecutions by other national jurisdictions such as the US under the FCPA or UK government under the Bribery Act.

Another interesting effect has been on recruiting and hiring for western company’s Chinese operations. Jack and Waldmeir cited to Gregory Lovas, a corporate recruiter in the life science industry with CTPartners, who said that in the past “companies had seen China postings as a way of exposing their future leaders to an expanding market as now seeking greater existing “language, cultural understanding and market knowledge.” Lovas also said that for middle-managers his clients want “background checks and references stretching back as far as 10 years.”

As Forest Gump might say, “Stupid is as stupid does.” I wonder just how many more stupid mistakes the Astros can make this year. After all, there were only four days left in their 2013 season. As for bribery and corruption in China, the outlook is more long term. Deutsche Bank predicted that corruption investigations could well be “longer and larger” than originally thought. Or as Bette Davis intoned, if you are doing business in China, you had better fasten your seatbelt. It is going to be a bumpy ride.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

September 19, 2012

CEO Hubris and Compliance Catastrophes

What is the common denominator of every corporate catastrophe that you have heard about? Reporter Lucy Kellaway, in a Financial Times (FT) article entitled “Road test CEO’s to avoid corporate car crashes”, says that it is the “hubristic CEO”. I thought about that line as I sat at Minute Maid Park last weekend and watched the Houston Astros all but knock out the Philadelphia Phillies from the National League (NL) Wild Card hunt by winning 3 of the 4 games. The Astros then, of course, began their next series with a more routine loss to the St. Louis Cardinals; thus allowing the Astros to reach the rarified triple digit ignominy of 100 losses for a second consecutive season. But do not be disheartened, there are still 14 games left so the Astros could blow through last season’s record of ‘only’ 106 losses. Think that might qualify as a ‘catastrophe’?

Apparently not according to Astros owner Jim Crane, who once again shows that I am unsophisticated because I measure the success of a baseball team by that outdated metric of wins and losses. But what I did not realize about Mr. Crane is that he fervently believes that baseball is not simply a game. He once again pointed out my lack of foresight in an Op-Ed piece for the Houston Chronicle, “Building a baseball team and a city-together”, where he said “Baseball is a singular life experience that brings communities together, develops youthful confidence and strong values, shapes destinies and builds city spirit. Important life lessons are learned on the baseball field.” He then went on to note that the team’s “ultimate goal is not only a better team, but a better city.” How is he going to accomplish this rather lofty goal? Believe it or not, it all starts with the public presentation of the Astros new uniforms that he has been secretly working on all year. He actually ended this Op-Ed piece with the following line, “The first big step is only a few weeks away, on Friday, Nov. 2, at 5 p.m. at Minute Maid Park, when we reveal our striking new logo and uniforms reflecting the fresh start we will all make together next season. We hope every Astros fan will be there, as excited and fired up as we are about the bold new experiences ahead.”

Be still my heart. He is actually planning to make the City of Houston a better place by introducing new uniforms. I am sure the Mayor of Houston is thrilled with this assistance. Unfortunately I cannot find a public comment she has made on the subject to report to you. I suppose any long suffering Red Sox (think Jay Rosen) or Cubs fan would tell me wait until your team has a bad century and then you have the right to sound off as, after all the Astros were in the World Series in 2005 but Mr. Crane, really new uniforms, how about some old fashioned wins?

Kellaway’s piece asks that even in this age of documenting, checking, measuring, stress testing and reassessing with remedial actions of every conceivable type of risk, what is the one which is never tested? She believes that the answer is “the chief executive gets so high on power that he or she losses the plot.” Kellaway’s idea to help remedy this situation is amazingly simply. She argues that the idea is “to force all top executives to take an annual hubris test modelled on the MOT (UK Ministry of Transportation) test for cars.” She acknowledges that she poached this idea, from Chris Wiscarson, the head of Equitable Life. Kellaway’s contribution is to have the test administered by a company’s Board of Directors. The test itself would consist of simple questions presented to a Chief Executive Officer (CEO) such as:

•           How would you rate your own arrogance? (Rate from one to five)

•           Has it increased recently?

•           Have you changed your mind on anything substantively in the past year?

•           Have you done anything “slightly dodgy”?

She believes that “In answering these questions, spineless non-executive directors would be discouraged from fudging answers by the promise of a prison sentence should they fail to be candid.” In addition to this annual test, Kellaway believes that if a CEO makes some type of extraordinary statement of “exceptional hubris” this would cause an “immediate MOT failure.” She gives the example of the now former head of Barclay’s Bob Diamond who told the UK Parliament “a year ago that the time for bankers to apologise was past” he would have been “instantly out”.

The British Press seems to be leading quite a bit of soul searching these days about the trouble City banks and other companies have gotten themselves into recently. I found Kellaway’s piece interesting because she appears to realize not only how important “tone-at-the-top” is to set an ethical standard for a company; but more importantly she is engaging in the conversation of how to address this issue. If your corporate culture is simply to either make your numbers every quarter or ‘resign to pursue other opportunities” this may speak of a hubris which leads to a compliance catastrophe like the one Wal-Mart faced on April 21, 2012 when the story broke on the front page of the New York Times (NYT). But the Board of Directors must be prepared to lead this effort, in other words, a Board must actually govern. So maybe when the FCPA Professor characterizes the Wal-Mart Foreign Corrupt Practices Act (FCPA) scandal failure of corporate governance, he is on to something.

On the other hand, if you are Jim Crane, apparently if you get some snazzy new uniforms, you not only make your baseball team better but the entire City of Houston.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

August 23, 2012

The FCPA Compliance Strategic Plan – Some Lessons for the Astros

The Houston Astros were swept this week by the St. Louis Cards and are now on a 7-43 run, the worst in the majors since 1943. On the upside, the entire starting nine fielded by the Astros’ on Thursday had only one player, outfielder Ben Francisco, making more than the league minimum (approximately $483,000) and their combined salary was about $4 million less than the one-year deal of $9.75 million that Cardinals starter Jake Westbrook has just signed. So our new Astros owner should have plenty of money for those new American League uniforms he has been secretly working on.

One of the things that my colleague Stephen Martin talks about is the need for strategic planning for your Foreign Corrupt Practices Act (FCPA) compliance program. He suggests a 1, 3 and 5 year strategic plan which you should utilize as a road map for your compliance program in these time frames. Equally important, as a former state and federal prosecutor, he believes that such a document would be an important item to produce to a prosecutor, who might be reviewing your compliance program in the event of a voluntary self-disclosure, a Dodd-Frank or other whistleblower event, which has led your company to receive a subpoena or letter of inquiry or an industry sweep. He believes that such a strategic plan could well lead to the development of credibility for your company and your compliance program in the event of one of the aforementioned eventualities.

I pondered over Stephen’s thought on the subject of a strategic plan recently when I heard the Houston Astros General Manager say that he was not sure what plan he has to make the Astros a winning if not relevant, team again. Basically he said it was a 1, 3 or 5 year plan, or perhaps something else, he just wasn’t sure. With those words of encouragement in mind it would appear that the Astros plan is the following: (1) Year One: Lose to a new set of teams as the Astros will move from the National League to the America League; (2) Year 3: Continue to lose; (3) Year 5: Be all you can be. How is that for a strategic plan?

With the above in mind I was interested to read an article in the Houston Business Journal, entitled “Strategic planning needs constant follow-up to be successful” by Bruce Rector. As with Martin he recognizes that while a strategic plan can serve as guide for your company going forward, it must actually be utilized to garner any use out of it. Rector notes that “if your company and management team have expended the time and resources to pull together a strategic plan, the next logical step is to follow up and keep things on track.” While Rector’s article is not aimed at the compliance arena, I believe that the steps he lays out, translate without difficulty, into steps a compliance officer can take to meet the suggestion laid out by Martin above.

  • Review the Goals of the Strategic Plan. This requires that you arrange a time for the Chief Compliance Officer (CCO) and team to review the goals of the Strategic Plan. Rector advises that to the extent possible this should be done in person. The CCO should lead a discussion of the Strategic Plan and determine how this goal in the Plan measures up to its implementation in your company.
  • Design an Execution Plan. Here Rector advises that the “Keep it Simple Sir” or KISS method is the best to move forward. This would suggest that for each compliance goal, there should be a simple and straight forward plan to ensure that the goal in question is being addressed. Rector notes that any “plan must be specific with clear tasking and deliverables and a definite timeline for delivery.”
  • Put Accountabilities in Place. In any plan of execution, there must be accountabilities attached to them. Simply having a time line is not enough. This means that the persons tasked with the responsibility of performing the tasks be clearly identified, by both the individual so tasked and the actual task they are assigned to complete. Accountability also includes a “follow-up mechanism to ensure that these vital goals are achieved.” This requires the CCO or other senior compliance department representative to put these in place and then mandate a report requirement on how the task assigned is being achieved.
  • Schedule the Next Review of the Plan. Most interestingly, Rector recommends a review of the foregoing process on a weekly basis. While noting that this may seem time consuming, he believes that once the group assigned with this responsibility gets “into the rhythm, it can go smoothly.” While I would not necessarily agree that weekly meetings are required, Rector does correctly note that such regularity allows any problems which may arise to be detected and corrected more quickly than if meetings are held at a less frequent basis.

Martin’s guidance that a FCPA strategic plan can be a key part of your overall compliance program is sound advice. However, simply developing a strategic plan is not enough. Rector concludes by stating that “Part of management’s responsibility is to continually reinforce the vision and goals of the company, as set forth in this plan.” This is particularly true in the compliance arena, where assessment and updating are critical to an ongoing best practices compliance program. If you follow the process laid out by Rector, you will put a mechanism in place to demonstrate your company’s commitment to compliance by following through on intentions as set forth in your strategic plan.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

August 19, 2012

Oracle India Parks Monies While the Astros Move on Down to AAA

The Houston Astros announced today that are now officially a Triple-A (AAA) ball club. How do we know this? Because last night they fired their major league Manager Brad Mills and replaced him with their current (and apparently still) AAA Manager, Tony DeFrancesco. When reached for comment, Astros owner Jim Crane, fresh from his redesign of the Astros jerseys, said “We are either (a) playing AAA players or (b) playing like AAA players so I thought it would make the guys more comfortable.” [OK, I confess I made up the quote.] However, I did not make up the letter that General Manager Jeff Luhnow sent to season ticket holders last week apologizing for the terrible play of the team this year but he hopes we will all continue to buy tickets this year and next to “support the team”. No word on whether refunds will be given with all the money the Astros are saving as a AAA club playing in the National League or even that the Astros will reduce their prices to AAA rates.

As reported by the FCPA Professor last week, the Securities and Exchange Commission (SEC) announced the settlement of an action against Oracle for violations of the books and records provisions of the Foreign Corrupt Practices Act (FCPA). Unlike the Astros, who publicly announced their move to AAA status, Oracle got into FCPA hot water because its Indian subsidiary directed its distributor to set up a separate slush fund of monies which could be and were used to pay monies to persons unknown. According to the SEC Complaint, the scheme worked as follows: Oracle India would identify and work with the end user customers in selling products and services to them and negotiating the final price. However, the purchase order would be placed by the customer with Oracle India’s distributor. This distributor would then purchase the licenses and services directly from Oracle, and resell them to the customer at the higher price than had been negotiated by Oracle India. The difference between what the government end user paid the distributor and what the distributor paid Oracle typically is referred to as “margin” which the distributor generally retains as payment for its services. That description sounds like most distributor relationships but this was not what got Oracle into trouble.

The Scheme

As further specified in the Compliant, “certain Oracle India employees created extra margins between the end user and distributor price and directed the distributors to hold the extra margin in side funds. Oracle India’s employees made these margins large enough to ensure a side fund existed to pay third parties. “At the direction of the Oracle India employees, the distributor then made payments out of the side funds to third parties, purportedly for marketing and development expenses.” The SEC Compliant noted that “about $2.2 million in funds were improperly “parked” with the Company’s distributors.” To compound this problem, employees of Oracle India concealed the existence of this side fund from Oracle in the US and hence there was an incorrect accounting in Oracle’s books and records.

The Complaint further noted that “Oracle India’s parked funds created a risk that they potentially could be used for illicit means, such as bribery or embezzlement” and then went on to highlight such an instance which occurred in May 2006, where Oracle India secured a $3.9 million deal with India’s Ministry of Information Technology and Communications. Oracle’s distributor accepted payment from the end user for the full $3.9 million. Under the direction of Oracle India’s then Sales Director, the distributor sent approximately $2.1 million to Oracle, which Oracle booked as revenue on the transaction. Oracle India employees then directed the distributor to keep approximately $151,000 as payment for the distributor’s services. The Oracle India employees further instructed the distributor to “park” the remaining approximately $1.7 million to be used for disbursement towards “marketing development purposes.” Some two months later, an Oracle India employee provided the distributor with eight invoices for payments to third party vendors, in amounts ranging from approximately $110,000 to $396,000. These invoices were later determined to be false. Further none of these third parties, which were just storefronts and provided no services on the deal, were on Oracle’s approved vendor list.

Failure of Internal Audit

All of the above were in violation of Oracle’s internal policies, however the Compliant specified that “Oracle lacked the proper controls to prevent its employees at Oracle India from creating and misusing the parked funds” and prior to 2009 “the Company failed to audit and compare the distributor’s margin against the end user price to ensure excess margins were not being built into the pricing structure.” Oracle failed to either (1) seek transparency in its dealing with the distributor and (2) audit third party payments made by the distributors on Oracle’s behalf” both of which would have enabled the Company to check that payments were made to appropriate recipients. Indeed the scheme only came to Oracle’s attention during an unrelated “local tax inquiry to Oracle’s India distributor”. This sounds reminiscent of HP Germany where a routine Bavarian Provincial tax audit picked up the suspicious payments which lead to a FCPA investigation.

What Did They Do To Remedy It?

However, even with the above listed failures of Oracle’s compliance program, the Company did take Maxim Three of McNulty’s Maxim’s to heart: What did you do to remedy it? The Complaint indicated that the person in charge of Oracle’s Supply Chain at its Indian subsidiary resigned and left the company. An internal investigation was undertaken and four employees of the Indian subsidiary who had actual knowledge of the scheme were terminated. Additionally, “Oracle took other remedial measures to address the risk and controls related to parked funds, including: conducting additional due diligence in its partner transactions in India so that Oracle had greater transparency into end user pricing in government contracts; terminating its relationship with the distributor involved in the transactions at issue; directing its distributors not to allow the creation of side funds; requiring additional representations and warranties from distributors to include the fact that no side funds exist; and enhancing training for its partners and employees to address anti-corruption policies.”

So what does this mean for the compliance practitioner? This is the second matter, the first being the Smith and Nephew enforcement action, which focused on distributors. If your company uses this model to handle or supplement its sales channels, you should immediately review the entire process, from business purpose, to due diligence, to contract terms and post-contract management, to make sure that your company is following minimum best practices with regards to this sales mechanism. You should also put selective distributors on your company’s internal audit schedule for the next cycle.

And if you are an Astros fan…You think the Astros will reduce prices to AAA rates?

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

April 9, 2012

Bill James, the Baseball Abstract and the Use of Metrics in Compliance

As of today, the Houston Astros (at 2-1) are above .500 in wins and losses for the first time since July 2009. So we celebrate that most important of baseball metrics, the wins and losses.

One of the joys of baseball is the almost innumerable metrics available to the fan, fantasy league manager or just plain stat freak. Batting Average (BA), On-Base Percentage (ONP), Slugging Percentage (SP), On-Base Slugging Percentage (OBSP), and Earned Run Average (ERA) are but a few. Indeed there are full glossaries to define the various statistical measurements used in baseball now. The use of statistics in baseball was made most popular by Bill James and his development of his work, “Baseball Abstract” and more recently popularized in the book by Michael Lewis made into the Oscar-nominated movie “Moneyball” starring Brad Pitt.

However, in the world of Foreign Corrupt Practices Act (FCPA) and other anti-corruption compliance metrics, many compliance practitioners are still in the infancy of using statistics to help inform and measure a compliance program. A recent article in the April 2012 issue of the Harvard Business Review, entitled “Good Data Won’t Guarantee Good Decisions” by Shvetank Shah, Andrew Horne and Jaime Capella, explores this issue and comes to a conclusion which bedevils many compliance practitioners. It is that “most companies have too few analytic-savvy workers.” The article then goes on to provide guidance on how to develop them. The authors begin by identifying four main problems which they believe prevent companies from utilizing the data that they generate.

Four Problems

1.      Analytics skills are concentrated in too few employees within the company. The authors note that “when a new form of analytics enters the workplace” companies will hire experts to manage and interpret it. They somehow believe that this expert knowledge will ‘trickle down’ throughout the ranks of the company. However, the experts who install the technology to generate the data may not even train before their consulting assignment is over. Even if they put on training, company employees may well not use the technology or data very often and the training may not be retained. If the experts are not kept onboard for ongoing mentoring or data interpretation, the company will not know how to use the data.

2.      Company IT functions need to spend more time on the “information” quotient of IT and less time on the “technology” quotient. The authors believe that most IT functions were developed in conjunction with Finance, Human Resources (HR), Supply Chain or other departments within an organization “where the business needs are clearly defined, stable and relatively consistent over a wide group of users.” Though, in other groups or departments such as compliance, there may be diverse data or a group of compliance practitioners which cannot fully articulate their specific needs. The authors believe that most IT departments cannot meet such “anthropological skills and behavioral understanding.”

3.      The problem is not that there is too much information but that it is too hard to locate. Even if IT can collect the appropriate data, the authors believe that many within organizations do not have a “coherent, accessible structure for the data” which the company has collected. They liken the situation as one similar to a “library without a card catalogue” (how’s that for old school!). Even with the rise of mobile computing platforms such as tablets or smartphones, it is now harder to manage analytic content.

4.      Senior management is not trained to manage information as well as they are trained to manage talent, capital and brand. Here the authors seem to be the most critical. They almost scream out when they say, “Management needs to wake up to the fact that their data investments are providing limited returns because their organization is under-invested in understanding the information.” They believe that too few senior managers treat data as something that the company’s IT department should handle and analyze. Conversely senior management considers its time too valuable to make sure that the appropriate information is shared appropriately across the organization.

Three Prescriptions

Does any of the above sound like problems in your organization? The authors deliver three prescriptions which they believe can help to overcome the issues that they identify as impediments to the use of data analytics. First and foremost is training. The authors believe that companies should spend more time and money training employees on the use of statistics. Recognizing that almost anyone with any type of business degree from a college or university had some type of statistics course, the authors believe that companies should offer refreshers or build upon this base. But they point out that training should not end with classroom courses or refreshers. Ongoing coaching is equally important to provide follow up and answer the inevitable questions that arise in the day-to-day use of new analytics.

The second change that the authors urge companies to make is how to “more efficiently incorporate information into decision making.” They point out that some of the best data-driven companies “have formalized the decision-making process, setting up standard procedures so that employees can obtain and correctly use the most appropriate data.” This should be reinforced by a company through its rewards system in the form of employee reviews and specific job objectives but a key is make certain employees are not penalized for making “diverse contributions, challenges and second-guesses” to data.

The third prescription is for a company to provide its employees with the right tools to use the data. The authors believe that “half of all employees find that information from corporate sources is in an unusable format.” The authors believe that the best practice for a company is to employ improved data “filtering and better visualization.” However, the authors caution that whatever tools are used, the unfiltered data needs to be available if an employee wants or needs to drill down into the raw data.

The authors have presented a framework which a Compliance Department can begin to think about what metrics it wants to evaluate, how to set up a program to train the department’s compliance practitioners to use the data. A Compliance department needs to ensure that it provides closure for any gaps that it might have in the interpretation of data and to keep pace with the information which it imports into its compliance program. If you need more help, consider reading “Moneyball” to see how the Oakland Athletics’ used analytics to help build a record setting team.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 25, 2011

What are the Odds in Your FCPA Compliance Investigation?

The experts have spoken and the Astros are a 75-1 long shot to win the World Series. But that is just what the experts predict and as we are 3 weeks away from pitchers and catchers reporting for Spring Training I prefer to take the pink cloud approach, that at least as of now, the Astros have as good a chance as any team to make it to the Fall Classic. Of course, in the 50+ years of professional baseball in Houston, the Astros (and their predecessor Colt 45s) have made it that far only once. But at least it happened in my lifetime…

All of which brings us to this posting’s topic, Catelas software. In my transaction lawyer life, I do work for some medium to small software companies, which license software generally related to the energy industry. One of the best pitches you can make about a software product is along the lines of the following, “I have this software which can do some really cool stuff.” I recently saw a demonstration of Catelas software and came away thinking, this is some really cool stuff. But even more than such platitudes, the software allows the FCPA compliance professional a different way to continuously monitor within a company for possible Red Flags and to begin, organize and implement a FCPA compliance investigation in a more cost effective manner.

The Catelas software imports and analyzes communications data, like email, IM, telephony and SMTP log files from systems such as Microsoft Exchange Servers and Lotus Notes. The Catelas product then leverages social network analysis and behavioral science algorithms to analyze this communications data. These interactions are used to uncover and display the networks that exist within companies and between the employees of companies. Additionally, relationships between employees and external parties such as private webmail users, competitors and other parties can be uncovered.

From this data, Catelas creates visual relationship maps. These maps can assist a company focus resources in any FCPA compliance investigation on any persons within the company an individual under investigation has interpersonal relationships. The thesis of this approach is that data and information move through trusted relationships. A person who may be involved in a FCPA compliance matter, would be more likely to use such trusted relationships within a company, rather than involving others, to transmit data and information or to engage in any FCPA violative activity.

This approach can assist an investigator in not only finding out what may have transpired in the past but it also allows the investigator to focus who should be questioned going forward. Such relationship maps can also inform the overall investigation protocol by allowing a company to key in on certain persons and transactions; rather than simply running the entire company’s email database through a key word search program, or worse yet, having a law firm (presumably young associate) read every email, at the earliest, preliminary investigative stage.

By automatically uncovering who is talking to whom, when they connected and how well they know each other, the Catelas software product identifies both the internal and external people most likely to be involved. This allows a company to review more relevant data and from that point, expand the scope of any FCPA investigation as warranted. The Catelas approach can assist a FCPA compliance investigation in at least three ways.

1. Early Assessment: quickly ascertain the scope, cost and risk associated with an incident or case making you better prepared, earlier. Determine if there is a FCPA violation, who is involved, both internal & external and uncover all relevant content.

2. Data Identification & Collection: determine who and what to investigate before collecting a single email or pulling data from computers. Eliminate the need to re-collect later, avoid spoliation. Eliminate early irrelevant custodians and avoid over collection.
3. Compliance: quickly uncover inappropriate relationships, non-obvious connections and webmail information theft by dynamically monitoring communications patterns of employees, partners and consultants inside and outside your organization.

If any of this piques your interest, I would suggest you check out the Catelas website. It provides visuals on what I have been describing. You are probably wondering how the Catelas product relates to the Astros and their 75-1 shot at making the Big Dance next fall. Well, if you utilize this software product, I believe it would put your odds at much better than the Astros winning the World Series. Moreover, Catelas will allow you to conduct a more efficient, more cost effective and focused FCPA compliance investigation.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.
© Thomas R. Fox, 2011

Blog at WordPress.com.