FCPA Compliance and Ethics Blog

December 21, 2012

Is It the End of the (Compliance) World?

It’s the end of the world as we know it.

 It’s the end of the world as we know it.

It’s the end of the world as we know it and I feel fine.

Today the Mayans predicted the world would end. I must say that I find the Mayans had a complete lack of courtesy, indeed if not foresight, as they did not identify the time the world would end and further did not specify if the time not indicated would be GMT or some other time zone. I would note for the record that for anyone who went to college in the 1980s, the R.E.M. version may be more prescient – “It’s the End of the World as We Know It (And I Feel Fine)” and I actually feel pretty good today, and thanks for asking. Finally, for all you conspiracy theorists out there, you might recall that, in the final episode of the X-Files, the Cigarette-Smoking Man predicted the end of the in 2012, although with even less courtesy than the Mayans, he did not give us any date. So if you are reading this blog it means that the world has not yet ended. If you are not reading it, I hope you enjoyed the rapture.

While the Mayans may have believed that the apocalypse was coming down as we neared the end of 2012, there may well be other events which have a more contemporary meaning for us. Exhibit A is the article in the Wednesday Wall Street Journal (WSJ), entitled “A Banker’s Costly Cab Ride”, in which reporter Aaron Lucchetti detailed the woes which have befallen the former Morgan Stanley employee William Bryan Jennings who got into a dispute with a cab driver over a fare during the holiday season in the pre-apocalypse year of 2011. The dispute got so heated that Jennings pulled a pen knife on the cab driver and cut him so that the driver required stitches. Police filed and later dropped charges against Jennings but Morgan Stanley fired him in October of this year, before there was a final determination that the charges would be dropped.

Jennings, a 22 year veteran of the company, was fired for breaching the Company’s Code of Conduct, which was reported to read in part “We promote a culture of integrity by taking personal responsibility for our actions, making the right decisions and being accountable.” The Code further specifies, “…If you violate the Code or other Morgan Stanley policy or procedure, you will be subject to the full range of disciplinary sanctions, including termination of your employment.” In addition to summarily firing him, the WSJ article reported “Morgan Stanley refused to give him a deferred-compensation payment in June and has frozen as much as $5 million or more…” Ouch!

In our continuing look at “Banks Behaving Badly” Exhibit B is the report by Bloomberg News regarding the HSBC $1.9 billion settlement with the US Department of Justice (DOJ) to resolve its anti-money laundering violations. In an article entitled “HSBC Judge Requests Reasons to Approve Drug-Money Accord” it is reported that the Judge, who will pass upon the settlement with HSBC, has asked the parties “to submit a brief giving reasons he should approve the bank’s $1.9 billion settlement of money-laundering charges over drug cartel-related transfers.” The Judge was quoted as saying, “My suggestion is you present to the court a document that demonstrates why I should accept the agreement” and “There’s been some publicized criticism of this. I think you should feel free to address it.” With all the criticism of the settlement and its no criminal penalties perhaps he wants to know the same thing as Halah Touryalai, who asked in an article entitled “Final Thought On HSBC Settlement: How Much Bad Behavior Will We Tolerate?”, “What’s a bank got to do to get into some real trouble around here?” She then added, “The scary part about the HSBC settlement is that U.S. authorities are essentially saying they couldn’t act on criminal charges because it would harm the larger financial system. That’s got many calling HSBC (and potentially others) too-big-to-jail.”

Exhibit C is the article today in the WSJ by Chris Matthews entitled, “Judge Won’t Approve IBM, SEC Bribery Settlement”. In it he reported that the District Judge, in whose court the SEC filed its agreed to settlement with IBM for FCPA violation, refused to accept the agreed upon settlement. Judge Leon, the trial judge in the Gun Sting cases, was reported to have said he, “couldn’t approve the settlement unless the SEC and IBM agreed to abide by additional settlement terms imposed by the court or explain why the terms are too burdensome.” IBM’s counsel argued that certain of the Judge’s conditions were too burdensome and these included, that “that IBM must report to the court and the SEC annually on its efforts to comply with the FCPA, report any future violations of the FCPA, and report any new criminal or civil investigations.” Matthews wrote that “IBM said it was willing to report future improper payments, and books and records violations related to such payments, but was unable to report broader accounting inaccuracies that weren’t tied to improper payments.” Judge Leon asked “So if they learn about other FCPA violations, they get a pass on that?” He also “pressed lawyers for the SEC and IBM about what data they had to prove reporting FCPA books and records violations would be burdensome and wondered aloud why “one of the largest companies in the world” couldn’t track that.” Burdensome indeed.

So if the world does not end today, I hope that you have (or will) enjoy the shortest day of the year. As this will be my final post before Christmas, a Merry Christmas to all. I submit for your holiday enjoyment what I consider to be the greatest Christmas and holiday song of all-time, Nat King Cole singing “The Christmas Song”.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

March 22, 2011

Internal Controls under the UK Bribery Act and FCPA

Although much is still unclear about the implementation date, or the manner in which the UK Bribery Act will be enforced, it is clear that one of the important compliance functions which a company should implement is appropriate internal controls. The previously released Consultative Guidance had the following language regarding internal controls, “Businesses should also consider how their existing internal company procedures can be used for bribery and corruption prevention. For example, financial and auditing controls, disciplinary procedures, performance appraisals, and selection criteria can act as an effective bribery deterrent.”

Internal controls are a key component of any best practices compliance program, whether based upon the Foreign Corrupt Practices Act (FCPA); OECD Good Practices or another local law. Appropriate controls are always needed for the reason that if a compliance program relies simply on the issuance of compliance policies, and on the honesty of a company’s employees, a company may get lucky and avoid a violation but a it will not have an effective compliance program.

Internal controls means more than simply financial and auditing controls. As noted by the UK Bribery Act Consultative Guidance, internal controls should also be applied to other areas of a company’s overall program. Internal controls can provide a check on employee training, certification and testing; issues related to employee performance, such as performance appraisals and disciplinary procedures; and third party due diligence and administrative procedures.

As recently as last week, yet another enforcement action was announced by the Securities and Exchange Commission (SEC) for violation of the books and records component of the FCPA. The SEC agreed to a settlement related to a finding that IBM’s internal controls were inadequate. Improper payments were made to South Korean officials and improper travel and entertainment was paid for Chinese officials. All the payments were by subsidiaries for which IBM was held responsible.

Within the FCPA, the requirements of the books and records provision requires that a company keep detailed books and records which fairly reflect the company’s transactions and disposition of assets. While many companies are familiar with external auditors, who consider materiality to financial statements when determining an audit scope and where the audit focus is the fairness of the presentation of financial statements in all material aspects. They are also experienced with audits for Sarbanes-Oxley (SOX) purposes, which allow exclusion of coverage for immaterial processes and locations and the focus is more directed to the avoidance of material misstatements in the financial statements. However, this materiality issue does not arise under the books and records provisions of the FCPA. Put another way – there is NO materiality consideration – either in the transaction amount or the size of the operations.

Effective controls generally mean that a company’s controls are designed to meet specific objectives. A company’s internal control system should include measures to ensure that controls are consistently and accurately performed. A company should maintain internal accounting controls which provide reasonable assurance that:

  • Transactions are properly authorized;
  • Transactions are accurately recorded;
  • Accountability for assets is maintained; and
  • Unauthorized access to assets is prevented.

It is important that a company assesses its internal accounting controls at regular intervals. This means that a company should compare the recordkeeping for assets to an inventory of the actual physical assets. If there are discrepancies, remedial action should be taken. Some examples of this can be physical inventory counts, fixed asset counts and cash reconciliation.

Last week’s SEC enforcement action against IBM drove home yet again the importance of adequate books and records in any FCPA compliance program. Internal controls are a key element in providing sufficient records. An overlooked part of the UK Bribery Act is that all companies subject to its rules and regulations must have an adequate internal controls program, encompassing areas much broader than adequate books and records. These areas should be assessed and remedial action taken to correct any deficiencies as  part of a company’s ongoing assessment and compliance program update.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Blog at WordPress.com.