NPA | FCPA Compliance and Ethics Blog

December 8, 2014

DPAs and NPAs – Powerful Tools in the Fight Against Corruption

Filed under: Best Practices,Corporate Monitors,Deferred Prosecution Agreement,Department of Justice,FCPA,FCPA Professor,Hewlett-Packard,HP,Leslie Caldwell,Non-Prosecution Agreements,SEC — tfoxlaw @ 12:01 am
Tags: compliance programs, Department of Justice, DPA, FCPA Professor, NPA

As readers of this blog know the FCPA Professor and I usually look at the same Foreign Corrupt Practices Act (FCPA) enforcement action, item or remark and see different things. Sometimes we even hear the same thing and come away with different interpretations. Last week, we experienced yet another instance of the former where we both looked at the same article, that being one in Global Investigations Review entitled “Caldwell: settlement a “more powerful tool” than convictions” by Rahul Rose, yet came away with different interpretations. After some to-ing and fro-ing, we decided that we would both post our interpretations on the same day. So with a nod to Dan Fogelberg and Tim Weisberg, today we have the first twin posts from different bloggers dual- blog posts. Since we agreed to write our respective posts without seeing the other’s post and hence could not comment on each other’s post, I urge that after you finish reading my blog today, you click on over to the FCPA Professor’s site and see what his thoughts on Caldwell’s remarks might be.

The specific remarks we want to focus on were apparently made by during the Q&A session of Assistant Attorney General Leslie R. Caldwell who spoke at the Launch of the Organization for Economic Co-operation and Development Foreign Bribery Report, note these remarks were not found in the printed remarks of the speech on the Department of Justice (DOJ) website. In her Q&A, Rose reported the following, “Caldwell told the audience in Paris: “Companies cannot be sent to jail, so all a court can do is say you will pay ‘x’. We can say: ‘you will also have a monitor and will do all sorts of other things for the next five years, and if you don’t do them for the next five years then you can still be prosecuted’.” [And for the money shot] “In the United States system at least it is a more powerful tool than actually going to trial,” she said.”

It turns out that I have been thinking along these lines as well. The debate over the usefulness of Deferred Prosecution Agreement (DPAs) and Non-Prosecution Agreements (NPAs) has been long attended. Yet there are a couple of key reasons that DPAs and NPAs are such powerful tools in the fight against anti-corruption and anti-bribery which I do not believe have been fully articulated or explored. The first is that by settling, the DOJ (and Securities and Exchange Commission [SEC]) will have the ability to monitor the company going forward. This process began under the practice of formally appointing a corporate monitor nominated by the company in the throes of the enforcement action and who would be agreed to by the DOJ. This practice is generally referred to as a company having mandatory monitor.

While this specific practice received a fair amount of criticism from a variety of sources, the basic concept was sound. That concept was that a neutral third party would review a company’s compliance with the terms and conditions of a DPA or NPA and report to the DOJ at intervals generally no shorter than annually. This would give the DOJ eyes and ears into a company to oversee its adherence to the terms of the settlement. But what information did Caldwell convey in her statement as to why she thinks settlements are such a powerful tool? I read three pieces of information her statement about why FCPA settlements are such powerful tools.

‘Do All Sorts of Other Things’

Under this prong a settling defendant is required to do “all sorts of other things.” We know from the DPAs and NPAs relating to FCPA enforcement over the past several years, the minimum that a company will be required to institute is a best practices anti-corruption compliance program. While the FCPA Guidance specifies ten hallmarks of an effective compliance program, the DPAs and NPAs have had between 9 to 16 items listed in the best practices anti-corruption compliance programs that settling companies’ have agreed to institute. If the DOJ went to trial and secured a conviction the company would not have to put such a compliance program in place but only pay a fine or some other monetary penalty. Further, by requiring such a best practices anti-corruption compliance program in such a public manner, through a publicly filed DPA or NPA, the DOJ can communicate its current thinking on what it believes constitutes such a program. This provides valuable information to the compliance practitioner going forward and I believe completely disabuses the argument that companies cannot know what their obligations might be to comply with the FCPA or that companies do not know what the DOJ expects from them in the area of a FCPA compliance regime.

‘You will also have a monitor’

David E. Matyas and Lynn Shapiro Snyder from the law firm of Epstein Becker & Green P.C., described the duties of a corporate monitor in their article entitled, “Monitoring the Monitor? The Need for Further Guidance Governing Corporate Monitors Under Pre-Trial Diversion Agreements”. The monitor would meet with “the company’s board and employees. A monitor then develops a work plan which defines the scope, access, and power the monitor will have over the company. The monitor’s work involves frequent visits to the company (including possible on-site accommodations) and broad access to company documents and meetings. The monitor should be knowledgeable about the regulatory aspects of the company’s operations, but that is not necessarily a criterion for selection of the monitor. Indeed, a monitor can hire others to assist in his or her responsibilities at the company’s expense. The monitor files periodic reports with the U.S. Attorney’s Office and makes visits with that office as well as with the company. At the conclusion of a monitor’s term – often 24-36 months – the monitor files a final report that details the activities accomplished and whether the company complied with all the terms of the agreement.”

So the monitor provides the DOJ with continued insight into what the company is doing to satisfy its settlement obligations around the implementation of its compliance program. If the DOJ has high confidence that the company has and will continue to put significant resources and efforts into its compliance program, it may agree to a voluntary monitor, as we have seen with the Parker Drilling and Hewlett-Packard (HP) DPAs. If the DOJ does not have such confidence, it may require a monitor for the length of the DPA, such as we saw in the Total DPA, which was three years. The DOJ may also take an interim position on the mandatory or voluntary nature of the monitor by allowing a company to end a mandatory monitorship half-way through the pendency of a DPA as it did with the Weatherford DPA, which allowed the mandatory monitorship to end at the 18 month mark of a three year DPA, if certain criteria were met.

‘You can still be prosecuted’

This final point is not to be underestimated. Once again if a company is found guilty at trial, a fine and/or penalty will be assessed and payment is the end of it. While it still may be under enhanced scrutiny, it will not have the affirmative obligation to report any FCPA violations going forward, nor will it bear potential liability and prosecution for failure to implement the terms and conditions of the DPA or NPA. Indeed, the company will agree to be prosecuted if there is another violation or it fails to implement as agreed to.

So by using DPAs and NPAs as settlement tools, I believe that the DOJ is able to impact on an ongoing basis, for two to three years, the compliance program of a settling company. This continued oversight usually translates into greater enthusiasm by a settling company to get compliance right so that it does not have to go through the full FCPA investigation and enforcement process. Of course there will always be recalcitrant companies such as Marubeni Corporation, which do not take the agreed to compliance obligations seriously going forward. When they get into trouble as recidivists, the second penalty is usually much higher. But there is also benefit to the compliance practitioner and greater compliance community because the DOJ communicates its expectations in these DPAs and NPAs. So they also work as powerful communication tools. Finally, by requiring a third party to act as the monitor, whether voluntary or mandatory, the DOJ can get some independent insight into what a company is doing compliance-wise.

Not knowing what the Professor has said, I have not tried to anticipate his arguments or rebut them directly. Nonetheless, I have tried to articulate why I agree with Ms. Caldwell’s remarks and why I continue to find the DOJ’s use of DPAs and NPAs as settlement tools a powerful weapon in the fight against bribery and corruption. I also hope that you will find favor with this exercise that the FCPA Professor and I have engaged in because we both believe that ongoing debate over FCPA enforcement is worthwhile for the compliance practitioner and necessary for the long-term success of compliance moving forward.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

Leave a Comment

September 18, 2013

Why a Compliance Defense Will Not Make a Compliance Program Effective

Filed under: Best Practices,Bill Athanas,compliance programs,Deferred Prosecution Agreement,Department of Justice,Enforcement Actions,FCPA,Non-Prosecution Agreements — tfoxlaw @ 1:01 am
Tags: Declination to Prosecute, DOJ, DPA, FCPA, NPA

Ed. Note – this week, I am pleased to join my colleagues David Simon, partner at Foley & Lardner LLP, and William ‘Bill’ C. Athanas, partner at Waller Lansden Dortch & Davis, LLP, in a tripartite debate on the efficacy of the affirmative defense of a compliance program to the Foreign Corrupt Practices Act (FCPA). Today, I will present my views, from the perspective of a former in-house counsel, on why a compliance defense would not help to create greater compliance with the FCPA. Tomorrow, David will discuss his views, from the perspective a white collar defense practitioner, on why a compliance defense under the FCPA would foster greater compliance with the Act. And finally, on Friday, Bill will present his views as a former Department of Justice (DOJ) prosecutor. I hope that you will enjoy our debate.

My starting position is that I do not believe a compliance defense would be effective in giving companies additional clarity or comfort in the design or implementation of their anti-corruption compliance program. I also think that a compliance defense could lead to unintended and adverse consequences that could seriously downgrade the effectiveness of anti-corruption programs.

I. Current Credit in Place

Currently there is credit for an effective compliance, as set out in the DOJ’s prosecution guidelines; the “Principles of Federal Prosecution of Business Organizations”, which is the DOJ’s policy on the factors it considers when instigating a prosecution of a company, it includes a requirement that prosecutors consider “the existence and effectiveness of the corporation’s pre-existing compliance program.” These factors have been borne out in the numerous Declinations to Prosecute granted over the years. While only one of these Declinations, the Morgan Stanley Declination, has been publicly announced, there were six Declinations listed in last year’s FCPA Guidance, with the company identifiers removed. All of this information makes clear that the DOJ currently takes the state and effectiveness of a compliance program into account when making a decision.

II. Trial Lawyers v. Corporations

Both of the two gents I am debating with this week are trial lawyers and I am a recovering trial lawyer. A trial lawyer’s job is to try cases. If you do not want to go to the courthouse, you should not consider yourself to be a trial lawyer. I grew up in a litigation system where there was one lawyer per side at trail. Mano-y-Mano; the two gunslingers on Main Street at High Noon, the King’s Champion – single combat warriors sent out to do battle in the courtroom for their clients. Such is the job of the trial lawyer. Trial lawyers are risk takers and will to push the envelope in front of a judge or jury. If you claim to be a trial lawyer and never go to court it will not instill any fear or much respect from your opposition. You may even turn into a laughingstock. It does not matter how big a jerk you can be in discovery and pre-trial pleading practice, if you are afraid to go to trial, you are useless as a trail lawyer.

Just as trial lawyers are made for trials corporations are not. Corporations do not and will not go to trial in FCPA cases because it is not in their interest to do so. So if a corporation will not go to trial, a compliance defense has as much use as a trail lawyer afraid of the courtroom, in other words it is useless. There are a myriad of reasons that it is not the job of a company to go to trial but I will focus on two: (1) certainty; and (2) the “Arthur Anderson” effect.

A. Certainty

The primary reason for a company, which violates the FCPA, entering into a settlement via a Deferred Prosecution Agreement (DPA), Non-Prosecution Agreement (NPA) or other vehicle, is certainty. The one thing I learned in almost 20 years of trying cases in the US (civil side only) is that nothing is certain when you leave the final decision to an ultimate trier of fact who is not yourself, whether that trier of fact be a jury, judge or arbitrator. The most important thing for a company is certainty and that is even more paramount when a potential criminal conviction looms over its corporate head. Certainty is equally critical for the prosecution. No matter how ‘slam dunk’ the facts are, or appear to be, once a prosecutor turns over the final decision to another trier of fact; the prosecution has also lost certainty in the final decision. Every corporate defendant that goes to trial can, and should, raise all procedural and factual defenses available to it. No prosecutor can ever be 100% certain that it will win every court ruling or that a guilty conviction will be upheld on appeal. However, a settlement brings certainty and for a company that certainty is in its rights and obligations and for the prosecution the same is true.

B. The Arthur Anderson Effect

Arthur Anderson was the auditor for Enron Corporation (Enron). Neither Enron nor Arthur Anderson exists today. The reason that Enron no longer exists is that it was guilty of unsustainable fraud. The reason Arthur Anderson no longer exists is that it destroyed documents relating to its auditing services for that unsustainable fraud – Enron; primarily for countenancing in and/or not detecting the fraud. Arthur Anderson was convicted for these actions. It is of no matter that the verdict was overturned on appeal.

My former This Week in FCPA podcast partner, Howard Sklar, wrote in a piece for forbes.com entitled “Against a FCPA Compliance Defense”, that “Corporations cannot afford to fight these cases through to the stage where an affirmative defense becomes relevant.” He quoted Doug Bain, the former General Counsel (GC) of Boeing Co., for the effect on Boeing if it were to be indicted:

So what’s the impact if we get indicted or convicted?

Besides the normal fines and that kind of stuff, there’s a presumed denial of export licenses, and that would be both on the commercial and the government side. In a moment, I’ll give you an idea of why we are concerned about that one.

We can get re-suspended or all of IDS (Integrated Defense Systems) can be debarred.

We can lose our security clearances.

And one nasty little thing is that the Bureau of Alcohol, Tobacco and Firearms, which has an almost explicit prohibition on possessing explosives. For those of you who are at BCA [Boeing Commercial Airplanes], you might remember that every single door on an airplane has actuators that are triggered by explosives.

Other commentators have attempted to demonstrate quantitatively that the Arthur Anderson effect is not correct. While I do not agree with their analysis, even if I did, simply running the numbers misses the point. Corporate counsel are not trial lawyers, they are in-house corporate counsel. Their job is not to be gunslingers but to protect and preserve the corporation for its stakeholders. So, by their nature, they tend to be less of a risk-taker than trial lawyers and can be more conservative. This difference in philosophy plays out in the following question: Do you want to be the first GC to go to trial and find that the Arthur Anderson effect is real? Or do you want to settle and play it safe? And, of course, as Sklar notes “Even if a company wins eventually, oftentimes the damage is done: see, e.g., Arthur Andersen.”

The value of a compliance defense is suggested in the name, ‘defense’. It is only useful if it is raised as an affirmative defense at trial. If a company says, ‘we have a compliance defense, you cannot get to us’ a rational response from the prosecutors might be, ‘OK, let’s go to trial.’ There would be no credit for an effective compliance program in any settlement discussion because there would not be any settlement. More pointedly, it might make the DOJ even more aggressive in negotiations because they could simply take the position that a company must now prove it had a compliance program and that the compliance program was effective. How many compliance programs could stand the detailed scrutiny which would occur in a criminal case or in civil pretrial discovery? Every company has documents which discuss the areas in which the program is not fully effective. They would certainly be found in discovery. Lastly, no honest compliance officer could ever say that a program is fully “effective.”

Moreover, how would a company prove to a jury that it had an effective compliance program? Bring in an expert to say that simply because a rogue employee, group of rogue employees or entire country sales team paid out multi-million dollars in bribes that we did not detect, we still have an effective compliance program. Remember, both GlaxoSmithKline PLC (GSK) and Wal-Mart claimed to have world class, best practices compliance programs.

III. Two Recent Examples – GSK and Wal-Mart

A. GSK

Consider the following about GSK, a little over one year ago, in July of 2012; GSK pled guilty and paid $3 billion to resolve fraud allegations and failure to report safety data in what the DOJ called the “largest health care fraud settlement in U.S. history”. You would think that any company which has paid $3 billion in fines and penalties for fraudulent actions would take all steps possible not to engage in bribery and corruption. Indeed, as part of the settlement GSK agreed to a Corporate Integrity Agreement (CIA). This CIA not only applied to the specific pharmaceutical regulations that GSK violated but all of the GSK compliance obligations, including the FCPA.

In addition to requiring a full and complete compliance program, the CIA specified that the company would have a Compliance Committee, inclusive of the Compliance Officer and other members of senior management necessary to meet the requirements of this CIA, whose job was to oversee full implementation of the CIA and all compliance functions at the company. These additional functions required Deputy Compliance Officers for each commercial business unit, Integrity Champions within each business unit and management accountability and certifications from each business unit. Training of GSK employees was specified. Further, there was detail down to specifically state that all compliance obligations applied to “contractors, subcontractors, agents and other persons (including, but not limited to, third party vendors)”. How would you say all of the above helped GSK make its anti-corruption compliance program effective?

B. Wal-Mart

Wal-Mart prided itself on its world-wide FCPA anti-corruption compliance program. Its ethics policy offered this clear direction, “Never cover up or ignore an ethics problem”. What do you think a compliance defense would do for Wal-Mart about now? Do these facts seem like a rogue employee or even junta of rogue Mexican employees going off on their own? And what if Wal-Mart’s corporate headquarters in Bentonville AR was not involved in any illegal conduct or even kept in the dark by Wal-Mart de Mexico? What does that say about having an effective compliance program?

How do these two investigations portend the end of efforts to add a compliance defense to the FCPA? As stated in its Code of Conduct, “The GSK attitude towards corruption in all its forms is simple: it is one of zero tolerance.” and Wal-Mart stated “Never cover up or ignore an ethics problem.” What do you think a compliance defense would do for these two companies in trial? The claim that companies would act more ethically and in compliance if they could rely on a compliance defense would seem to be negated by facts reported about GSK and Wal-Mart. It certainly appears that having a best practice compliance program did not lead to either company doing business more ethically.

IV. False Sense of Security

I also think that the compliance defense would give companies a false sense of security that, combined with other recent regulations, can seriously degrade internal risk management. In an article in the summer 2013 issue of the MIT Sloan Management Review, entitled “Designing Trustworthy Organizations”, by the quartet of authors: Robert F. Hurley, Nicole Gillespie, Donald L. Ferrin and Graham Dietz; they addressed this issue. Their comments seem directly on point for our debate when they intone that that external government regulation, such as a as compliance program required under the FCPA, could be a helpful starting point; but it is not the complete answer in the construction of an ethical organization and one which does business in compliance with relevant anti-corruption legislation, such as the FCPA. That is because such legal requirements can only set a minimum standard. Further, such a reliance on a paper program of compliance could well give organizations “a false sense of security that can lull them and their stakeholders into complacency.” This is the current position of the DOJ in giving credit to companies which have an effective compliance program, rather than simply a paper compliance program.

I think that the DOJ gives credit when a compliance program is effective. While the best practices have clearly evolved, it is not difficult to fully understand what the DOJ considers best practices. But, at the end of the day, the compliance defense will not help a company because no company will go to trial and face a fraud finding from a jury. It is always better to settle and obtain certainty than to risk everything.

© Thomas R. Fox, 2013

Comments (1)

May 9, 2013

DPAs and NPAs – Useful Tools to Achieve Compliance

Filed under: Deferred Prosecution Agreement,Department of Justice,FCPA,FCPA Professor,Michael Volkov,Non-Prosecution Agreements,SEC,Uncategorized — tfoxlaw @ 1:01 am
Tags: compliance, compliance programs, Department of Justice, DOJ, DPA, FCPA, FCPA Professor, Foreign Corrupt Practices Act, Michael Volkov, NPA, SEC

The debate on whether the use of Deferred Prosecution Agreements (DPAs) and Non-Prosecution Agreements (NPAs) has become lively again over the past couple of weeks. Last week, there was a panel hosted by the Corporate Crime Reporter conference at the National Press Club. The panel was moderated by Steven Fagell, a partner at Covington & Burling LLP, and the panelists included Denis McInerney, the Criminal Division’s Deputy Assistant Attorney General, David Uhlmann, the former chief of the Environmental Crimes Section at the Department of Justice (DOJ), and currently a Professor of Law at the University of Michigan, the FCPA Professor, Michael Koehler, Kathleen Harris, a partner at Arnold & Porter LLP in London, and Anthony Barkow, a partner at Jenner & Block in New York.

The FCPA Professor wrote about the conference in two posts this week. The second post, entitled “Seeing the Light from the ‘Dark Ages’”, reported on the panel discussion. In this post, the Professor flatly says that DPAs and NPAs should be abolished in the context of Foreign Corrupt Practices Act (FCPA) enforcement and that a compliance defense should be added to the FCPA. In the other corner stands Mike Volkov, who said in a recent post, entitled “The Continuing Controversy Over DPAs and NPAs”, that DPAs and NPAs are part of the growing arsenal of prosecutorial tools that can be brought to bear by the DOJ and now the Securities and Exchange Commission (SEC).

The Professor previously articulated his views against DPAs and NPAs last fall in a post entitled “Assistant Attorney General Breuer’s Unconvincing Defense Of DPAs / NPAs”. In that post he said that the “use of NPAs or DPAs allow “under-prosecution” of egregious instance of corporate conduct while at the same time facilitate the “over-prosecution” of business conduct.” The ‘under-prosecution’ comes “because they [DPAs and NPAs] do not result in any actual charges filed against a company, and thus do not require the company to plead to any charges, allow egregious instances of corporate conduct to be resolved too lightly without adequate sanctions and without achieving maximum deterrence.” The ‘over-prosecution’ comes “because of the “carrots” and “sticks’ relevant to resolving a DOJ enforcement action often nudge companies to agree to these vehicles for reasons of risk-aversion and efficiency and not necessarily because the conduct at issue actually violates the law.” Volkov, being a former prosecutor, says that “Prosecutors like to have a variety of tools. An up or down decision system – indict or decline to indict – does not give prosecutors any ability to address the hard cases, where they are more inclined to decline prosecution rather than indict.”

However, I am neither a former prosecutor, like Volkov, nor a former white collar defense lawyer, like the Professor. I am a recovering trial lawyer who then went in-house. From this background I think that there is another line of reasoning as to why DPAs and NPAs are useful FCPA compliance enforcement tools and that line of reasoning is certainty. The primary reason for the prosecution and a company entering into a DPA/NPA is certainty. The one thing I learned in almost 20 years of trying cases is that nothing is certain when you leave the final decision to an ultimate trier of fact who is not yourself, whether that trier of fact be a jury, judge or arbitrator. The most important thing for a company is certainty and that is even more paramount when a potential criminal conviction looms over its corporate head. Certainty is equally critical for the prosecution. No matter how ‘slam dunk’ the facts are, or appear to be, once a prosecutor turns over the final decision in a case to another trier of fact; the prosecution has lost certainty in the final decision. Every corporate defendant who goes to trial can and should raise all procedural and factual defenses available to it. No prosecutor can ever be 100% certain that it will win every court ruling or that a guilty conviction will be upheld on appeal. However, a DPA/NPA can bring certainty. For a company, certainty in its rights and obligations, for the prosecution the same is true.

There was another article which considered the panel discussion held at the Corporate Crime Reporter conference entitled “McInerney Defends Deferred and Non Prosecution Agreements”. This article included quotes from David Uhlmann, who said that he believes, “This is about a profound ambivalence in parts of the Department about the very notion of corporate criminality.” Uhlmann believes that it this ambivalence which has driven the use of DPAs. He believes that the DOJ should make an “up or down” decision on whether a corporation should be prosecuted or not. He was quoted as saying “There is no more important role that the Justice Department plays than its role investigating and prosecuting crime. And if the Justice Department believes that a particular case warrants criminal prosecution, it should bring criminal charges. It should not sacrifice criminal prosecution to a private agreement never entered in court, never overseen by a judge in any meaningful way that doesn’t involve any public hearing, that doesn’t involve any corporate officials coming into the courtroom admitting guilt. On the other hand, if the Justice Department doesn’t believe that a criminal prosecution is necessary or warranted, then they should decline. They should decline prosecution in favor of — in most cases they have the option of civil or administrative enforcement.”

The Professor had a slightly different take on the use of DPAs in the context of criminal prosecutions of corporations. He was quoted as saying, “The Department has become so uncomfortable with the traditional notions of corporate criminal liability that they have constructed and indeed championed this alternative reality that is equally problematic.” Further, “These resolutions have had a troubling, distortive and toxic effect on this one area of law,” Koehler concluded. “There is no judicial scrutiny of most fcpa enforcement theories.” And, lastly, “Of course, the Justice Department is in favor of these because it makes their job easier. Of course, the FCPA bar and FCPA Inc. is in favor of these it expands the market for legal services.”

Criminal Division Deputy Assistant Attorney General McInerney made clear that he is not ambivalent at all about corporate criminal liability and specifically stated this. So let me speak from the perspective of a lawyer from Houston, who has represented companies in the energy space for quite some time. The frustration that boiled over from the lack of prosecutions regarding the financial troubles of the recent years should not obscure the fact that the DOJ has and will continue to pursue criminal cases against corporations.

But to paraphrase Joe Jackson, something else is going on ‘round here with prosecutions of corporate criminal conduct and the use of DPAs/NPAs. While one role of the DOJ is to prosecute law breakers; I believe that another role of the DOJ is to increase and encourage compliance with laws. The DPA/NPA debate does not stand in a vacuum. I believe that by offering incentives for companies to self-disclose and cooperate, the DOJ is increasing compliance with the FCPA. If there is no incentive to cooperate, there will be none. Period. If a company will face a criminal indictment or charge if it investigates a matter and self-discloses to the DOJ, how many companies will do so? McInerney was quoted as saying, “You are disincentivizing companies in terms of doing the right thing. You are not crediting companies for doing the right thing.”

Now let me take the flip side; Arthur Anderson. For all the howls that there is no empirical evidence that indicting and convicting companies puts them out of business; I am certainly not persuaded. I saw it happen, here in Houston. Was it in the interest of the US government to put Arthur Anderson out of business? Did it further the policies of this country to go from the Big Four to the Big Three? What about all the Arthur Anderson employees who did not work on the Enron account, what policy did it further to have them lose everything they invested in their professional life? If DPAs/NPAs are less draconian in their effect than destruction of a corporation’s existence, does that make them somehow less useful? If the DOJ wants to put such a factor into their decision making, I find that to be an appropriate calculus.

As to the charge that the FCPA Bar/FCPA Inc. used DPAs/NPAs to expand their market for work? [Full disclosure – I am a member of the FCPA Bar and ergo, FCPA Inc.] I think that it is the job of a lawyer to advise his or her clients on their legal obligations and to assist in fulfilling those obligations. Is it in my own myopic self-interest to advocate compliance with the FCPA? Or am I a part of the FCPA Bar and Inc. which assists companies to comply with a now 35 year old law? Whichever answer you prefer, I believe that there is more compliance now and that the use of DPAs/NPAs is a contributing factor to this increased compliance.

Another panelist, Anthony Barkow posited yet another angle. He said “one the primary policy justifications — or certainly a significant policy justification — is — getting DPAs and NPAs is easy. “It’s a lot easier than charging a company,”” Barkow said. “And it’s a lot easier than charging it and to try to get a plea.” While I do not pretend to know the intricacies of obtaining an indictment or going before a grand jury, it is always easier to settle something rather than try a case. But that does not mean any less work goes on, either from the corporate side or especially from the government side. FCPA enforcement actions are huge, document intensive cases and from what little I know of the process, the DOJ works quite hard to craft an appropriate resolution for each case. Further, there are multiple levels of review in the DOJ so many sets of eyes look at these matters. So while it may be easier to reach a resolution rather than charging and criminally trying a corporation, that does not mean in any way, shape or form that this work is easy. The work is hard, time intensive and takes literally thousands of man-hours by all parties involved to reach any resolution. Simply because a new enforcement tool is available, which is short of a criminal indictment and trial, does not mean that it is not a useful tool and should not be used.

Mike Volkov ended his post with the following, “The debate will continue – I have no doubt of that.” I would certainly second that notion. But from where I sit the use of DPAs/NPAs has improved compliance with the FCPA because their use has given corporations a real incentive to thoroughly investigate allegations of bribery and corruption and then work with the government to appropriately remediate the situation.

© Thomas R. Fox, 2013

Leave a Comment

December 20, 2012

The CCO: Co-Equal to the General Counsel in the Eyes of the DOJ

Filed under: Best Practices,Chief Compliance Officer,compliance programs,Department of Justice,FCPA,FCPA Guidance,SEC — tfoxlaw @ 1:04 am
Tags: best practices, compliance programs, Department of Justice, DOJ, DPA, ethical leadership, FCPA, NPA, SEC

One of the items that the Department of Justice (DOJ) has increasingly focused on in its enforcement actions is the role of the Chief Compliance Officer (CCO) and whether this position has adequate staffing and resources to accomplish its mandated tasks in a minimum best practices compliance program under the Foreign Corrupt Practices Act (FCPA). In the recent Pfizer Deferred Prosecution Agreement (DPA), it stated regarding the CCO position (called Chief Compliance and Risk Officer) that:

Pfizer will:

a. Maintain the appointment of a senior corporate executive with significant experience with compliance with the FCPA, including its anti-bribery, books and records, and internal controls provisions, as well as other applicable anticorruption laws and regulations (hereinafter “anti-corruption laws and regulations”) to serve as Chief Compliance and Risk Officer. The Chief Compliance and Risk Officer will have reporting obligations directly to the Chief Executive Officer and periodic reporting obligations to the Audit Committee of the Board of Directors.

Regarding the resources which should be dedicated to the compliance function, the Pfizer DPA stated:

Pfizer has committed and will continue the commitment of significantly enhanced resources for the international functions of the Compliance Division that have reporting obligations through the Chief Compliance…

The Pfizer DPA is one in a line of DPAs and Non-Prosecution Agreements (NPAs) where the DOJ and the Securities and Exchange Commission (SEC) have made clear that the CCO must be a senior level employee within the company. I think that this requirement is absolutely mandatory to not only set the proper tone within a company but also to give the CCO and the compliance function the clout needed to implement, enhance and run a minimum best practices FCPA compliance program.

Indeed, in the recently released FCPA Guidance, the DOJ and SEC made clear that in appraising a compliance program; [we] “consider whether a company has assigned responsibility for the oversight and implementation of a company’s compliance program to one or more specific senior executives within an organization. Those individuals must have appropriate authority within the organization, adequate autonomy from management, and sufficient resources to ensure that the company’s compliance program is implemented effectively. Adequate autonomy generally includes direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors (e.g., the audit committee). Depending on the size and structure of an organization, it may be appropriate for day-to-day operational responsibility to be delegated to other specific individuals within a company. The DOJ and SEC recognize that the reporting structure will depend on the size and complexity of an organization. Moreover, the amount of resources devoted to compliance will depend on the company’s size, complexity, industry, geographical reach, and risks associated with the business. In assessing whether a company has reasonable internal controls, the DOJ and SEC typically consider whether the company devoted adequate staffing and resources to the compliance program given the size, structure, and risk profile of the business.” [Emphasis supplied]

I think that the DOJ and SEC are moving companies to not only have more robust compliance programs but the CCOs and their programs must be adequately situated within the organization and adequately funded. For CCOs I think that this means they should be at a level in the organization equal to the General Counsel (GC) and compensated at an amount equal to the GC. The reason is clear, the DOJ and SEC expect the compliance function to be a leadership function within the company’s structure and given all the respect due such a position. The days where the compliance function is viewed as something other than legal work are long gone and companies need to have their CCOs at least equivalent to their GCs. I also think that this always means the CCO must sit on a company’s Executive Leadership Team (ELT). Once again the reason is clear, Compliance must not only be shown to be Mission 1A (Safety being Mission 1) but the CCO can only manage the compliance risk if it has a seat at the executive leadership table.

These comments are consistent with the US Sentencing Guidelines which were revised in November 2010. In these revisions, there was a change in the reporting structure in corporations where the CCO reported to the GC rather than a committee on the Board of Directors. The change read “the individual…with operational responsibility for the compliance and ethics program…have direct reporting obligations to the governing authority or any appropriate subgroup… (e.g. an audit committee or the board of directors)”. If a company has the CCO reporting to the GC, who then reports to the Board, such structure most probably no longer qualifies as an effective compliance and ethics program under the amended Sentencing Guidelines. The better practice would now appear to be that the CCO should be a direct report to the Board or appropriate subcommittee of the Board such as compliance or audit.

Equally important are the resources dedicated to the compliance function. My colleague Stephen Martin, a former state and US prosecutor, gives this rather straight-forward example of a question that a prosecutor would ask when confronted by a company that provides limited internal funding to the compliance function. He would ask how much does your company spend on yellow post-it notes (or paper clips or pens)? If the answer is significantly more funding than is afforded to the compliance function, his response would be “Which area is more mission-critical to complying with the FCPA; your compliance function or yellow post-it notes?”

The DOJ is clearly signally the increased importance of the CCO. The position should be viewed as co-equal to the GC. Just as clearly, the DOJ has signaled that an appropriate level of resources should be devoted to the compliance function. By following these evolving best practices you can add to the credibility of your defenses if your company becomes involved in a FCPA investigation or enforcement action.

© Thomas R. Fox, 2012

Leave a Comment

October 2, 2012

Tyco NPA and Chris Economaki – Details from the Pits

“This is Chris Economaki in the pits.”

That was the signature line of race car announcer Chris Economaki, who died last week at the age of 91. For a generation of us who grew up watching ABC’s Wide World of Sports, Chris Economaki was the voice of the Indy 500, the Dayton 500, the Summer and Winter Nationals of the National Hot Rod Association (NHRA) and a host of other auto races. In addition to having one of the most unique names this Southerner had ever heard of, Economaki had a staccato vocal delivery that, as noted in his obituary in the New York Times (NYT) by writer Douglas Martin, “reminded some of a rumbling racing engine.”

The Bribery Schemes

I thought about Chris Economaki and the detail he brought as a track-side commentator to a generation of Wide World of Sports’ aficionados when considering the various documents released last week in connection with the Tyco International Ltd (Tyco) Foreign Corrupt Practices Act (FCPA) enforcement action. For the most comprehensive summary of the Department of Justice’s (DOJ) criminal enforcement action and the Securities and Exchange Commission’s (SEC) civil action, I recommend either of the FCPA Professor’s excellent posts on Tyco. In addition to the points raised by the Professor I believe that there are significant lessons learned for the FCPA compliance practitioner. With a tip of our collective caps to the baseball pennant races which are down to the final few days, I present the Tyco Bribery Box Score.

Tyco Subsidiary	Bribe Amount Paid	Profits Earned by Conduct
M/A Com	Not reported	$71,770
TTC Huzhou and TTC Shanghai	$196,267	$3,470,180
TWW Germany and Erhard	$2,371,094	$4,684,966
TFC HK and Keystone	$137,000	$378,088
TFCT Shanghai	$24,000	$59,412
ET Thailand	$292,268	$879,258
TFIS France	$363,839	$1,256,389
THC China	$250,000	$353,800
TVC ME	$488,479	$1,153,500
ADT Thailand	$78,000	$473,262
Tatra	$96,000	$226,863
Eurapipe	$358,000	$1,298,453
THC Saudi Arabia	Not reported	$1,900,600
Dulmison	$68,426	$109,249

I set out the full Box Score of bribes paid by Tyco in this detail to emphasize how bad the conduct of the company is and this is in the VERY BAD CONDUCT realm, coupled with the facts that (a) Tyco is now a two-time loser under the FCPA and (b) most of the illegal conduct occurred after Tyco agreed to an initial FCPA based Deferred Prosecution Agreement (DPA) in 2006 for prior FCPA sins. Yet even with all of this Tyco was able to obtain a Non Prosecution Agreement (NPA). Such a result is fairly stunning if you think about it in a superficial basis. However, if you consider what Paul McNulty continually says, and which I continually write about, the most important question will be What did you do when you found out about it?

As noted in the letter from the DOJ to counsel for Tyco, the DOJ entered into the NPA with Tyco based upon the following factors: (1) timely and voluntary self-disclosure; (2) a full and complete global investigation by Tyco; (3) extensive remediation including implementation of an enhanced compliance program, termination of employees responsible for the conduct at issue, severing contracts with third party agents who were parties to the frauds, closing subsidiaries involved in the illegal conduct; and (4) provide annual written reports to the DOJ on progress of the company’s enhanced compliance program.

Corporate Compliance Program

Tyco agreed to a robust corporate compliance program that either currently exists or will be implemented in the future. This Corporate Compliance Program is somewhat different than most of the 13 minimum best practices compliance regimes reported in DPAs and NPAs since the Panalpina DPA of November, 2010. Tyco agreed to a point compliance regime, which consists of the following.

1. High level commitment. The Company will ensure that its senior management provides strong, explicit, and visible support and commitment to its corporate policy against violations of the anti-corruption laws and its compliance code.

2. Policies and Procedures. Tyco will promulgate compliance standards and procedures designed to reduce the prospect of violations of the anti-corruption laws and the Company’s compliance code, and the Company should take appropriate measures to encourage and support the observance of ethics and compliance standards and procedures against foreign bribery by personnel at all levels of the company. These anti-corruption standards and procedures shall apply to all directors, officers, and employees and, where necessary and appropriate, outside parties acting on behalf of the Company in a foreign jurisdiction, including but not limited to, agents and intermediaries, consultants, representatives, distributors, teaming partners, contractors and suppliers, consortia, and joint venture partners (collectively, “agents and business partners”), to the extent that agents and business partners may be employed under the Company’s corporate policy. The Company shall notify all employees that compliance with the standards and procedures is the duty of individuals at all levels of the company. Such standards and procedures shall include policies governing:

gifts;
hospitality, entertainment, and expenses;
customer travel;
political contributions;
charitable donations and sponsorships;
facilitation payments; and
solicitation and extortion.

3. Internal Controls. Tyco will ensure that it has a system of financial and accounting procedures, including a system of internal controls, reasonably designed to ensure the maintenance of fair and accurate books, records, and accounts to ensure that they cannot be used for the purpose of foreign bribery or concealing such bribery. This system should be designed to provide reasonable assurance that:

Transactions are executed in accordance with management’s general or specific authorization;
Transactions are recorded to permit preparation of financial statements in accordance with GAAP;
Access to assets is permitted only in accordance with management’s general or specific authorization; and
Recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken if discrepancies are found.

4. Periodic Risk-Based Reviews. Tyco agreed to develop these compliance standards and procedures, on the basis of a risk assessment addressing the individual circumstances of Tyco, in particular the foreign bribery risks it faces including, its geographical organization, interactions with various types and levels of government officials, industrial sectors of operation, involvement in joint venture arrangements, importance of licenses and permits in the company’s operations, degree of governmental oversight and inspection, and volume and importance of goods and personnel clearing through customs and immigration.

5. Proper Oversight and Independence. Tyco will (or once again has) assign responsibility to one or more senior corporate executives of the Company for the implementation and oversight of the Company’s anti-corruption policies, standards, and procedures. Such corporate official(s) shall have direct reporting obligations to the Tyco’s independent monitoring bodies, including internal audit, the Board of Directors, or any appropriate committee of the Board of Directors, and shall have an adequate level of autonomy from management as well as sufficient resources and authority to maintain such autonomy.

6. Training and Guidance.

Training. Tyco will implement mechanisms designed to ensure that its anti-corruption policies, standards, and procedures are communicated effectively to all directors, officers, employees, and where appropriate, agents and business partners. These mechanisms shall include periodic training for all directors and officers, and, all employees in positions of leadership or trust or positions which might otherwise pose a risk of corruption to the company. The training shall also be provided to agents and business partners. Lastly there shall be biannual certifications by all such directors and officers, and, where necessary and appropriate, employees, agents, and business partners, certifying compliance with the training requirements.
Guidance. Tyco is required to maintain an effective system for providing guidance and advice to directors, officers, employees, and, where necessary and appropriate, agents and business partners, on complying with Tyco’s anti-corruption compliance policies, standards, and procedures, including when they need advice on an urgent basis or in any foreign jurisdiction in which Tyco operates.

7. Internal Reporting and Investigation. Tyco will provide an effective system for internal and where possible, confidential reporting by, and protection of, directors, officers, employees, and, where necessary and appropriate, agents and business partners, concerning violations of the Company’s compliance program. Tyco also agreed to dedicate sufficient resources to respond to such requests and undertaking necessary and appropriate action in response to such reports.

8. Enforcement and Discipline. Tyco will institute appropriate disciplinary procedures to address, violations of the anti-corruption laws and the Company’s anti-corruption compliance code, policies, and procedures by the Company’s directors, officers, and employees. This shall include disciplining of those within the company no matter how the position of the person or their perceived authority. In addition to discipline, Tyco agrees to add appropriate mechanisms to incentivize compliant behavior.

9. Third Party Relationships. Tyco agreed to institute appropriate due diligence and compliance requirements pertaining to the retention and oversight of all agents and business partners, including: (a) properly documented risk-based due diligence pertaining to the hiring and appropriate and regular oversight of agents and business partners; (b) informing agents and business partners of the Company’s commitment to abiding by laws on the prohibitions against foreign bribery, and of the Company’s ethics and compliance standards and procedures and other measures for preventing and detecting such bribery; (c) seeking a reciprocal commitment from agents and business partners and (d) including appropriate compliance terms and conditions in the contract.

10. Mergers and Acquisitions. Tyco agreed to develop and implement appropriate compliance policies and procedures for any acquisition based upon an appropriate risk-analysis which would be completed as soon as practicable. Further such changes would be implemented as soon as practicable. Directors, officers and employees of newly acquired entities would be trained as soon as practicable.

11. Monitoring and Testing. Tyco agreed to conduct periodic review and testing of its anti-corruption compliance code, standards, and procedures designed to evaluate and improve their effectiveness in preventing and detecting violations of anti-corruption laws and the Company’s anti-corruption code, standards and procedures, taking into account relevant developments in the field and evolving international and industry standards.

So the prior 13 point best practices program is now folded down to 11 for Tyco. Nevertheless, the general concepts are still the same for a company seeking to implement or enhance its compliance solution. Much like Chris Economaki reporting from the Pits at the Indy 500, the level of detail provided in the Tyco NPA should allow the compliance practitioner to evaluate their company’s compliance program.

============================================================================================

The Wall Street Journal has a series of articles today on the FCPA. In conjunction with these articles I will join Joe Palazzolo, Law Blog lead writer, for a conversation on the FCPA at 2:30 PM EDT. We will take your questions. To join us, click here.

===========================================================================================

© Thomas R. Fox, 2012

Leave a Comment

September 26, 2012

Tyco International – The Importance of the Books and Records under the FCPA

Filed under: Books and Records,compliance programs,Deferred Prosecution Agreement,Department of Justice,FCPA,SEC — tfoxlaw @ 1:48 am
Tags: Department of Justice, DOJ, DPA, FCPA, NPA, SEC, Tyco

On Monday, the Securities and Exchange Commission (SEC) and Department of Justice (DOJ) announced settlement with Tyco International (Tyco) for books and records violation of the Foreign Corrupt Practices Act (FCPA). Tyco agreed to a fine of $26MM for “at least twelve different, post-injunction illicit payment schemes occurring at Tyco subsidiaries across the globe. The schemes frequently entailed illicit payments to foreign officials that were inaccurately recorded so as to conceal the nature of the payments” and failure “to devise and maintain internal controls sufficient to provide reasonable assurances that all transactions were properly recorded in the company’s books, records, and accounts”. $10,564,992 of the fine was paid in disgorgement and an additional $2,566,517 in prejudgment interest was paid to the SEC and the remainder of $13.68MM was paid as fine to the DOJ. All of this was discovered because Tyco was already a FCPA violator, having admitted to violations back in 2006 and these additional violations were discovered as a part of a companywide review required under its 2006 Deferred Prosecution Agreement (DPA). Tyco received a Non-Prosecution Agreement (NPA) from the DOJ for this post-DPA conduct and I will discuss the NPA in a subsequent post.

While a large portion of the FCPA commentaratti focused on the damning email which read “”Hell, everyone knows you have to bribe somebody to do business in Turkey. Nevertheless, I’ll play it dumb”; another portion of the commentaratti seemed somewhat amazed that hiding bribery and corruption in a company’s books and records is a stand-alone violation of the FCPA. As part of the 2006 settlement Tyco agreed to engage in a companywide review of its operations to determine if there was “anything else”. Not only did it turn out there was something else “rotten in Denmark” but this bribery and corruption continued after the first enforcement action. This companywide review determined that Tyco had engaged in “illicit payment schemes”; that these bribery schemes “were inaccurately recorded so as to conceal the nature of the payments” and Tyco “failed to devise and maintain internal controls sufficient to provide reasonable assurances that all transactions were properly recorded in the company’s books, records, and accounts.”

So with a nod to the final week of the baseball season we present the Tyco Bribery Box Score

Subsidiary Location	Bribe Amount Paid	Inaccurate Books and Records Description
Turkey	Not reported	Equipment sold at a mark-up over invoice price
China	$3700	Commission to sales team
Germany	Not reported	Commission to sales team
France	Not reported	Commissions to agents for ‘business introductions’
China-different sub	$483K	Commissions to agent
Thailand	$50K	Renovation work
Malaysia	Not reported	Commissions to agents
Egypt	$282K	Disguised as inflated invoices from agent
Saudi Arabia	Not reported	Promotional expenses and sales development
Poland	Not reported	Bogus service contracts

What I find so interesting about all of this is that it occurred, in large part, after the 2006 DPA. As Bill Clinton might say, “It takes some brass” to initiate or continue a bribery scheme while you are under a DPA for FCPA violations. With the above in mind I was intrigued by an article in the Navigant Quarterly, 2012 Volume 1, Issue 13, entitled “If You Think You Are Done Looking…Keep Looking”, by Eileen Felson and Nicole Wrigley. In their article, the authors note that “every fraud has to be hidden somewhere on a company’s books. Most financial statement frauds grow in size, scope and duration.” The authors also talk about “collusive fraud” which is the situation where “fraudsters work together to manipulate the balance sheet and actually launder the fraud through various accounts.” It sounds like a description of the machinations folks must go through to hide corrupt payments while under a FCPA DPA. Although the authors specifically address frauds, their concepts are certainly broad enough to include bribery and corruption.

The authors detail several types of corrupt practices and end their article with some tips on investigation. They note that the “logical start-off point in conducting a forensic investigation of how a fraud was committed includes a detailed review of revenue and expense account activity.” But more importantly, a forensic examiner must keep looking. The reason for this is simply because if evidence of bribery or corruption is found in one area the entire scheme is revealed. Therefore a forensic examiner needs to review unrelated accounts to see if there are other indicia of corruption.

What does all of this mean for a compliance program? There is some very clear guidance for the role of Internal Audit in detecting bribery and corruption in a best practices FCPA compliance program. First and foremost, if there are any types of commission payments being made, Internal Audit needs to review the documentation supporting why such payments are being made. A review of contracts or other legal requirements which may obligate a company to make such payments should be a basic undertaking in any internal audit. After an internal auditor has determined if commission payments are legally authorized, the internal auditor should review evidence that such commission payments have been earned. In other words, is there any evidence in the company’s books and records that the person or entity performed the services which might have entitled them to such commission payments? And do not forget that another role for Internal Audit is to correctly classify payments so that the books and records of the company accurately reflect them as expenses.

The Tyco SEC Compliant is chocked full of information regarding what an internal auditor needs to look for in reviewing expenses charged by employees; commissions paid to employees; invoices by agents and other third party representatives and over-inflated sales contracts; all used to disguise corrupt payments. The sad fact, as noted by authors Felson and Wrigley, is that many corruption schemes are not “committed for personal gain (such as stealing cash) but for other incentives, such as continued employment/advancement, fear of delivering bad news to investors or an intimidating supervisor, or a desire to increase the value of performance-based bonuses.” While it is not clear why it took Tyco so long to uncover these ongoing acts of bribery and corruption or why Tyco employees continued to engage in conduct violative of the FCPA while under a DPA; I think that the Tyco example speaks to the need for an overall, comprehensive robust compliance program that focuses on all factors which led to the continued bribery and corruption in the company which was reported in the SEC Complaint.

Leave a Comment

June 13, 2012

Factors for a NPA for an Individual in a SEC Enforcement Action

Filed under: Department of Justice,FCPA,Non-Prosecution Agreement,SEC — tfoxlaw @ 1:01 am
Tags: Compliance Week, extraordinary cooperation, Jaclyn Jaeger, NPA, SEC

I have previously written about what conduct can help your company if it is under an investigation by the Department of Justice (DOJ) for Foreign Corrupt Practices Act (FCPA) violations. The key seems to be “extra-ordinary cooperation.” Today we will take a look at a recent Securities and Exchange Commission (SEC) matter where an individual received a Non-Prosecution Agreement (NPA). In an article in the June issue of the Compliance Week Magazine, entitled “How Individuals Win Non-Prosecution Agreements”, author Jaclyn Jaeger wrote about the recent NPA reached with an individual, as opposed to a corporate defendant. Jaeger called this a “first-of-a-kind case” due to the fact that it is the first time an individual has been given a NPA by the SEC. The case referenced by Jaeger involved an “un-named former senior executive of the institutional money management firm AXA Rosenberg.” Although the matter did not involve any alleged violations of the FCPA, the NPA is certainly instructive for considering how to resolve a SEC action under the FCPA if you are caught up in an individual enforcement action.

In January 2010, the SEC released its Enforcement Cooperation Initiative. Under this Initiative, the SEC established a series of incentives for individuals and companies to assist the SEC in ongoing investigations and during the pendency of enforcement actions. As a part of this Initiative, the SEC released a Cooperation Policy Statement which described four factors that the SEC would consider to “determine whether, how much, and in what manner to credit cooperation.” The four factors were: (1) how much assistance the individual provides; (2) the importance of the underlying matter; (3) the SEC’s interest in holding the individual accountable; and (4) the prior background of the cooperating individual.” The SEC provided the following commentary on each of the four factors.

Assistance provided. Under this factor, Jaeger noted that the individual in question had offered his voluntary cooperation to the SEC at the outset of the investigation. She noted that his “intimate knowledge” of certain quantitative measures the firm used was important to the SEC’s investigation. This voluntary cooperation was provided by the individual to the SEC “without conditions” which the SEC believed enhanced his credibility.

Importance of the underlying matter. The SEC viewed the investigation and enforcement matter as significant because “it was the first ever arising from errors in a computer-based, quantitative investment model”. His cooperation led to the recovery of “big dollars for victims” due to two separate enforcement actions the SEC brought.

Interest in holding the individual accountable. The SEC believed that the individual played a limited role in the events surrounding the violation but also noted that while still an employee, he had advocated that the error which led to the enforcement action be disclosed to the company President. The SEC noted that the individual’s cooperation “maximized the SEC’s law enforcement interests by facilitating the quick and successful resolution of its enforcement action”.

The Executive’s profile. The individual was not “an associated person of a regulated entity, a fiduciary for other individuals or entities regarding financial matters, or an officer or director of any company.” Further, he did not have any black marks in the way of prior disciplinary actions on his record. Lastly, after the investigation was concluded, he resigned from AXA Rosenberg.

In her article, Jaeger spoke to some industry experts regarding the effect of this NPA. All people interviewed emphasized the fact specific nature of the resolution. The two key factors which may differentiate this resolution from others, the first being the role this person had in the violation. Jaeger quoted Tom Gorman who said that “Whether you get no prosecution or just diminished sanctions will really be a function of the individual’s role in the underlying conduct”. The second factor, I believe, is that the individual in question is no longer working in the industry and therefore he is no longer in a position to commit future violations of federal securities laws.

Jaeger contracted the AXA Rosenberg matter with another case involving John Cinderey, which showed “a good look at each end of the spectrum” of enforcement. In the Cinderery matter, he received credit for his “substantial assistance” in a SEC investigation but, at the end of the day, Cinderery was named as a defendant in the SEC’s enforcement action against United Commercial Bank. Although the SEC extracted no fine against Cinderey for his role in misleading the bank’s auditors regarding the risks the bank faced in certain outstanding loans, it was noted that he did pay a fine related to action brought by the Federal Deposit Insurance Corporation (FDIC). Cinderery did agree to a permanent injunction proffered by the SEC.

Jaeger quoted Keith Miller for the proposition that the key takeaway for companies and individuals in SEC enforcement actions should be “setting the tone with the staff at the onset of any investigation is very important, because the foundation for how the SEC is going to view and treat you later. However, Tom Gorman emphasized that it is the individual’s involvement in the underlying wrongful conduct which will be very important. While credit and a diminished penalty are possible, he does not believe that the SEC will “give them a pass if they’re one of the major players” in the fraud or violation.

Leave a Comment

April 3, 2012

FCPA Enforcement: Why Corporations Support DPAs and NPAs

Filed under: Best Practices,compliance programs,Deferred Prosecution Agreement,Department of Justice,FCPA — tfoxlaw @ 1:26 am
Tags: compliance programs, Department of Justice, DOJ, DPA, FCPA, NPA

At the recent Dow Jones Global Compliance Symposium, there was a debate royal between Mark Mendelsohn and the FCPA Professor, Mike Koehler, regarding enforcement of the Foreign Corrupt Practices Act (FCPA). One of the points the Professor raised was regarding the proliferation of Deferred Prosecution Agreements (DPAs) and Non-Prosecution Agreements (NPAs) during the tenure of Mendelsohn at the Department of Justice (DOJ). The Professor argued that DPAs and NPAs, which did not come into wide spread use until the last decade, were tools which should not be employed for FCPA enforcement. One of the reasons he articulated this was that by use of these agreements the DOJ is not required to put proof in front of a judge or jury, hence the DOJ can expand its interpretation of the FCPA without appropriate judicial oversight. Mendelsohn countered that such agreements are within prosecutorial discretion and given a finite amount of personnel and monetary resources within the DOJ, an appropriate mechanism to assist the overall goal of compliance with the FCPA.

However, I would like to review the use of DPAs and NPAs from another angle and the perspective from another player in FCPA enforcement. That is the perspective of the corporation ensnared in an enforcement action. I will leave aside a discussion of the alleged expansive DOJ interpretation of the FCPA for another day and simply focus on why it is in the interest of a corporate defendant to enter into a DPA or NPA as opposed to being indicted and defending itself at trial.

Arthur Andersen

For those of you who do not recall, Arthur Andersen was the auditor for Enron and was caught up in the Enron scandal. In 2002, the firm voluntarily surrendered its licenses to practice as Certified Public Accountants (CPAs) in the United States after being found guilty of criminal charges relating to the firm’s handling of the auditing of Enron. The other national accounting and consulting firms bought most of the practices of Arthur Andersen. The verdict was subsequently overturned by the US Supreme Court. However, the damage to its reputation has prevented it from returning as a viable business. In other words, after fighting the criminal charges brought against it and losing at trial, Arthur Andersen imploded.

No US Company wants to face this prospect. By being indicted they will probably find their access to credit greatly reduced and their ability to move forward as an ongoing concern compromised. Juries still do not have a high opinion of corporations and what may appear to be ‘sharp but legal’ business practices may look like bribery and corruption to a jury. The DOJ’s recent set-backs on the individuals it has indicted and/or taken to trial should not affect a jury’s perception of corporate corruption. No publicly traded company can take the risk. For private companies, the resulting violations of loan covenants and other denials to capital would probably have the same effect.

Certainty

In my legal career if I have learned one thing about representing corporations it is that they do not like surprises and one of the things they most desire is certainty. The one thing I learned in almost 20 years of trying cases (civil side only) is that nothing is certain when you leave the final decision to an ultimate trier of fact who is not yourself, whether that trier of fact be a jury, judge or arbitrator. The most important thing for a company is certainty and that is even more paramount when a potential criminal conviction looms over its corporate head. A DPA or NPA provides this certainty. Corporations not only know what their financial penalty is but they also know their ongoing obligations, in the form of the compliance program they should implement or enhance and ongoing reporting requirements.

Expansive Effect

Just as it benefits the DOJ to drive corporate behavior to comply with the FCPA, through its enforcement of the FCPA; it benefits corporations to understand what is expected from them. Both goals are achieved by the use of DPAs and NPAs. This is because one of the other benefits to DPAs and NPAs is that it provides information and guidance to other companies and compliance practitioners as to the DOJ’s thinking regarding a best practices compliance program. Any improvements or new aspects to a minimum best practices compliance program, which are announced in a DPA or NPA, will inform other companies and will expansively compound the effect from a DPA or NPA. The size of the company involved in the enforcement action does not matter as all DPAs and NPAs are publicly announced.

So as the “Enhanced Compliance Obligations” in the Johnson & Johnson (J&J) DPA gave companies additional guidance on how to deal with acquisitions; the recent Biomet DPA provided specific information to Internal Audit on its role in a minimum best practices compliance program. A review of any recent DPA or NPA also shows the clear benefits of self-disclosure and cooperation, which can lead to a significant reduction in the overall monetary penalty.

From my perspective, as someone who has represented corporations, as both an outside counsel in private practice and in-house counsel, I believe that DPAs and NPAs not only further the goals of the FCPA but bring tangible benefits to corporations. I do not believe that they should be removed from the DOJ’s arsenal for enforcement.

Comments (1)

December 12, 2010

RAE and Settlement of FCPA Violations in China

Filed under: compliance programs,Due Diligence,FCPA,RAE Sysytems — tfoxlaw @ 7:08 pm
Tags: compliance programs, DOJ, FCPA, Inc., NPA, RAE Systems, SEC

As reported on Friday, December 10, 2010 in the FCPA Blog and by others, RAE Systems, Inc., (RAE) a California-based gas detection company settled Foreign Corrupt Practices Act (FCPA) charges on this date with the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) for $2.9 million. The DOJ’s letter to the RAE CEO and its legal counsel, dated December 10, 2010, declined to prosecute the company and its subsidiaries for its admitted “knowing” of violations of the internal controls and books and records provisions of the FCPA. The DOJ entered into this Non-Prosecution Agreement (NPA) based upon four listed factors, which were detailed as follows: (1) timely and voluntary disclosure; (2) the company’s thorough and “real-time” cooperation with the DOJ and SEC; (3) extensive remedial efforts undertaken by the company; and (4) RAE’s commitment to periodic monitoring and submission of these monitoring reports to the DOJ. We will review this enforcement action and NPA over several blog postings. Today we will discuss the facts underlying the allegations and findings of bribery and corruption.

I. The Joint Ventures and Due Diligence

a. KLH

The DOJ Statement of Facts, attached to the NPA as Appendix A, reports that RAE sold its products into China primarily through “two second tier subsidiaries” which were organized as joint ventures with local Chinese entities. One of these joint ventures, RAE-KLH, Limited (KLH) was originally owned 64% by RAE. This interest in KLH was initially purchased by RAE in 2004. Later, in 2006, RAE increased its ownership interest to 96%. Prior to its initial purchase of a stake in KLH, RAE conducted due diligence on the Chinese entity. This report made what the DOJ called “troubling findings” by noting:

As the important clients are those related to the government, it is very important for the company to keep very good relationship [sic] with those government people. In normal practice, KLH will determine its internal product price, the salesmen can negotiate the price with the client based on that and can take away the difference between the internal product price and the final sales price as commission. It is the salesmen, not the company, who will decide the [sic] whether and how much amount of the commission they should give to the clients. The salesmen didn’t get the commission in cash directly, but instead they get the cash by provide [sic] different acceptable invoices. These invoices will then be used as original supporting documents for accounting records. They are recorded as different expenses in the financial statements. To some extent, the financial statements have been distorted by these commissions [sic].

With the change of market regulations in China, the government influence will be less important, there is a challenge as to whether KLH could still keep these clients. Although KLH let the salesmen to deal with the kickback, still they are the employees of the company and they represent the company in the transaction.

Nevertheless, internal RAE documents simply noted that RAE knew “how much [FCPA] risk we are taking.”

All of these practices were continued after RAE obtained its ownership interest in KLH. Indeed a RAE employee who reviewed KLH after the joint venture became effective noted “If you want them to be aggressive and grow business per set goals, they will do”. This same RAE employee, commenting on the institution of a FCPA compliance program for the joint venture, stated:

It will be a challenge to restructure because it changes the way they have been “successful” and rewarded in the past. As you know, KLH sales guy [sic] behave/get compensated as distributors and get “discretionary discount structure” (any residual = compensation to keep or to dispense as they see fit to close deal. To kill the sales model that has worked for them all these years is to kill the JV deal value or hurt sales momentum.

So we need to tread carefully in designing something halfway that won’t choke the sales engine and cause a distraction for the sales guys. We knew this risk all along and have accepted it upon entering the JV deal.

After these reports, RAE did provide FCPA training and did inform KLH employees not to pay bribes. However, RAE seemed to believe that “we told them about [about the FCPA]…and that’s all we can do.” As you might guess, based upon this non-action, these bribery practices continued unabated even after such conduct was reported again to RAE management. The DOJ noted that while RAE senior management did indicate such bribery payment should cease, the company made “no effective effort to actually stop the practice.” Most interestingly, the RAE Financial Controller in China was directed to perform an internal audit on these issues but “he never provided any findings.”

So just what is “troubling” about this sales method? Initially, it appears that the sales person involved in each transaction sets the price, without corporate oversight. But for FCPA purposes the most troubling aspect is that the sales person involved would receive the difference in the internal product price and final sales price as a commission. To compound the problem there was apparently a double accounting of these amounts in the books and records which distorted the company’s financial statements. This structure allowed KLH employees to use this money “under table greasing to get deals regardless if profitable/collectible or not, kosher or not, etc.”

The DOJ reported that as late as 2008, sales representatives of KLH used monies from this commission scheme for improper purposes. These purposes included the “corrupt giving of gifts and paying for entertainment, as well as direct and indirect payment, to customers”.

b. Fushun

In December, 2006 RAE purchased a 70% interest in another Chinese company named Fushun. RAE also operated Fushun as a joint venture but included Fushun’s financial results in the consolidated financial statements that RAE filed with the SEC. For reasons not stated in theNPA, RAE did not conduct pre-acquisition due diligence on Fushun. However, sometime later, RAE obtained information that Fushun did engage in business practices improper under the FCPA and thereafter, failed to implement an effective system of internal controls at the joint venture.

II. The Payment Scheme(s)

As noted above, the KLH sales force set pricing and was able to obtain the difference between the price book pricing and the as-purchased pricing. In addition to this source of cash, which could be used for bribery and corruption, both joint ventures had reimbursement schemes through which joint venture employees would submit alleged Chinese governmental tax documents which did not support the claimed reimbursement, yet RAE would pay out cash for reimbursement purposes. From such reimbursements, gifts were made to family members of Chinese governmental officials and two contracts for “consulting services” valued over $300,000 were used to funnel monies to Chinese governmental officials. The Fushun joint venture used this reimbursement scheme to provide gifts to officials of state owned enterprises which included “jade, fur coats, kitchen appliances, business suits and high-priced liquor.”

From all of the above information, the DOJ was able to conclude that RAE knowingly failed to implement a system of effective internal accounting controls at both joint ventures which was sufficient to provide reasonable assurances that: (i) transactions were executed in accordance with management’s general or specific authorization; (ii) transactions were recorded as necessary to (a) permit preparation of financial statements in conformity with generally accepted accounting principles or any other criteria applicable to such statements, and (b) maintain accountability for assets; (iii) access to assets were permitted only in accordance with management’s general or specific authorization; and (iv) the recorded accountability for assets was compared with the existing assets at reasonable intervals, and appropriate action taken with respect to any differences.

Download the DOJ’sNon-Prosecution Agreement with RAE Systems Inc. here.

Download the SEC’s civil complaint against RAE Systems Inc. here.

Leave a Comment

FCPA Compliance and Ethics Blog

December 8, 2014

DPAs and NPAs – Powerful Tools in the Fight Against Corruption

September 18, 2013

Why a Compliance Defense Will Not Make a Compliance Program Effective

May 9, 2013

DPAs and NPAs – Useful Tools to Achieve Compliance

December 20, 2012

The CCO: Co-Equal to the General Counsel in the Eyes of the DOJ

October 2, 2012

Tyco NPA and Chris Economaki – Details from the Pits

September 26, 2012

Tyco International – The Importance of the Books and Records under the FCPA

June 13, 2012

Factors for a NPA for an Individual in a SEC Enforcement Action

April 3, 2012

FCPA Enforcement: Why Corporations Support DPAs and NPAs

December 12, 2010

RAE and Settlement of FCPA Violations in China

January

Blogroll

Pages

Admin

Read by Email

Recent Posts from FCPA Compliance and Ethics Report: FCPA Compliance and Ethics Report

Episode 240-Bill Coffin on Compliance Week 2016

Episode 239-Jonathan Armstong On EU Privacy Shield

Episode 238-John Allen on HR Touch Points in Compliance

Episode 237-Steve McCalmont on the Avior Risk Management Platform

Episode 236-Adam Turteltaub and SCCE CCO Survey