FCPA Compliance and Ethics Blog

February 20, 2013

Interview with Scott Moritz

Ed. Note-today we continue with our series on thought leaders and practitioners in the compliance arena. Today, we have an interview with Scott Moritz, who is a Managing Director, Protiviti (www.protiviti.com)


1. Where did you grow up and what were your interests as a youngster? 

I grew up on the North Shore of Long Island, the youngest of six kids. Our father owned a swimming pool construction company whose workforce at various times consisted of my legendary grandfather, brothers, many cousins, a wide variety of parolees and, for a few summers during high school, me. Since I can remember, I was always fascinated with police work and detective stories and grew up watching TV shows like Baretta, The Rockford Files and Police Story. From an early age, people thought I looked like a cop. When I was 16, some of my knuckleheaded friends brought me along to New York City as “security,” because they wanted to buy fireworks, which were illegal at the time. In fact, I played the security role a lot with my friends, because they always seemed to attract the kind of attention that necessitated someone securing their safety. Our misadventure in the city was my first exposure to a recurring theme in my law enforcement experience: even if something is illegal to make, sell or possess, it is still readily available. In no time, one of my friends was in negotiation with a gang member who took one look at me and said “He’s a cop, get lost.” My undercover career was over before it started.

2. Where did you go to college and what experiences there led to your current profession?

I graduated from Jacksonville University in Jacksonville, Florida with a double major in marketing and management and a minor in psychology. Throughout college, I worked as a bouncer, bartender, DJ and eventually manager at a rock nightclub. As a 5’8” bouncer in Jacksonville, where the average male is 6’3,” I quickly developed negotiation, persuasion, de-escalation and other crisis-related skills. I also had to be able to read body language and know when a  negotiation had broken down, and it was time to take action. I prided myself on how frequently I was able to get people out of the club peacefully. I witnessed more violent crimes, including shooting incidents, in my four years as a nightclub employee than I did in nearly 10 years as an FBI agent.

3. How did you come to join the FBI? What were your duties as an agent?

After college, I applied to take the NYPD entrance exam. At the time, my sister Stacey was an Assistant U.S. Attorney in the Southern District of New York. When I mentioned to her that I had applied to take the police exam, she asked “What about the FBI?” She put me in touch with her friend, who was a Special Agent in the New York Field Office. This was in 1985. I called the number she gave me and a deep, booming voice answered, “TERRORISM!” I was so startled, I nearly fell off my chair! Whatever preconceptions I had in terms of how the FBI might answer the phone, that one didn’t make the mental checklist. I collected myself and had a great conversation with the agent, who encouraged me to apply to the FBI.

The FBI recruitment process is very involved, with many aspects to it, and candidates fall by the wayside at every stage. Back then, there was an initial application, a written exam, the completion of a very detailed application, a panel interview with three FBI Special Agents and finally a background check investigation, and as far as I know, that’s still the case today. Completing the application was quite an undertaking because you had to provide very detailed information about you, your siblings, their spouses, your parents and every roommate you’ve ever had. The application was used as the roadmap for the intensive background investigation that follows.

I entered on duty as an FBI Special Agent in October, 1986. Special Agent trainees lived at the FBI Academy for four months, and academy training was divided equally between academics (minimum passing grade is 85%), physical training/defensive tactics and firearms training.

FBI Special Agents investigate and enforce an incredibly wide variety of criminal violations, counter-intelligence and counter-terrorism. My first assignment was the Memphis, Tennessee field office. At the time, Memphis was a relatively small FBI office, so agents had much broader responsibilities than in the larger field offices where agents tend to be more specialized. For most of my time in Memphis, I was assigned to a White Collar Crime squad, which also had responsibility for the Civil Rights and Fugitive programs. I worked on a wide array of primarily financial crime investigations, including on the bank robbery response team and worked with the narcotics task force. While white collar crime was my primary focus, each agent on the squad carried multiple fugitive cases. The FBI has primary jurisdiction to enforce Unlawful Flight to Avoid Prosecution (UFAP) in support of state and local law enforcement when there is evidence that violent offenders have fled their jurisdictions.

In 1991, I was transferred to NYC and assigned to the money-laundering and asset forfeiture squad.  There, the entire mission was to conduct parallel financial investigations alongside the largest, most complex criminal cases being investigated by the New York FBI. I worked on many organized crime, narco-laundering, and trafficking and white collar crime cases, and our squad seized and forfeited nearly $1 billion during my five years there.

4. How have you utilized the skills you learned in law enforcement in your current profession?

I use the skills I learned as an FBI Special Agent every day in my current profession and have since the day I left the Bureau nearly 17 years ago. Many crimes are revenue-generating crimes; making cases against criminal defendants and their criminally-derived assets means painstaking financial analysis. Tracing criminal proceeds back to their source provides evidence of the crime, quantifies it and enables the government to dismantle criminal organizations by seizing assets obtained by the specified unlawful activity or used to facilitate the laundering of criminal proceeds. I am usually surrounded by mountains of banking records and financial records. However, reviewing banking and financial records alone often doesn’t reveal the full picture. While at the FBI, I developed the ability to use publicly available information to identify the financial holdings and business interests of criminal subjects and their associates, as well as any prior illegal conduct or civil disputes that could help build the case against them. These same background investigation techniques can be used in a commercial context both after the fact as part of the ensuing financial crime investigation and also to vet prospective relationships in an effort to determine whether a company would make a suitable business partner. Likewise, interviewing and interrogation skills are something you use in a variety of settings. Unlike interviews depicted on many TV crime dramas, interviewing is often all about building a rapport and establishing some common ground, no matter how despicable the subject of the interview may be. People also give off hidden cues that signal when they are uncomfortable with your questions and when they are outright lying. These same skills are very helpful when conducting interviews of executives and employees, whether in the course of evaluating a corporate compliance program, conducting anti-corruption due diligence or interviewing a suspect.

5. You recently changed companies, moving from Navigant to Protiviti. What can you tell us about your new position and some of the things that you would like to achieve?

I’m incredibly excited about my new role at Protiviti. I’ve joined an established and very experienced firm whose professional staff includes investigators, forensic accountants, anti-corruption practitioners and technologists in over 70 offices in 23 countries. Protiviti also has a very powerful technology platform in its Governance Portal. The Portal manages data intake, risk scoring, work-flow management, case management and decision-making ‑ so that all the aspects of an overall ethics and compliance program, or a single aspect of it, such as managing third-party anti-corruption programs, can be brought together on a single platform. (The Portal has received industry recognition: Protiviti has been positioned as a “Challenger” by Gartner in the October 2012 Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms.)

I really look forward to continuing to help clients apply their limited resources strategically on a risk basis and also to better position them so that they can manage their regulatory risk proactively and deploy investigative and forensic resources rapidly when issues emerge.


Scott Mortiz can be reached at scott.moritz@protiviti.com.


This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. 

March 28, 2011

FCPA Lessons Learned-Failures in Internal Controls

We often write and speak on some of the lesson learned from enforcement actions brought by the Department of Justice (DOJ) under the Foreign Corrupt Practices Act (FCPA). We believe that companies can not only learn from the mistakes of others in implementing or enhancing their compliance program but can glean information on the DOJ’s current thinking on the best practices for a compliance program.

In a recent white paper, entitled, “Staying out of the Headlines: Strategies to Combat Corruption Risk” jointly produced by the consulting firm of Protiviti and the law firm of Covington and Burling, the authors reviewed 286 FCPA cases and analyzed the internal control weaknesses which led to FCPA enforcement actions. From this review, the authors derived a Top Five of Control Weaknesses. This article will review these findings and the authors’ guidance on how a company might use this information to assist it to enhance its FCPA compliance program.

1. Inadequate Contract Pricing Review

The authors found that in 110 cases they reviewed, the internal controls were insufficient to confirm whether contract pricing was artificially inflated or otherwise altered. This enhanced the risk that a foreign business representative could inflate the price of goods and either keep the spread or use it to bribe a foreign governmental official. The types of internal controls weaknesses noted by the authors included:

  • Inflated contract prices were used to generate and conceal kickbacks.
  • Commissions were disguised as legitimate business expenses.
  • Unwarranted additional fees were added to contract prices.

To remedy this contract pricing issue, the authors recommended that companies review their procurement policies from a FCPA compliance perspective. Companies should also engage in a competitive bidding process for purchases from third parties. Lastly invoices from third parties should provide sufficient detail to support the goods or services provided and back up for all expenses.

2. Inadequate Due Diligence and Verification of Foreign Business Representative

It is well known that companies are responsible for the actions of their business representatives and that this is a large source of FCPA exposure. Based upon their review, the authors found several examples of weaknesses in internal controls which led to FCPA enforcement actions. These weaknesses included:

  • Monthly payments made to foreign business representatives where no written contract was in place.
  • Contracts with foreign business representatives with prior histories of improper payments.
  • Lack of vigorous due diligence based upon a valid risk analysis.

While noting the difficulties in the area of foreign business relationships, the authors proffer several steps to help ameliorate the risk. These steps include (1) a risk assessment and ranking of requisite due diligence based on this assessment; (2) collection, processing and analysis of information in a concise and effective manner; (3) confirm the business purpose, and indeed business need, for the third parties; (4) have a high level management review of all high risk foreign business partners; (5) include in your written contract, FCPA terms and conditions, including an affirmation of FCPA compliance; and (6) manage the foreign business partner relationship with an internal management sponsor.

3. Ineffective Accounts Payable Payment and Review

This area involves the review and appropriate authorization of funds prior to disbursement. The authors noted that vendor set up and management procedures were not well documented in the cases they reviewed and that company processes across wide geographic areas may not have the appropriate “checks and balances.”  The authors found the following internal control weaknesses in this area:

  • Inappropriate payments made to agents under the guise of commissions, fees or legal services.
  • Payments for professional services where no back up was provided by the vendor.
  • Services were paid under contracts where such services were not addressed.

As remedies for these issues, the authors suggested that the classification of payments is critical. Additionally supporting documentation must be a part of any request for payment but there must be an appropriate review and approval process followed for any disbursements. Finally purchase orders must be matched with contracts for validation prior to payment.

4. Ineffective Financial Account Reconciliation and Review

The books and records component of the FCPA, together with the accounting control provisions mandate that documentation on transactions must not only record the transaction but also adequately describe it to alert the reviewer to possible violations. In their white analysis, the authors found several examples of ineffectual financial account reconciliation and review, which included:

  • Inflated revenues through improper schemes.
  • Recording of false entries by a subsidiary that was rolled up to a parent.
  • False invoices were paid.
  • Improper recordation of payments in various ledger accounts.
  • Lack of appropriate documentation for disbursements.

The authors advised that companies should enhance financial reconciliation and review for FCPA compliance. Policies and procedures must be established and followed to help ensure accurate bookkeeping and accounting. Lastly, all transactions must have and be supported by appropriate documentation.

5. Ineffective Commission Payment Review and Authority

The authors noted instances of the lack of procedures to verify the payments of commissions to foreign business partners. These failures led to instances of bribery of a foreign governmental official by the foreign business partner. From their review the authors noted some of the following internal control weaknesses which led to a high number of enforcement cases in this area:

  • Mission creep by foreign business partners in that the duties they carried out were not assigned within or by the contract.
  • Misleading information was presented to company internal auditors regarding the amount of commissions paid by foreign business partners.
  • Commission payments were inflated so that foreign business partners could provide kickbacks to foreign government officials.

To assist in this area the authors stressed the need for a review of all relevant information prior to making a commission payment. This would start with a review of the contract to ascertain if the agent was entitled to a commission, the amount of the commission and whether the work described met the contractual strictures. Care should be taken that all payments are made to the named contract counter-party and not an unnamed third party. The payment location should be verified to make certain no offshore payments are made. Lastly the authors suggest training for any third party representatives to ensure their understanding of the requirements of the FCPA and any other relevant anti-bribery and anti-corruption laws applicable.

This white paper is an excellent source of information the lack of internal controls which have led other companies into FCPA troubles. It provides some solid recommendations for the specific controls that a company should put into place. We commend the authors for their research and suggestions for best practices moving forward.


Stephen Martin and I will be continuing our FCPA presentations, hosted by World Check next week. All of the events are free and CLE is provided. If you are in one of these areas I hope you can join us.

Tuesday, April 5-Portland. For details, click here.

Wednesday, April 6, Seattle. For details, click here.

Thursday, April 7, Denver. For details, click here.


This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Blog at WordPress.com.