What are the obligations of a Board member regarding the FCPA? Are the obligations of the Compliance Committee under the FCPA at odds with a director’s “prudent discharge of duties to shareholders”? Do the words prudent discharge even appear anywhere in the FCPA? In webinar, entitled “Reporting to the Board on Your Compliance Program: New Guidance and Good Practices”, Rebecca Walker and Jeffery Kaplan, explored these and other issues.
As to the specific role of ‘Best Practices’ in the area of general compliance and ethics, Walker looked to Delaware corporate law for guidance. She cited to the case of Stone v. Ritter for the proposition that “a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate exists.” From the case of In re Walt Disney Company Derivative Litigation, she drew the principle that directors should follow the best practices in the area of ethics and compliance.
In a recent Compliance Week article, Melissa Aguilar examined the duties of Board members regarding FCPA compliance. The conclusions of several of the FCPA experts that Ms. Aguilar interviewed for the article were that companies which have not yet had any FCPA issues rise up to the Board level are usually the ones which are the most at risk. Albert Vondra, a partner with PricewaterhouseCoopers stated that such companies “don’t have the incentive to spend the resources or take the rigorous approach to their anti-compliance programs. Their attitude is, ‘We’ve got it covered,’ but they don’t”. Richard Cassin, managing partner of Cassin Law, stated that there must be written records demonstrating that the audit committee and that the board members asked questions and received answers regarding FCPA compliance issues. Such documentation demonstrates the Board members have “fulfilled their fiduciary obligations,” Cassin says.
Board failure to head this warning can lead to serious consequences. David Stuart, a senior attorney with Cravath Swaine & Moore, noted that FCPA compliance issues can lead to personal liability for directors, as both the Securities and Exchange Commission (SEC) and DOJ have been “very vocal about their interest in identifying the highest-level individuals within the organization who are responsible for the tone, culture, or weak internal controls that may contribute to, or at least fail to prevent, bribery and corruption”. He added that based upon the SEC’s enforcement action against two senior executives at Nature’s Sunshine, “Under certain circumstances, I could see the SEC invoking the same provisions against audit committee members—for instance, for failing to oversee implementation of a compliance program to mitigate risk of bribery”.
According to Haynes and Boone in its publication, “Corporate Governance and the Role of the Board” a board’s role is not to actually manage the company, but instead to oversee and monitor the management of the company. In the realm of compliance, this means the Chief Compliance Officer. The board has the responsibility to fulfill the role of strategic and business advisor to management of the company. In addition, the board has the role of monitoring the performance of the compliance function, including monitoring the performance of it using customary economic metrics, and by overseeing compliance with applicable laws and regulations. While the board is not responsible for auditing or ferreting out compliance problems, it is responsible for determining that the company has an appropriate system of internal controls. The board should also monitor company policies and practices that address compliance and matters affecting the public perception and reputation of the company. Every company should ensure that it conducts appropriate compliance training for employees and conducts regular compliance assessments. Finally, the board must take appropriate action if and when it becomes aware of a material problem that it believes management is not properly handling.
There is no reference to prudent discharge in the FCPA itself. However, a Board member might well think more than twice about my prudent discharge of duties to the shareholders as both the DOJ and SEC now might well wish to look into a Board’s prudent discharge of duties under the FCPA.
Three Key Takeaways
- What is ‘prudent discharge’?
- What is your process for doing compliance at the Board level?
- A Board must have active rather than passive engagement around compliance.
For more information, check out my book Doing Compliance: Design, Create and Implement an Effective Anti-Corruption Compliance Program, which is available by clicking here.