The site said in the blog post, “John Bonham is probably one of the few who can go and have a drum battle with himself. How else could you explain what went on here? He was obviously not your average stickman but whatever he played, he took it to the next level. It was fast and soulful at the same time. He was brutal behind the kit and that’s why no one could ever come close to him or even touch his greatness. Just take this solo, for example, have you ever seen anything so astonishingly good? When he strikes the skins, it always had power, precision and speed. But it also had the kind of finesse you wouldn’t believe would come from a seemingly uncontrollable madman.”

Dave Grohl said of John Bonham “I spent years in my bedroom – literally years – listening to Bonham’s drums and trying to emulate his swing or his behind-the-beat swagger or his speed or power not just memorizing what he did on those albums but getting myself into a place where I would have the same instinctual direction as he had.”

The song Moby Dick tune emerged after Led Zeppelin guitarist and producer Jimmy Page would often catch drummer John Bonham jamming in the studio. He recorded parts of it and then pieced it all together. Only Page and bassist John Paul Jones play the tune’s Drop-D blues-based riff with Bonham’s drums—as a power trio—at the very beginning and the very end of the tune, leaving the remainder open for Bonham alone. When played live, Bonham’s drum solo would last as little as 6 minutes or, more frequently, as long as 30 minutes, while the rest of the band would leave the stage after having played the introduction. During the performance Bonham would often set aside or throw his drumsticks into the audience and then continue the solo with his hands.

Unfortunately, I never got to see Led Zeppelin live, although I am sure what little hearing I have left is in direct proportion to not seeing them in concert. Bonham’s drumming leads to today’s topic of the Microsoft Foreign Corrupt Practices Act (FCPA) resolution announced Monday, July 22, 2019. As usual, the FCPA Blog. broke the story to the greater compliance community. The total fine and interest paid by Microsoft to the Securities and Exchange Commission (SEC) was approximately $16MM via a Cease and Desist Order.

According to the SEC Press Release, “Microsoft Hungary has also agreed to pay a criminal fine of $8,751,795 as part of a non-prosecution agreement with the U.S. Department of Justice related to causing books and records violations of the FCPA.” The SEC stated that “Microsoft violated the books and records and internal accounting controls provisions of Sections 13(b)(2)(A) and 13(b)(2)(B) of the Securities Exchange Act of 1934. Without admitting or denying the SEC’s findings, Microsoft consented to a cease-and-desist order and agreed to pay disgorgement of $13,780,733 and prejudgment interest of $2,784,418.”

The basic facts were fairly straight forward. The SEC said, “Microsoft’s subsidiary in Hungary provided discounts on software licenses to its resellers, distributors and other third parties. Instead of passing on the discounts to Microsoft’s government customers, the discounts were used to fund improper payments intended for foreign government officials to secure software license sales for Microsoft. The SEC also found that Microsoft’s subsidiaries in Saudi Arabia and Thailand provided improper travel and gifts to both foreign government officials and employees of non-government customers funded through slush funds maintained by Microsoft’s vendors and resellers. The SEC further found that Microsoft’s subsidiary in Turkey provided an excessive discount to an unauthorized third party in a licensing transaction for which Microsoft’s records do not reflect any services provided.”

These are the reported basic facts. However perhaps more interesting was the Microsoft public announcement today by its President Brad Smith. In an email, with the subject line “There is no room for compromise when it comes to ethical business practices” sent to all Microsoft employees, Smith acknowledged the FCPA violations by the Hungary business unit, where all of the four employees involved and four third party sales representative have been terminated.

But more than simply terminating the recalcitrant parties and moving on Smith related that Microsoft is committed to continuous monitoring and more importantly continuous improvement. He stated, “we appreciate that strong words need to be backed by effective deeds. The first critical step, taken more than five years ago, was to learn from these issues and identify our own opportunities for improvement, especially in the systems and controls that reduce the risk that even a small number of employees and resellers can evade our policies.”

Smith went on to note that as the company has focused on continuous improvement that has led to a number of changes, including the following: (1) Discounting transparency, “ensuring that we require that our channel partners pass discounts on to government customers and that we tell these customers about the discounts provided for their benefit.” (2) Commitment to meeting the ISO 37001, the new Anti-Bribery Management System Standard for the company’s  Hungarian subsidiary’s compliance program. (3) Transaction Monitoring. Through the use of machine learning to help identify transactions and automatically flag those that pose heightened compliance risk and have a team apply additional scrutiny to these transactions.

Smith also acknowledge that when humans are involved there is “no business process that can offer a perfect guarantee of eliminating all global instances of a human frailty that is as old as humanity itself.” He then identified the governmental role of “strong laws and effective enforcement by agencies such as the DOJ and the SEC in the United States and around the world.” But it more than governments wielding a big stick, as businesses also have a role in fighting the global scourge of  bribery and corruption. He said, “it’s why across the business community we need not only to be vigilant but committed to putting the world’s most advanced technology to work to help fulfill the strong ethical principles that the public rightfully expects us to uphold.”

Smith concluded by stating “It’s a never-ending job that deserves our focus and attention each and every day.” There is as much business ethics and anti-corruption compliance packed into that one sentence as I have seen in quite some time. Compliance must be fully operationalized throughout the organization and not just something done by the compliance function. It much be done on a continuous basis not only through continuous monitoring but also through continuous improvement. Finally, it is never ending because your risks never end. Whether they are the human frailty Smith noted early on in his email, democratic regime-change or evolution of products and services into new high risks area or businesses; compliance is never and one and done. Business is continually dynamic and that dynamism must be matched by a dynamic risk management strategy.

Tomorrow I will consider not only Genesis and Los Endos but also the bribery schemes utilized by Microsoft and the lessons they provide the compliance practitioner. While you are waiting for tomorrow’s blog, you may want to kick back and listen to some great versions of Moby Dick by John Henry Bonham.

Resources-all from YouTube

Moby Dick-Led Zeppelin II(Remastered Version)(studio version)

Moby Dick-Live from Royal Albert Hall

Moby Dick-Live from Madison Square Garden

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2019