What are the obligations of a Board member regarding the Foreign Corrupt Practices Act (FCPA)? Are the obligations of the Compliance Committee under the FCPA at odds with a director’s “prudent discharge of duties to shareholders”? Do the words prudent discharge even appear anywhere in the FCPA? In a webinar, entitled “Reporting to the Board on Your Compliance Program: New Guidance and Good Practices”, Rebecca Walker and Jeffrey Kaplan explored these and other issues.
As to the specific role of best practices in the area of general compliance and ethics, Walker looked to Delaware corporate law for guidance. Walker cited to the case of Stone v. Ritter for the proposition that “a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate exists.” From the case of In re Walt Disney Company Derivative Litigation, she drew the principle that directors should follow the best practices in the area of ethics and compliance.
The Board has the role of monitoring the performance of the compliance function, including monitoring the performance of it using customary economic metrics, and by overseeing compliance with applicable laws and regulations. While the Board is not responsible for auditing or ferreting out compliance problems, it is responsible for determining that the company has an appropriate system of internal controls. The Board should also monitor company policies and practices that address compliance and matters affecting the public perception and reputation of the company. Every company should ensure that it conducts appropriate compliance training for employees and conducts regular compliance assessments. Finally, the Board must take appropriate action if and when it becomes aware of a material problem that it believes management is not properly handling.
The job of every Board member is to represent the shareholders. To do so, the Board must oversee the risk management function of the organization. These obligations around compliance were recently explored by the Delaware Supreme Court in the case of Marchand v. Barnhill, the “Blue Bell” case. Blue Bell Ice Cream was and to this day is a single-product food company and that food is ice cream. This sole source of income would mandate that the highest risk the company might face is around food. But, as the underlying complaint noted, “despite the critical nature of food safety for Blue Bell’s continued success, the complaint alleges that management turned a blind eye to red and yellow flags that were waved in front of it by regulators and its own tests, and the board—by failing to implement any system to monitor the company’s food safety compliance programs—was unaware of any problems until it was too late.”
The plaintiffs reviewed the Board records and made the following allegations:
- there was no Board committee that addressed food safety;
- there was no regular process or protocols that required management to keep the Board apprised of food safety compliance practices, risks, or reports which existed;
- there was no schedule for the Board to consider on a regular basis, such as quarterly or biannually, any key food safety risks which existed;
- during a key period leading up to the deaths of three customers, management received reports that contained what could be considered red, or at least yellow, flags, and the Board minutes of the relevant period revealed no evidence that these were disclosed to the Board;
- the Board was given certain favorable information about food safety by management, but was not given important reports that presented a much different picture; and
- the Board meetings are devoid of any suggestion that there was any regular discussion of food safety issues.
All of these might well be categorized as prudent discharge of the Board’s obligations. The Board argued that it only had to meet FDA and state regulatory requirements for food safety and that action alone met its obligations. The Delaware Supreme Court made short shrift of this argument, stating “fact that Blue Bell nominally complied with FDA regulations does not imply that the board implemented a system to monitor food safety at the board level. Indeed, these types of routine regulatory requirements, although important, are not typically directed at the board. At best, Blue Bell’s compliance with these requirements shows only that management was following, in a nominal way, certain standard requirements of state and federal law. It does not rationally suggest that the board implemented a reporting system to monitor food safety or Blue Bell’s operational performance.”
The Board went on to claim that because it had received information on the company’s operational issues and performed oversight on operational issues, it had fulfilled its Caremark obligations. This is basically the same argument for paper compliance programs. We have something on paper so we have complied with our obligations. The Delaware Supreme Court also saw through the flimsiness of this argument stating, “if that were the case, then Caremark would be a chimera.” This is because operational issues are always discussed at the Board level. Finally, “Although Caremark … does require that a board make a good faith effort to put in place a reasonable system of monitoring and reporting about the corporation’s central compliance risks. In Blue Bell’s case, food safety was essential and mission critical.”
The bottom line is that the Blue Bell Board did nothing to fulfill its Caremark obligations. The actions set out by the plaintiffs make a good starting point for the prudent discharge of the Board’s obligations under Caremark and its progeny. Every Chief Compliance Officer (CCO) needs to read and understand these obligations so they can train their Board of Directors on its obligations. There is no reference to prudent discharge in the FCPA itself; however, a Board member might well think more than twice about the prudent discharge of duties to the shareholders as both the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) now might well wish to look into a Board’s prudent discharge of duties under the FCPA.