Battle of the Somme IIIThere have been a plethora of new books about the Battle of the Somme. Daniel Todman reviewed several in an article for the Financial Times (FT), entitled “Stories of the Somme”. One of the books reviewed, Breakdown: The Crisis of Shell Shock on the Somme, 1916, by Taylor Downing, focused on the relatively new condition identified as ‘shell shock’ a term which became ‘combat fatigue’ in World War II (WWII) and today is called ‘post traumatic stress disorder’. Downing thoroughly discussed the range of symptoms experienced by the combatants. Yet his innovation was to consider the mental health of the entire British nation as the causalities mounted and mounted with no end or even result in sight.

I thought about Taylor’s insights when considering the collective mental state of Great Britain after the Brexit vote or, as we would say in Texas Breeee-exit. The topic has certainly dominated both the UK and US news since last Friday, although since Monday, the British press is equally talking about the English exit from the European Football Championship, losing to Iceland 2-1. Many have wondered what Brexit might mean for compliance, the Foreign Corrupt Practices Act (FCPA) and enforcement of the UK Bribery Act. I explored some of the these issues with Jonathan Armstrong, from Cordery Law Firm in London, in a podcast earlier this week, you can listen to Episode 262 The Brexit Edition on the FCPA Compliance and Ethics Report.

Regarding enforcement of the UK Bribery Act, Armstrong believes that there is likely to be little change. The UK Bribery Act 2010 is not a part of any body of European Union (EU) legislation and the UK bribery prosecutors are independent of the EU regime. There may be an effect on some investigations, for example into alleged corruption in EU funds, but as the law will remain the same, there should be no change in how it is enforced. My concern would be that the British government would be so low of funds or required to use its resources in other more politically palatable areas that it could lead to underfunding for the Serious Fraud Office (SFO) to conduct investigations and put on trials for companies that do not settle with the government.

Armstrong did opine that there might well be big changes in areas which do impact FCPA enforcement and those are the areas of data privacy and data transfer. Armstrong noted while there has obviously been much debate in Europe about data transfer issues, what happens with the UK after the exit remains to be seen. He believes that much is likely to depend on whether the UK remains in the European Economic Area (EEA) or not. If the UK does, there may well be little practical change. However if the UK leaves the EEA regime, it would likely have to go through some sort of an adequacy assessment under the EU General Data Protection Regulation (GDPR). He indicated that data transfers could be complicated if the UK does not remain in the EEA as there have been allegations of surveillance by UK Government agencies. He concluded that if a working Privacy Shield deal can be done next month the UK would still be a party to that, at least in the short term. He did conclude with the well-known British admonition to ‘Watch this space”.

I was also interested with Andrew Hill’s FT On management article entitled “Five failures of leadership and one hollow Brexit success”. As usual many of Hill concepts translate well over the role of the Chief Compliance Officer (CCO) so I wanted to use this to reflect on leadership issues for the compliance professional. Hill was merciless that over the course of the referendum campaign and the subsequent events since the vote was tallied on Friday that there has been a complete, total and utter failure of British political leadership.

First is the underlying historical failure of British leadership within the EU. Hill wrote, “A dearth of leadership in the EU itself over recent years exacerbated the economic and political mess that repelled many insular UK voters from the European project. A fatal failure to exercise UK leadership in the EU… further primed the electorate to reject the invitation to remain.” For the CCO or compliance practitioner, I think this means you have to actively engage at all levels of your organization going forward. Never forgot that creating corporate allies is an ongoing process.

The second was the failure of strategy. Presciently, Hill notes that having a strategy is not the same as having a goal. Hill quotes UCLA Professor Richard Rumelt for the obvious, “Winging it is not a strategy.” You need to have both a goal and strategy. Based on the continued comments from the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) over the years, you need to have a roadmap for the design, implementation and continual improvement of your compliance program.

Failure number three is the failure of teamwork. The Brexit referendum campaign certainly embodied the age-old adage that politics makes for strange bedfellows. However in this campaign, Hill said, “The formation of opposing groups drawn from across the political spectrum was always going to pose vast challenges.” Moreover, “Scratch teams can do great work. In business the most diverse groups often come up with the best innovations, but such groups are also the hardest to manage.”

The lesson for the CCO is the management of diverse groups within an organization. Obviously the General Counsel’s (GC’s) office should be a natural ally of compliance. Yet the roles of both disciplines within an organization are very different. These differences will need to be managed throughout the existence of any compliance issue. The same is true, perhaps even more so, for other corporate functions.

As a fourth failure, Hill pointed to “disintegration of the opposition Labour party’s fragile unity after the vote has exposed the inability of Jeremy Corbyn, its leader and a reluctant Remainer, to shape the agenda”. Hill recognizes that political leaders can only get out so far in front of their constituents. Yet being a leader means more than simply talking into an echo chamber but also leaders have “a duty to conduct the sound that the chorus makes rather than simply to sing along.”

Here I think the message for the CCO is that you must continually work to shape the message of compliance throughout your organization. This certainly means more than simply coming from the compliance department. You must also get the C-Suite and senior executives to both talk the talk and to walk the walk of compliance.

Finally, is the failure in the post election phase of this disaster, Hill contends that while “Succession is almost always bloodier in politics than in business” this act by British politicians presents a “scene of near-total disarray”. He intones, “Boards often allude to contingency plans in case their chief executive is “run over by a bus”.” For any CCO, you must prepare for such an exigency. More importantly, you must lead this effort for your company.

The implications of Brexit may well be with us for many years. As a CCO you need to not only begin to prepare for some the issues identified by Jonathan Armstrong but also heed the leadership failures identified by Andrew Hill.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016

English FlagA couple of recent articles about the UK Serious Fraud Office (SFO) caught my attention. One was on thebriberyact.com, entitled “Opinion: DPA’s must show greater benefits. We discuss the Criteria & Process for a DPA set out in Alun Milford’s (SFO GC) recent speech” and was authored by those well known UK Bribery Act mavens and commentators, the Bribery Act guys, Barry Vitou and Richard Kovalesky QC. The second, entitled “The Inner Workings of the U.K. Serious Fraud Office, is by my Compliance Week colleague Jaclyn Jaeger.

 Both articles provide a wealth of information for the Chief Compliance Officer (CCO) whose company is subject to the UK Bribery Act. They also point out some of the differences in approach by the SFO from the US Department of Justice (DOJ); both articles are based on the remarks by Alun Milford, the SFO General Counsel (GC). Jaeger’s article dealt primarily with the beginnings of a case up to the negotiations over a Deferred Prosecution Agreement (DPA). The Bribery Act guys article dealt more with the issues around DPAs.

Jaeger reported, as with enforcement actions under the Foreign Corrupt Practices Act (FCPA), cases come into the SFO in a variety of ways. Some include self-reporting, through ancillary investigations, whistleblowers disclosures, disgruntled business rivals, occasionally a bribe recipient and some are from reports from other jurisdictions. Whichever the mechanism of disclosure, “Regardless of how a case comes into the SFO, he said, it will be looked at first by the SFO’s intelligence unit, whose members will assess whether the case meets the SFO’s criteria to take it on.”

From that point, if the Director of the SFO, currently David Green, agrees to move forward on the matter and will “open a criminal investigation, responsibility for it passes to a case controller on one of our casework Divisions, who will have day-to-day responsibility for the case. The lead investigator will head up a multi-disciplinary team of investigators, lawyers, forensic accountants, IT experts and outside counsel who will “pursue all reasonable lines of enquiry, gathering in and reviewing potentially relevant documents from the company and elsewhere. It will interview witnesses and suspects. At the end of that process, we will make a charging decision.””

If there is insufficient evidence, the matter is concluded. However, if the SFO considers that it has “sufficient evidence for a realistic prospect of conviction and the public interest warrants the corporate’s prosecution, we will prosecute—but if we think the public interest might not require a prosecution then we will consider a DPA.”

The SFO expects a company to cooperate during the pendency of the investigation. Milford said the “SFO would have a conference with the company involved, where “we will make clear that we are looking for cooperation for the duration of the investigation. The company under investigation is expected to preserve information and to make it available to the SFO. Collection of digital material needs to be forensically sound, with whole images being taken of digital collections are then preserved. Back-up tapes should be preserved, and any rolling destruction processes stopped.””

Milford also had some interesting thoughts around assertion of the attorney-client privilege. While initially noting the SFO “has no interest in the communications between client and lawyer on questions of liability or rights”; he made clear that the SFO does want facts. Further, each claim of privilege will be individually evaluated. He specifically noted:

  • We will view as uncooperative false or exaggerated claims of privilege, and we are prepared to litigate over them: to do otherwise would be to fail in our duty to investigate crime.
  • If a company’s assertion of privilege is well-made out, then we will not hold that against the company: to do otherwise would be inconsistent with the substantive protection privilege offers. We will simply judge the question of co-operation in our normal way against our published criteria.
  • By the same token if, notwithstanding the existence of a well-made-out claim to privilege, a company gives up the witness accounts we seek, then we will view that as a significant mark of cooperation: here again, to do otherwise would be inconsistent with the substantive protection privilege offers.
  • For the same reason, we will view as a significant mark of cooperation a company’s decision to structure its investigation in such a way as not to attract privilege claims over interviews of witnesses.

To obtain a DPA, the Bribery Act guys reported that Milford gave two general criteria. The first, echoing Jaeger’s article on the topic of cooperation, is that any company that wants a DPA must fully cooperate throughout the process. They quoted Milford for the following, “‘Considerable weight may be given to a genuinely proactive approach by (the organisation’s) management team when the offending is brought to their notice, involving within a reasonable time of the offending coming to light, reporting (the organisation’s) offending otherwise unknown to the prosecutor and taking remedial actions including, where appropriate, compensating victims. In applying this factor the prosecutor needs to establish whether sufficient information about the operation and conduct of (the organisation) has been supplied in order to assess whether (it) has been co-operative. Co-operation will include identifying relevant witnesses, disclosing their accounts and the documents shown to them. Where practicable it will involve making the witnesses available for interview when requested. It will further include providing a report in respect of any internal investigation including source documents.”

The second criterion is that the company seeking the DPA must be prepared to accept the consequences of their actions by pleading guilty. Milford emphasized this by stating “First, it should be obvious that a company that does not accept any criminal liability on its part cannot enter into a DPA, whatever view we may take of the evidence against it. Whilst the DPA process does not require a formal admission of guilt, a company which considers it has nothing to account for cannot agree to a statement of facts which sets out wrongdoing it denies, or to the payment of a financial penalty consequent on that wrongdoing, or to the payment of compensation when it considers it owes none or to rehabilitative measures when it considers there is nothing to rehabilitate.”

The Bribery Act guys also reported on the process around securing the DPA. They quoted Milford, “If the company takes up the offer, we will exchange confidentiality undertakings to enable the negotiations to take place privately. In those negotiations we will seek to reach agreement on a statement of facts, which sets out the extent of the company’s wrong-doing, and the terms on which the company should account for that wrongdoing.”

They noted the terms of a DPA could well include a financial penalty, which could be “broadly comparable with the fine a court would have imposed if the company had pleaded guilty on a full prosecution, disgorgement of profits, payment of compensation and the SFO’s costs, enforceable undertakings of co-operation and schemes for ensuring future compliance.” Milford said that he believes for a DPA to be “effective that agreement then needs judicial approval both as to the principle of a DPA with that company and its precise terms.”

The Court mechanism includes an initial hearing where “question of such approval will be considered must be in private.” If after this initial hearing, both the company and the SFO “decide to pursue the agreement and finalise its proposed terms, they must apply again, this time in a public hearing, for a declaration from the judge that: the DPA is in the interests of justice; and the terms of the DPA are fair, reasonable and proportionate. If the judge agrees to make that declaration, he or she must give reasons for this. It is really important to the statutory scheme that those reasons are easily available. Therefore, subject always to the power of the court to delay publication to ensure a fair trial of others, the prosecutor must then publish the DPA and the judge’s declaration. Finally, criminal proceedings against the company are started and immediately suspended in accordance with the terms of the agreement.”

These two articles provide the CCO or compliance practitioner, whose company is subject to the UK Bribery Act, useful guidance into how the SFO thinks through its decision to bring an enforcement action under the Act, what it excepts from the company in the way of cooperation and the process around securing a DPA.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016

 

 

 

Winslow AZAs I end my week’s exploration of the intersection of bribery and corruption in international sports, I have also ended a week of solid listening to The Eagles 1970s studio albums. In honor of Glenn Frey, I will also end this week with a final tribute to Frey and his work with this seminal band from the 70s. Today, it is a tribute to the first Eagles hit, Take It Easy. While Jackson Browne was the primary author of this song, Frey stepped in to finish it when Browne could not complete it. The Eagles also opened their first album, titled The Eagles, with this cut.

I cannot think of anyone born after about 1970 who does not instantly recognize the opening cords from Bernie Leadon’s lead guitar on this iconic song. If this song alone does not make you want to go to Winslow Arizona, well probably nothing will. In fact the song made the town so famous that the city of Winslow erected a life-size bronze statue and mural commemorating the song, at the Standin’ on the Corner Park. The statue stands near a lamp post, the male figure securing an acoustic guitar between his right hand and the shoe of his right foot. Above his head, a metal sign, crafted in the style of US Route shields, displays the words “Standin’ on the corner”.

As I have noted this week, the world of sports continues to provide ample lessons to be learned for the Chief Compliance Officer (CCO) or compliance practitioner. Although we no longer have the sad sack Astros to kick around, there are many other candidates out there you can draw inspiration from for your compliance regime. For today, I want recap some of these lessons.

Perhaps the clearest sign from the scandals reviewed this week and the ongoing Fédération Internationale de Football Association (FIFA) scandal is the role of regulators such as the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) in leading the international fight against bribery and corruption. Only the US had the wherewithal to bring the charges against FIFA. While the Swiss have tagged along, they certainly did not take anything like the lead in this matter. Further, the allegations of FIFA’s bribery was publicized in Britain as long ago as 2010 and the Serious Fraud Office (SFO) never brought charges against FIFA or its cronies.

The bottom line is that only the US government has the ability and, more importantly, the will to engage in such a worldwide investigation and coordinate the actions of numerous countries in providing assistance. Do you think the Swiss police would have been so involved if it was not for the US government lead in this investigation? From President Obama on down, the US government has made clear that it will lead the international fight against bribery and corruption. The FIFA indictments are yet one more indication that they will continue to do so.

From the International Association of Athletics Federations (IAAF) scandal there are certain aspects similar to FIFA but made even more invidious. Not only was a there a long entrenched self-serving and self-congratulatory cabal running the organization, but they even out did FIFA by allegedly extorting money from athletes who they expected of using performance enhancing drugs to suppress positive drug tests. These officials were allowed to not only run rampart but also engage in essentially self-government of themselves. Kind of like having the foxes guard the henhouse.

I think the lesson is the checks and balances required in any best practices compliance program that form the basis of compliance. While some of these checks and balances are in the form of multiple internal levels of oversight, such as a Compliance Committee, which might be made up of senior managers from various disciplines; another level is brought about by internal controls and the concept of the segregation of duties (SODs). No one person should be allowed have so much discretionary power that they can approve vendors, approve contracts; then approve invoices for payments on those same vendors and contracts they have previously approved.

In the corporate world this is fairly standard in the US but there continues to be Foreign Corrupt Practices Act (FCPA) enforcement actions, emanating from outside the US, where a Country or Regional Manager can make such multiple approvals. This is not only a recipe for disaster financially but also allows the creation of a pot of money to pay a bribe much easier. Internal controls also work towards having continuous oversight, if a technology solution is used it can facilitate both the prevent and detect prongs of a best practices compliance program.

The lesson for the US company which does not have a compliance program in place is that the basic forms of corporate governance are not only mandatory for a compliance and ethics regime but they are also the basics for any minimums of corporate governance in the 21st century. The level of any fraud, including bribery and corruption under the FCPA, can be low, yet the attendant costs can be far in excess of any fine or penalty. For FIFA and the IAAF, their cost will be played out in the international press and court of world public opinion for some time to come. For the former heads and senior members of those organizations, the cost may well be more pedestrian, with jail terms for felony criminal violations.

Finally, from the allegations around offers of bribes to throw matches in professional tennis is the clear lesson that employees that are offered bribes need to have an avenue to be able to report such conduct. For the CCO, it is important that employees have confidence and trust in the organization so they are willing to make such reports. To stop the scourge of bribery and corruption in any international sports group, the management must take the lead in communicating that such actions will not be tolerated and that anything less would result in expulsion and banishment. That is similar to any top management that must clearly set the expectation that it is more important for employees to follow the law than to make their quarterly numbers. For if management does not do so and communicates that making your quarterly numbers are more important, employees will find a way to make their quarterly numbers.

Moreover, it is important any company knows if a vendor, sales agent or any other party has offered or demanded a bribe to do business. Even if your employees tosses them out of the office on their collective ear, it is incumbent you be made aware of the demand/offer so you can bring it to the attention of the counter-party and take appropriate remedial action. Indeed, in many industries the number of agents or other representatives is small enough that they can be known. If there is a collective refusal to do business with such corrupt third parties, it can be a powerful driver of business behavior.

So I end this week with a fond farewell to Glenn Frey and I hope you are taking it easy about now. For a YouTube clip of The Eagles playing Take It Easy, click here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016

2016Greetings from Venice where my wife and I are spending the next few days so this blog post is my first Travel Edition of 2016. Last week I wrote about my thoughts on some of the significant Foreign Corrupt Practices Act (FCPA) criminal and civil enforcement actions from 2015 and some of the larger corruption stories across the globe. Today I want to peer into the not-to-distant veiled future of 2016 to see where enforcement and compliance may be headed going forward.

Regarding FCPA enforcement first and foremost on everyone’s mind is Wal-Mart. There are currently two versions of the Wal-Mart FCPA investigation. The first was articulated by the Pulitzer Prize winning New York Times (NYT) and its 2012 stories about massive corruption in its Mexican subsidiary, all leading to the subsidiary contributing 20% profit to the company’s bottom line for over five years. The converse version was articulated by the Wall Street Journal (WSJ) in an article from 2015 that basically said there was little evidence of bribery by the company in Mexico, although the company’s internal investigation did turn up some instances of very small bribes being paid in India. At this point it is unclear which version, if either, is correct.

What is clear is that Wal-Mart has spent massively to upgrade its compliance function, with some reports that the costs are north of $600MM. Moreover, Wal-Mart has taken its rightful place as an industry leader in talking about not only compliance but also ethics as part of its overall business strategy going forward. For those who have claimed the Wal-Mart scandal has always been much ado about nothing, they seemingly miss this key point that it is the doing of compliance that leads to more robust compliance. It was only after the NYT broke its story that Wal-Mart brought its compliance program forward into the 21st Century through this massive spending. I somehow doubt the company would be the industry leader in compliance it is today, if the NYT had not broken its story. Whatever the final fine and penalty may be, the creation of a best in class compliance program may well be the final legacy of the Wal-Mart FCPA scandal.

The Yates Memo caused quite a stir when it was announced and in subsequent Department of Justice (DOJ) public commentary throughout the fall and winter. The parameters of its mechanics are still being worked out. However the commentaries have raised some serious questions about how it will all work out in practice. One school of thought says that companies will now rush to throw lower level employees under the bus as soon as possible to protect senior level employees. Another school says that the implication is to demean the importance of an effective compliance program because you do not even get to that issue until you have identified culpable individuals and turned over that information to the DOJ. Yet another school of thought suggests that the focus of internal investigations may change from a root cause analysis to determine what happened so that remedial actions could be brought to bear; to naming names first and foremost, with the issues of underlying cause and attendant remedy to make sure the conduct does not continue or happen again moved to the back burner.

The one thing I am confident of at this point is that the Yates Memo will put even more pressure on internal investigations. Companies which may have assigned investigations to internal functionaries, whether in-house lawyers or other investigators, may now have to go to outside counsel much sooner rather than later, if they want cooperation credit going forward. Coupled with the expansion of whistleblower protections and whistleblower complaints to Securities and Exchange Commission (SEC) and other regulators, a company must focus significant resources on putting together a robust investigation protocol and following it.

The announcement of the new DOJ Compliance Counsel was something that had been reported back in the summer. The position was filled by Hui Chen, an ex-DOJer and corporate compliance practitioner, who will evaluate compliance programs for companies under FCPA investigation. She will use articulated metrics to evaluate the state of a company’s compliance program, at the time the incident occurred. The difficulty for any company is that you are always measured at the time of disclosure and review, not the three to five years back when the incident arose so a company is held to a standard which did not exist at the time.

This means there will be even more pressure on Chief Compliance Officers (CCOs) and compliance practitioners to institute a best practices compliance program sooner rather than later. It also means that your program must evolve and you must be able to show evolution and change (i.e. Document, Document, and Document). Further one of the specific metrics is resources so any corporate claim that ‘we spent all we could’ will be very closely scrutinized and if your program does not meet minimum standards, securing any credit for having a compliance program in place will be very difficult to achieve.

I think the first British Deferred Prosecution Agreement (DPA) by the Serious Fraud Office (SFO) under the UK Bribery Act will help the SFO move forward in its enforcement of the world’s most robust anti-corruption law. Not only should the SFO be able to turn back the annual attacks on it and calls to weaken the law but companies clearly now see value in self-disclosure. It could well portend a greater and more aggressive prosecutorial stance by the SFO particularly if SFO Director David Green has his term extended in 2016.

Finally, I think the compliance function will move to become much more integrated into and a more important corporate discipline within every organization of significant size going forward into 2016 and beyond. The 30 day period beginning with the Yates Memo to the Schrems decision by the European Court of Justice invalidating the safe harbor provision for the transfer of certain data from Europe to the US, to the Volkswagen (VW) scandal all make clear the need for not only robust compliance functions but also the elevation of the CCO to the ranks of any Chief Executive Officer’s (CEO’s) key and most trusted advisor.

Donna Boehme and others led the fight make the structural move and to get the CCO function out of the shadow and realm of the General Counsel’s (GC’s) office and the legal department. This debate should be fully closed now after these portentous events. Simply put, the legal function in a corporation is designed to protect the company. The compliance function’s role, as laid out by Roy Snell, is to “prevent, find and fix problems.” Put another way, the role of legal is to tell the truth. The role of compliance is to tell the whole story. VW is never going to pull out of the spiral its is currently in by playing legal games with regulators, states attorneys general or John Q. Public by hiding behind the law. It is only through transparency that VW will regain its prominence. That is one of the reasons that I believe the Wal-Mart FCPA enforcement action is so significant. It demonstrates that as bad as the facts are, may be or were even reported, a company can make a comeback with all three groups by putting in place a robust compliance function.

It is this new importance on the compliance function, the CCO and compliance practitioners that I see as the biggest happening going forward into 2016.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016

ZeitgeistHaving gone through the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) enforcement year for the Foreign Corrupt Practices Act (FCPA), I would now like to turn to my Top Five compliance related events of this year. Clearly the quantity of the DOJ’s FCPA enforcement actions dropped in the past year, but that did not mean the quality of overall FCPA enforcement dropped. Indeed as I noted in my prior posts, there were several significant lessons for the compliance practitioner not only to learn but also to put in place in any corporate anti-corruption compliance regime.

Even with this paucity of enforcement actions, there were some significant events which occurred last year that I believe portend some of the greatest changes not only compliance but FCPA enforcement going forward.

The Yates Memo

In her speech announcing the new policy, Assistant Attorney General Sally Yates said the following, “we have revised our policy guidance to require that if a company wants any credit for cooperation, any credit at all, it must identify all individuals involved in the wrongdoing, regardless of their position, status or seniority in the company and provide all relevant facts about their misconduct. It’s all or nothing. No more picking and choosing what gets disclosed. No more partial credit for cooperation that doesn’t include information about individuals.” This statement ties directly into the first point of the Yates Memo, which states, “To be eligible for any cooperation credit, corporations must provide to the Department all relevant facts about the individuals involved in corporate misconduct.”

For the Chief Compliance Officer (CCO) or compliance practitioner, this means the entire focus of your investigative protocol must now change. Previously an investigation was to determine how conduct that might have violated the FCPA occurred and then focus on how to remedy it. The first step a CCO or compliance practitioner would take when sufficient evidence was developed would be to fix the problem so that it did not re-occur going forward. If there were compliance program or internal control weaknesses, they would be immediately fixed so that neither the original perpetrators could continue the conduct but also so others could not take advantage of any such structural weakness.

DOJ Compliance Counsel 

The hiring of Hui Chen marked a key change by the DOJ. Chen is a former DOJer who went into the corporate compliance world. She has great knowledge about cutting edge best practices compliance programs. Chen has publicly announced she will be looking at several factors not usually considered, when evaluating compliance programs for credit. These inquiries include, (1) the amount of resources dedicated to compliance; (2) how thoughtfully your compliance program was designed; (3) how well your compliance program is operationalized in your company; and (4) how well compliance communicates with all stakeholders in an organizations.

Stephen Martin, the Managing Director and founder of Baker & McKenzie’s compliance consulting practice, has said, “Historically, it has been difficult for compliance professionals to explain the “return on investment” in compliance programs to senior management and Board of Directors. Companies questioned whether DOJ and SEC really credited a pre-existing compliance program or enhancements done during an investigation and/or resolution… For companies, the “return on investment” is clear…the benefits of an effective compliance program far outweigh the costs of the program and help mitigate government enforcement and compliance related risks. For compliance professionals, the DOJ’s increasing focus provides the rationale for helping companies truly move to instituting and maintaining a practical, best practices compliance program that meets the rising expectations of the DOJ.”

First British DPA 

In late November, the UK Serious Fraud Office (SFO) announced its first Deferred Prosecution Agreement (DPA) entered into under the Bribery Act. It involved the British banking institution ICBC Standard Bank Plc. The bank was charged with failing to prevent the payment of a bribe obtain business from the government of Tanzania. This was a huge win for the SFO and perhaps a game changer in compliance for prosecutions under the UK Bribery Act.

SFO Director David Green said: “This landmark DPA will serve as a template for future agreements. The judgment from Lord Justice Leveson provides very helpful guidance to those advising corporates. It also endorses the SFO’s contention that the DPA in this case was in the interests of justice and its terms fair, reasonable and proportionate. I applaud Standard Bank for their frankness with the SFO and their prompt and early engagement with us.” Unlike in the US, the judiciary participated fully in this process. Also most interesting was a separate surcharge by the SFO for its “reasonable costs … in relation to the investigation and subsequent resolution of the DPA.” If this is a self-funding mechanism for the SFO, it is also a departure from enforcement actions under the FCPA. From where I sit, if you have a violation, it would certainly be better to get in line now, before the SFO comes knocking.

FIFA Corruption Scandal

In an era of increasing large and all-encompassing corruption scandals (2012 – Wal-Mart, 2013 – GSK, 2014 – Petrobras) Fédération Internationale de Football Association (FIFA) stands out as the world’s biggest sports scandal, touching literally every continent and almost every country on the planet. Yet only three US citizens have been criminally charged at this point and some Americans asked why they should care about corruption in international soccer.

The FIFA prosecutions were a creative use by the DOJ of the Racketeer Influenced and Corrupt Organizations (RICO) statute to fight an international scourge. Frankly only the DOJ has the wherewithal to take on the world’s largest sports organization, particularly one which thought itself above the law. While the US certainly did not bring the indictments against FIFA alone, it clearly was the leader in this effort to continue the fight against global corruption and bribery. For if America does not lead, others will not follow in this fight so Americans should care greatly that the DOJ is continuing to lead this fight with the laws available to it.

Moreover, corruption is a global scourge. It is a component of political instability and terrorism. The FIFA scandal shows how corruption, which may appear to be victimless and not appear to hurt anyone, can, does and has destroyed the fabric, if not the soul, of some of the world’s greatest institutions. As Americans we should all want to fight the scourge of corruption wherever it might appear and we certainly believe that there should be a level playing field for all who want to compete.

Volkswagen and the Zeitgeist of Compliance

The Volkswagen (VW) scandal may well become the world’s largest compliance scandal ever (at least until the next one). It was so large it damaged not only VW’s competitors but also the German national brand of quality and honesty. First, and foremost, is the VW emissions-testing scandal. Going from the most trusted car manufacture in the world to an organization that does not seem know not only its left hand from its right hand but even where either hand resides. This is much more than a death of a thousand cuts where information dribbles out on a daily basis. This is a company which cannot seem to make clear what cars, in what countries, or even what engines may be part of the scandal.

I have always been fascinated with the zeitgeist. In the world of anti-bribery and anti-corruption compliance one rarely has the chance to observe the zeitgeist in action. However we are now seeing it play out in Germany in a very public way. It all involves the Made in Germany brand. Ulrich Grillo, the president of the BDI, the German global industry association, was quoted in Financial Times (FT) when he urged companies to check their “management processes, including compliance and control systems.” He suggested the question to ask should be “Are we doing everything right?” This is where the zeitgeist comes in. When you have the President of a national industrial association saying compliance is the answer, the zeitgeist has arrived. You need to sit up and take notice.

In my next post, I will discuss what it all may mean going forward, with some predictions for 2016.

TexasBarToday_TopTen_Badge_Large

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016