We are on Episode IV of a five-part exploration of the recent the Department of Justice and Securities Exchange Commission resolution of a Foreign Corrupt Practices Act enforcement action against the Russian telecom company, Mobile TeleSystems PJSC (MTS). In this episode,  I look at the individual indictments, which charged Gulnara Karimova, daughter of the former President of Uzbekistan, with one count of conspiracy to commit money laundering and Bekhzod Akhmedov, a former MTS executive based in Uzbekistan with FCPA violations of one count of conspiracy to violate the FCPA, two counts of violating the FCPA, and one count of conspiracy to commit money laundering.

The indictment discussed the three companies who paid bribes to Karimova, who then laundered the money on the international stage. They were VimpelCom Ltd. (now VEON Ltd.), Telia Company AB (formerly TeliaSonera AB) (Telia) and MTS. The schemes Karimova used were so similar as to be almost identical. The only thing that changed was the name of the company she was shaking down money from in her march towards receiving over $1 billion in ill-gotten payments.

The documents which are the subject of this series are:

  1. MTS Deferred Prosecution Agreement (DPA);
  2. MTS Criminal Information (MTS Information);
  3. SEC Cease and Desist Order (Order);
  4. Karimova and Akhmedov Indictment (Indictment);
  5. Kolorit Dizayn Ink LLC Plea Agreement (Plea Agreement); and
  6. Kolorit Dizayn Ink Information (Kolorit Information);
  7. DOJ Press Release and
  8. SEC Press Release.

In this episode, I visit with Jonathan Armstrong consider some of his predictions for the rest of 2019. Even if these predictions do not become fully formed, you should consider them in light of your data privacy/data protection policies and protocols. Some of the issues and highlights are:

  1. Drones-what are the GDPR implications.
  2. The number of data breach notifications under GDPR. Through the end of January there were over 42,000 in the EU alone.
  3. Will AI and self-driving cars follow the rules on safe driving standards, or will there be new rules for the road?
  4. What will be the effects of data, big data and AI in elections going forward? What will be the fallout from Cambridge Analytica going forward?
  5. How will businesses respond to the industrialization of internet crime? What happens when there is a Zero-Day exploit?
  6. Cybersecurity insurance. Will standard insurance rules and regulations apply, or will new policy language be drafted for such coverage?

For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Next week, I begin a five-part podcast series on emerging issues in healthcare compliance with Jesse Caplan, Managing Director of Corporate Oversight at Affiliated Monitors, Inc. (AMI), the sponsor of the series. Caplan has over 30 years of experience as an attorney in both the public and private sectors, much of that time in leadership positions, including nearly 20 years with government regulatory and enforcement agencies, as General Counsel (GC) of the Massachusetts Executive Office of Health and Human Services and Chief of the Massachusetts Attorney General’s Office Consumer Protection and Antitrust Division. He has also worked in private practice with Epstein Becker & Green, P.C., a national health care law firm, while also serving as Chief Legal Counsel for Fallon Health, a Massachusetts not-for-profit HMO.

Today I begin a two-part blog post series on how compliance can be a part of the solution to the opioid crisis. To be sure there are many moving parts to this most critical health care issue; yet everyone has a role to play. I often say that a best practicescompliance program is a business solution to a legal problem. I see the same thing in the midst of the opioid crisis. There is a compliance solution that benefits all the major stakeholders, government regulators, physicians and health care providers (HCPs), consumers of opioid products and the general public as well.

The DOJ Response

In Caplan’s experience, policymakers and the healthcare industry are trying to address the opioid crisis in a number of different ways. One of those ways is to focus on the prescribing of opioids, with the goal of significantly reducing the number of people who are prescribed opioids and become addicted or who divert legally prescribed drugs. HCPs who engage in inappropriate opioid prescribing are increasingly subject to discipline by professional medical boards. They face restrictions on their licenses to practice, and, in certain cases, have had their licenses suspended or revoked. Where patients are harmed, providers face civil medical malpractice liability. Finally, in the most egregious cases, providers have been prosecuted criminally, either under the federal Controlled Substances Act or state criminal laws.

Caplan noted that the Department of Justice (DOJ), both in Washington and in individual United States Attorney’s Offices, have become more aggressive at identifying providers with problematic or suspicious opioid prescribing records. In 2017, then Attorney General Jeff Sessions announced the formation of the Opioid Fraud and Abuse Detection Unit. In his announcement he stated the DOJ would use data analytics to identify physicians who are writing opioid prescriptions at a rate that exceeds other physicians, and how many of a doctor’s patients died within 60-days of an opioid prescription.

In 2018, US Attorneys in Massachusetts and Georgia sent warning letters to physicians who had relatively high opioid prescribing histories, or physicians who may have had a patient die from an overdose, or who died for any reason within two-months of being prescribed opioids. In the letters in Massachusetts, the US Attorney reminded the physicians that prescribing opioids without a legitimate medical purpose or in excessive amounts is illegal. This raised some unanswered questions for physicians; such as: How do they ensure they are prescribing for a legitimate medical purpose or diagnosis where opioid treatment is both indicated and appropriate? What dosage or number of pills is “an excessive amount” that could put the physician at legal jeopardy?

The Legislative and Regulatory Response

Caplan began this section be stating, “The opioid crisis has resulted in new laws and regulations addressing hospital staffing, their discharge and treatment processes, limits on the quantity and dosages of opioids that can be prescribed, and mandated use of state Prescription Drug Monitoring Program (PDMPs) databases.” In February, the Center for Medicare and Medicaid Services (CMS) issued a “roadmap”to all Medicare providers focusing on “preventing new cases of opioid disorder,” “treating patients with opioid use disorders,” and “using data to target prevention and treatment activities.”

As a result of this evolving legal environment, individual physicians and physician extenders, group practices, hospitals and even insurance companies who are increasingly employing physicians, face significant regulatory and liability risks if they are engaging in inappropriate and dangerous opioid prescribing practices, or not complying with the increasingly complex prescribing laws and regulations.

There are a number of federal and state laws impacting opioid prescribing practices. Some of the more recent and significant developments include state laws limiting the quantity and dosage of opioids that can be prescribed and requiring providers to use and check PDMP databases before prescribing certain drugs to a patient. There are also more sophisticated guidelines for practitioners, including CDC Guidelinesfor prescribing opioids, which are becoming the standard of care for prescribers.

Moreover, just about every state has a PDMP database that tracks a patient’s history of opioid prescriptions. Increasingly, states require providers to check the PDMP before prescribing opioids. By checking the PDMP the physician can be informed whether the patient appears to have an addiction problem, may be doctor-shopping for opioid prescriptions, may be diverting drugs, or might be at risk for dangerous drug interactions. More and more states are passing laws limiting the quantity or dosage of opioids prescribed. Massachusetts was the first state to pass such a law in 2016 that set a seven-day limit on initial opioid prescriptions.

Caplan related that the CDC’s Guidelines are targeted to primary care physicians treating adult patients for chronic pain and are designed to improve communications between providers and patients about the benefits and risks of using opioids, and ultimately to reduce opioid addiction and overdoses. According to the CDC, the three main principles behind the Guidelines are as below and they offer 12 separate recommendations addressing each of these principles:

  1. Non-opioid therapy is preferred for chronic pain in most circumstances;
  2. The lowest possible effective dosage should be prescribed;
  3. Clinicians should always exercise caution when prescribing opioids and should closely monitor their patients who have been prescribed opioids

Caplan ended this topic by noting that all these legislative responses, regulatory schemes and aggressive enforcements suggest three key questions for healthcare organizations, which will be familiar for any compliance professional. (1) Do you have policies and procedures in place to ensure that your staff, and particularly your physicians, are aware of all the new requirements for opioid prescribing? (2) Have your providers and staff been educated in those policies and procedures? (3) And are they actually following appropriate opioid prescribing practices, and all relevant laws and regulations, including the organization’s own prescribing polices?

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2019

In a stunning resolution to one of the longest running bribery, corruption and money-laundering sagas on the international stage, the Department of Justice and Securities Exchange Commission both announced settlement of a Foreign Corrupt Practices Act (FCPA) enforcement action against the Russian telecom company, Mobile TeleSystems PJSC (MTS). This podcast continues a five-part series will examine the background facts of the case, provide a detailed review of the bribery schemes involved, the compliance failures of MTS and its actions during the investigation which contributed to the size of the penalty, the individual criminal prosecutions brought by the Department of Justice as a part of this action and the key lessons learned by the compliance practitioner. In this Part 3, I discuss the failures in the MTS compliance regime, the override of internal controls and local business unit management actions which facilitated the bribery schemes.
The schemes involved:
a. Purchase of entities controlled by or through Karimova;
b. Purchase of telecom licenses at inflated prices; and
c. Fraudulent charitable donations.
The documents which are the subject of this series are:
  1. MTS Deferred Prosecution Agreement (DPA);
  2. MTS Criminal Information (MTS Information);
  3. SEC Cease and Desist Order (Order);
  4. Karimova and Akhmedov Indictment (Indictment);
  5. Kolorit Dizayn Ink LLC Plea Agreement (Plea Agreement); and
  6. Kolorit Dizayn Ink Information (Kolorit Information);
  7. DOJ Press Release and
  8. SEC Press Release.

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly (the coolest guy in compliance) and I take a deep dive into the circumstances around the FAA approval process regarding the Boeing 737 MAX in the context of the crash in Ethiopia.We consider regulatory capture and what it might mean for US leadership in the aviation industry worldwide.

Some of the highlights include:

  • What was the process by which the plane was approved by the FAA?
  • How did the Boeing CEO persuade President Trump to prevent the FAA from grounding the Boeing fleet during the investigation process?
  • Why did the Ethiopian government send the plane’s black box to France, rather than the US, for analysis?
  • How did the US lose the world’s leadership in aviation safety?
  • Where was Boeing’s compliance function during all of this?
  • What are the lessons for the compliance practitioner?

For additional reading, see articles discussed in this podcast:

  1. In the Seattle Times, Flawed analysis, failed oversight: How Boeing, FAA certified the suspect 737 MAX flight control system, by Dominick Gates
  2. In the Wall Street Journal, Prosecutors, Transportation Department Scrutinize Development of Boeing’s 737 MAXby Andrew Tangel, Andy Pasztor and Robert Wall
  3. In Slate.com, Where Did Boeing Go Wrong? by Jeff Wise.