In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we take a look at the recent UK Supreme Court decision in the KBR document production case. KBR succeeded in its UK Supreme Court battle with the Serious Fraud Office (SFO). The case is interesting both in connection with the seizure of documents in SFO investigations and the sometimes criticized Section 2 notice procedure, which the UK Supreme Court held was unlawful in this case.

Highlights Include:

·      What was this case about?

·      Why was it so important?

·      What is a Section 2 Notice?

·      What about extra-territoriality?

·      What was the Court’s decision based on?

·      Lessons for the compliance professional.

·      Wither the SFO?


Check out the Cordery Compliance Client alert on the KBR decision here.

Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

This week, I have been reviewing the recent court decision involving Citibank. The bank was attempting to recoup some $500 million of a total of $900 million it erroneously wired out on behalf of Revlon to Revlon’s creditors. The full District Court opinion is available here. Previously I have reviewed the facts and legal arguments and the compliance lessons learned. Today I want to consider whether the matter was so unusual as to qualify as a Black Swan event and what that might mean in a court of law and in the court of public opinion. For a more verbal take on the case, listen to Matt Kelly and myself on this week’s Compliance into the Weeds.

First, with a tip of the hat to the Ex-Pats and Section 3; let us explore the reason this case is influenced by a long-ago case involving the rule of capture;  Pierson v. Post, decided in 1805. Post was on the trail of a fox. As he neared killing it, one Pierson came upon the scene and did so, taking the fox as his capture. Post sued claiming he held the right to the fox under the right of pursuit and won at the trial court. The decision was reversed by the appeals court, which found giving chase was not enough. The Court stated, “If the first seeing, starting, or pursuing such animals, without having so wounded, circumvented or ensnared the animal, so as to deprive them of their natural liberty, and subject them to the control of their pursuer, should afford the basis of actions against others for intercepting and killing them, it would prove a fertile course of quarrels and litigation.”

The way Pierson v. Post influences the Citibank case is its grounding in public policy reasons for the decision. That policy was that mere pursuit alone, was not enough to invoke capture. A hunter had to slay the quarry. Only through the finality of slaying would you have one clear determinant of ownership. Otherwise, there could be numerous claimants alleging chase alone is enough to convey property rights. Finally, and as I noted those many years ago, I still object to the description of the fox as a “wild and noxious beast”.

Black Swan or Foreseeable Event

Citibank tried to argue the erroneous payment of $900 million to the creditors of Revlon was a Black Swan event. The court stated, “In other words, the mistake here was the proverbial “Black Swan” event. See generally NASSIM NICHOLAS TALEB, THE BLACK SWAN: THE IMPACT OF THE HIGHLY IMPROBABLE (2007).” The Black Swan event was not that a mistake happened but one of the size of the payment which erroneously went out the door, nearly $1 billion.

The problem with this characterization is that the basic issue, wiring monies out of the bank, in the manner prescribed by the specific facts of this transaction were known within Citibank. Initially, the Court stated, “On Flexcube, the easiest (or perhaps only) way to execute the transaction”. Clearly this type of transaction was anticipated because the software could handle it. Next, the Flexcube software had specific instructions (Documentation) on how to handle the transaction. The Court opinion stated, “The Fund Sighting Manual [Documentation] explains that, in order to suppress payment of a principal amount, “ALL of the below field[s] must be set to the wash account: FRONT[;] FUND[; and] PRINCIPAL” — meaning that the employee had to check all three of those boxes and input the wash account number into the relevant fields.” Apparently either the software manufacturer had anticipated this type of transaction or it could have been Citibank employees themselves who created the Documentation. The Court opinion is silent upon that question. But whichever it is, the same conclusion can be drawn, the event was foreseeable.

Citibank tried to argue that the unforced error was so large, that alone qualified it as a Black Swan event. Here the Court opinion stated, “Citibank’s own witnesses could not identify a single instance in which the bank — or, indeed, any bank — had made an error of similar magnitude. “[Q:] Can you recall any instance in your 15-year career . . . in which Citibank made a mistake in transferring more than $50 million? [A:] I don’t recall.”; “[Q:] [I]n your 22 years in the industry, you are not aware of an error of this size having occurred anywhere, whether within Citibank or any other bank? [A:] Correct.”). [citations omitted]

Yet it was this seeming logic which fed upon itself, dooming Citibank and favoring the creditors. Here the Court stated, “Given a choice between assuming that Revlon had paid off the 2016 Term Loan early — as borrowers sometimes do and assuming that Citibank or Revlon had mistakenly transferred over $900 million — something no bank may have ever done before (and may never do again) — it would have been borderline irrational to choose the latter. “It seemed far more likely to me that Citibank had made the August 11th payments on purpose but without a contemporaneous notice, than that Citibank had accidentally transferred hundreds of millions of dollars to multiple lenders in the exact amounts they were owed.”. [citations omitted]

The Court thus concluded, “the Lenders’ inference was rationally and reasonably based on the fact the Calculation Statements, sent shortly before the payments, characterized the interest payments as “due” — in each case, no fewer than six times, in fact. Put another way, it was not reasonable for the creditors receiving the money to conclude a mistake had been made. “Considering this fact together with the other reasons recipients of the August 11th wire transfers would have reasonably thought the payments were intentional — the fact that they equaled to the penny the amount of principal and interest outstanding and the fact that no bank had ever made a mistake of a similar nature or magnitude — it would have been downright irrational to conclude that a mistake had occurred.”

This entire argument around Black Swan events seems to me to be almost a red herring. Citibank did handle transactions of this type and had done so in the past. The only question was how costly the mistake could be for the bank. There were software instructions in the form of documentation which clearly instructed Citibank employees (or those outsourced workers) handling the Citibank account on the precise steps to take. Was this documentation consulted? Was there effective training? Those questions were not addressed by the Court.

In other words, it was foreseeable that a mistake could occur. That also means it was foreseeable to have an internal control in place around this issue. Whether you want to go with a Tom Fox style transaction control or a Matt Kelly style process control; either one would have provided yet more oversight to ensure the event did not occur. For the compliance professional or anyone in charge of a risk register, the matter presents an awful lesson on what can happen when the worst happens.

How does all this tie into Pierson v. Post? Both cases relate to the need for certainty in the law. The discharge for value exception is based upon a public policy formulation. Obviously there needs to be a way to unwind transactions which are in error. Yet, equally importantly, any debtor who receives not only the full payment but exact down to the penny payment should be able to rely on that payment. It should not be the burden of every discharged creditor to check and see if a final payment was intentionally and correctly sent. That burden should be on the person or entity making the payment.

I hope you have enjoyed this series. I would urge readers of the blog, especially lawyers, to read the entire opinion which details the actions and decisions made after the payment which influenced the Court’s approval of the discharge for value doctrine in this case. Finally, several people have inquired as to whether the Court took up the question of whether Revlon owes any monies back to Citibank for the error. The Court did not have that question before it and did not opine on it.

Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.

In this episode, Lisa speaks with Joya Williams, who has had a front row seat to some of the most fascinating moments in recent ethics and compliance history at Enron and again with the Gulf Oil spill in 2016.  After seeing the fallout from Enron in 2001, and working in ethics and compliance immediately thereafter, she saw the impact and need for that work.  That has guided her professional life.

Joya talks about her experiences and how she has built a network for herself and others by building the Greater Houston Business and Ethics Roundtable and working with Smith Texas College to build a compliance program.

As this is the last week of Black History Month, it was important to recognize the work of someone like Joya, who embodies a GWIC in how she gives back to her community – local, professional and educational.  She also talks about the importance of increasing the number of Black Chief Compliance Officer roles and to increase diversity in the ethics and compliance space and ends the interview with a wonderful quote from Shirley Chisholm.

You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.

Lisa and Mary have extended the Great Women in Compliance brand to the book “Sending the Elevator Back Down: What We’ve Learned from Great Women in Compliance” (CCI Press, 2020) which can be found on Amazon and features valuable wisdom and advice from Great Women in Compliance across the world.

If you’ve already read the booked and liked it, will you help out other women to make the decision to leverage off the tips and advice given by rating the book and giving it a glowing review on Amazon?

As always we are so grateful for all of your support and if you have any feedback or suggestions for our 2021 line up, or would just like to reach out and say hello, we always welcome hearing from our listeners.

Join the Great Women in Compliance community on LinkedIn here.

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week Matt and Tom take a deep dive into one of the most delicious legal decisions recently seen: the attempt by Citibank to recoup $500MM of the $900MM it erroneously wired out on behalf of Revlon.

Some of the issues we consider are:

  • How did this Fubar occur?
  • What was the role of complexity?
  • Why did the employees make this mistake?
  • What about training?
  • Where were internal controls?
  • What is the ‘value for discharge’ defense?
  • Does this all just come down to finders keepers?
  • What are the compliance lessons? 


Tom’s blog posts on the FCPA Compliance and Ethics Blog:

Too Complex to Succeed: Citibank Incorrect Wires Out $900MM: Part 1 – The Facts

Too Complex to Succeed: Citibank Incorrect Wires Out $900MM: Part 2 – Lessons Learned

 The Citibank decision