In two speeches last week Department of Justice (DOJ) Acting Principal Assistant Attorney General Trevor McFadden addressed multiple topics and issues around the Foreign Corrupt Practices Act (FCPA). The first set of remarks were made in Washington DC at the Anti-Corruption, Export Controls & Sanctions (ACES) 10th Compliance Summit (the “DC speech”). The second were made at the American Conference Institute (ACI) 19th Conference on the FCPA in New York City (the “NYC speech”).

While most of the remarks echoed earlier DOJ officials, we have rarely seen such a comprehensive set of statements about the evolution in purpose for the FCPA, how businesses should comply with the FCPA and FCPA enforcement going forward into the Trump administration. I found these remarks to be so significant I will be exploring them over the next few posts. Today, I will take up the reasons for FCPA enforcement today in 2017.

The purposes of the FCPA were written into the Preamble to the original 1977 legislation. In it, Congress set out three clear policy goals for the enactment of the FCPA. First, was the public revelation that over 400 US companies had paid over $300 million to bribe foreign governments, public officials and political parties. Such payments were not only “unethical” but also “counter to the moral expectations and values of the American public”. Second was that the revelation of bribery, tended “to embarrass friendly governments, lower the esteem for the United States among the citizens of foreign nations, and lend credence to the suspicions sown by foreign opponents of the United States that American enterprises exert a corrupting influence on the political processes of their nations”. Third was by enacting such resolute legislation, US companies would be in a better position to resist demands to pay bribes made by corrupt foreign governments, their agents and representatives.

Each of the above provide mechanisms to escape liability, rather than the affirmative actions to prevent bribery and corruption. Yet early in his DC speech, McFadden brought up the concept of Corporate Social Responsibility (CSR) and articulated “at the very least it must mean that a company rejects bribery of government officials as a means to get ahead.” This is a very far cry from the business world of 1977, when the FCPA was enacted when “bribing foreign officials in order to gain business advantages abroad was often considered a routine business expense.” McFadden said that he had personally seen companies “give up potentially lucrative business opportunities or forgo entry into certain markets because they valued their brand reputations over additional profits made under dubious circumstances.” Neither CSR nor brand reputation were reasons for the original passage of the FCPA yet today they are at the forefront of corporate compliance with the law.

The harm caused by bribery and corruption has also seen a shift since 1977. The connection between bribery and corruption and terrorism has been well-documented since 9/11. However, McFadden identified several other reasons for robust enforcement of the FCPA. Corruption “impedes free competition” as it allows companies which provide substandard products and services to be awarded contracts by foreign governments and state-owned enterprises. Of course, the real losers are the citizens of those countries where contracts are awarded based on bribery and corruption. For not only do they receive suboptimal products and services under bribe-induced agreements but “these bribes actually impede economic growth, undermine democratic values and public accountability and weaken the rule of law.”

Economic growth is impeded through the diversion of funds which should be paid to a country, lining of the pockets of its officials. The country does not receive the benefit, in goods or services, that it paid for. Here one only needs to consider the words of King Abdullah of Saudi Arabia, who told then Secretary of Defense Robert Gates, he wanted to purchase arms from America, rather than from Russia or France because he did “he wanted all the Saudi money to go toward military equipment, not into Swiss bank accounts.” You might also consider how much stronger, better run and more efficient both Petrobras and Brazil would be today if the company had not allowed bribery to be the clear market differentiator, rather than quality and pricing, before Operation Car Wash.

Yet corruption damages more than the citizens of the countries where it occurs. In an area rarely discussed by the DOJ, McFadden correctly noted the damage it afflicts on businesses which engage in such behavior. The first area he highlighted was that because of the uncertainty corruption brings to a transaction, it actually increases, not decreases the cost of doing business. Simply put, once you pay a bribe, you are identified as a business which is willing to break the law and you can essentially be blackmailed into an ongoing stream of business corruption.

McFadden also pointed out the effect of companies engaging in illegal conduct on their own employees. There are not many employees, in any company anywhere in the world, who want to be known as legal scofflaws. Beyond this attitude McFadden looked at corruption from more of a Human Resource (HR) perspective when he said, “Bribery has destructive effects within businesses as well, undermining employee confidence in a company’s management.” Allowing a culture of bribery and corruption to thrive within an organization also fosters a “permissive atmosphere for other kinds of corporate misconduct, such as employee self-dealing, embezzlement, financial fraud and anti-competitive behavior.”

While McFadden laid out the above reasons that bribery and corruption is against a business’s long term interest, he added another, which the DOJ does not often discuss. Bribery and corruption is not in “the best interests” of a company’s shareholders and investors. There are two parts to the FCPA: (1) the anti-bribery provisions and (2) the accounting provisions. Companies which engage in bribery and corruption never correctly record bribes paid as bribes, at least not in their publicly available books and records. This means investors are prevented from obtaining a true and accurate picture of a company’s legal value.

I conclude today’s review of McFadden’s remarks by noting that the FCPA has made a positive impact in fighting this global scourge. Moreover, the leaders in this fight are companies and businesses which comply with anti-corruption laws such as the FCPA. McFadden stated, “we are heading in the right direction. And this is in large part thanks to our allies in the private sector –  people like you – who are leading the way in CSR and anti-corruption compliance efforts.”

The remarks by McFadden on the invidiousness of bribery and corruption demonstrate the FCPA is not captive to the underlying reasons for its passage in 1977. Application of laws evolve as businesses, society and the global community evolves. Even if the Congress which passed the law some 40 years ago did not understand, appreciate or even consider the reasons that McFadden articulated in the DC speech, they are important in today’s world.

Tomorrow I will consider the corporate response to FCPA enforcement.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

In this episode, Jay Rosen returns from a week’s trip to Walt Disney World. Jay and I have a wide-ranging discussion on some of the week’s top compliance related stories. We discuss:

  1. DOJ Criminal Division’s Acting Principal Deputy Assistant Attorney General remarks on the FCPA and its enforcement. – See text of speech by clicking here. See Matt Kelly’s blog post by clicking here.
  2. Whistleblowers in the news. See Tom’s article on the Barclay’s CEO and Amtrust in FCPA Blog and on KPMG in Compliance Week. Mike Volkov weighs on whistleblowing as indicia of corporate culture here.
  3. One year reports note that declinations are on the rise under the on the now one-year old FCPA Pilot Program. For Miller & Chevalier report click here (sub. req’d). For the Stanford University FCPA Clearinghouse Report in the Wall Street Journal, click here.
  4. Tribute to Kara Brockmeyer, retiring as head of the SEC’s FCPA Unit. See Tom’s article in Compliance Week.
  5. Jay details his upcoming conference schedule and weekend report on ethics and compliance observations from the Florida version of the Magic Kingdom.
  6. Listeners to this podcast can received a discount to Compliance Week 2017. Go to registration and enter discount code CW17TOMFOX.

Ed. Note-in March, I along with 9 others were named as the top authors in compliance in JD Supra’s 2017 annual Readers’ Choice awards recognizing firms and authors who achieved the highest visibility and engagement for their written analysis and commentary on our site during 2016. This is one of the top awards a compliance blogger can receive as JDSupra is distributed as widely as any legal or compliance site. Over the next couple of months, I will be running a feature each Friday, where I feature the top post from one of the authors. Today is Richard Bistrong with his post, “Compliance Meaningfulness: Hard to Achieve, Easy to Destroy


In an article titled, What Makes Work Meaningful – Or Meaningless by Catherine Bailey and Adrian Madden (MIT Sloan Management ReviewSummer 2016),  the authors focus upon what makes our work meaningful, with research conducted across multiple industries and responsibilities. While their findings are presented as relevant to the overall workforce, the compliance implications are significant and worthy of discussion.

In sum, meaningful work, which can be “highly motivational, leading to improved performance, commitment and satisfaction” is not easily achieved, and tends to “be intensely personal and individual.” It is not derived entirely from the workplace experience, but is often a part of how employees “see their work and its wider contribution to society in ways that matter to them as individuals.” In other words, it’s related to how an individual views their work as part a greater contribution to society outside the workplace.  However, the opposite is not true- in that meaninglessness, which drives a sense of “futility” in the workplace, is almost entirely derived from the organization and the behavior of its leaders.

So, what are the features of meaningful work? Common characteristics include:

  • Self-Transcendent: Where employees experience their work as “mattering to others more than just to themselves.” In other words, motivation is increased when work is perceived as having impact and relevance “for other individuals, groups, or the wider environment.”
  • Poignant: When work has moments of triumph under difficult circumstances, or having “solved complex, intractable problem(s).” In other words, coping and overcoming obstacles elevates a sense of satisfaction and accomplishment.
  • Reflective: Meaningfulness is not necessarily experienced ‘in the moment’ but comes in retrospect and with “reflection when people were able to see their completed work and make connections between their achievements and a wider sense of life meaning.”
  • Personal: Here a sense of meaning is actualized in the wider context of someone’s “personal life experiences” and “managers and even organizations actually mattered relatively little.”

In sum, as the authors point out, these are “complex and profound” issues which go “far beyond the relative superficialities of satisfaction or engagement- and almost never related to one’s employer or manager.”

The opposite, or meaninglessness, where people might ask themselves “why am I doing this,” is not as complex. It’s almost entirety related to “how people were treated by managers and leaders.” A few of the “seven deadly sins” which I thought as relevant to a global workforce and a compliance program, include:

  • Disconnecting people from their values. This was the greatest single factor from the research, where employees see a tension “between an organizational focus on the bottom line and the individual’s focus on the quality or professionalism of work.”
  • Taking employees for granted. “Lack of recognition for hard work by organizational leaders was frequently cited as invoking a feeling of pointlessness.”
  • Disconnecting people from supportive relationships. Here, “feelings of isolation or marginalization at work were linked with meaninglessness.”

Thus, while the ability to help employees actualize meaningfulness in their work is a not entirely dependent on an organizational and its leaders, meaninglessness is almost completely conditioned on the workplace experience.  So, what are those elements that can be addressed in the workplace that “can foster an integrated sense of holistic meaningfulness for individual employees?” In listing them, I added my own reflections as to what compliance leaders can do to enhance such effectiveness.

Organizational and job focus. Do leaders focus on the “broad purpose of the organization,” and the “positive contribution of the organization to the wider society or environment.” In Blindspots, Bazerman and Tenbrunsel share how compliance programs can contort the decision making process, where decision making is based only on the “costs and benefits of compliance versus noncompliance” without the wider ethical discussion. Thus, are compliance leaders driving the message of how the ethical decision making benefits society at large, and drives economic development, education and welfare on a global basis?

This is a great point which Kristy Grant-Hart makes in How to be A Wildly Effective Compliance Officer. As she shares, compliance efforts and programs provide a valuable contribution to making the world “a more transparent and fair place” and provide a wall against “criminal organizations, gangs, terrorism and violence.” If your workforce doesn’t see how their work is a part of that effort, it’s a huge ‘meaningful’ miss. In other words, as the authors ask, are leaders “encouraging people to see their work as meaningful by demonstrating how jobs fit with the organization’s broader purpose or serve a wider, societal benefit.”

Interactional focus. People find their work more meaningful in an interactional context when “they are in contact with others who benefit from their work” and “in an environment of supportive interpersonal relationships.” In other words, when people see the beneficiaries of their work, that drives a sense of support, and a respectful “climate among colleagues.” Thus, the challenge is to foster those relationships among colleagues, employees, managers, “and between organizational staff and worker beneficiaries.”   Here, compliance leaders have a unique opportunity to “communicate a sense of shared values and belonging” and to engage with the workforce as to how “their work has a positive impact on others.”

Compliance leaders have a unique opportunity to enable employees to find work as a meaningful experience that extends beyond the workplace.  As Kristy shares, compliance is about making “the world a better place” and as such, compliance leaders have an exceptional capacity to really drive meaningfulness into the workplace, one employee at a time, and as a collective group of contributors and beneficiaries.

In this episode, Matt Kelly pinch hits for a Walt Disney World-vacationing Jay Rosen. Matt and I have a wide-ranging discussion on some of the week’s top FCPA and compliance related stories. We discuss:

  1. Shearman & Sterling issues its Report to the Wells Fargo Board on the fraudulent account scandal. For Tom’s three-part series see Part I, Part II and Part III.
  2. United Airlines is at it again. Click here for Matt’s article on Radical Compliance. Click here for Tom’s article in Compliance Week.
  3. Interesting judicial decision on restitution from Judge Posner. See article in the Grand Jury Target blog.
  4. Barclay’s CEO penalized for trying to unmask internal and anonymous whistleblower by using corporate security and US law enforcement. See Tom’s article in Compliance Week.
  5. Matt reports on Oracle’s Modern Finance Experience conference. Click here for Matt’s blog post on Radical Compliance.

You may not recognize the full name, John Warren Geils Jr., but you probably do recognize the name J. Geils, as in the J. Geils Band, who died this week. J. Geils was ubiquitous in the 70s and early 80s with, as noted by an article in Rolling Stone, “a slew of albums during the Seventies and early Eighties. With vocalist Peter Wolf at the helm, the band became best known for singles like “Centerfold,” “Love Stinks,” “Come Back” and “Freeze-Frame,” which have since become rock radio mainstays.” The article said, “Wolf shared a short message about his former bandmate, writing, “Thinking of all the times we kicked it high and rocked down the house! R.I.P. Jay Geils.””

Geils’ death ends a feel-good band from a feel-good era of music and seems and appropriate way to conclude my look at the “Independent Directors of the Board of Wells Fargo & Company Sales Practices Investigation Report” (Rep ort) which was issued earlier this week. I want to consider the role of the legal department, the Corporate Risk Department and the lessons for the compliance professional going forward. Earlier this week, I consider the structural and control failures which contributed to the fraudulent accounts opened by the bank.

The compliance function is the easiest to discuss. Do a word search in the 110-page Report and you will find the bank’s Chief Compliance Officer (CCO) mentioned once. That is probably enough alone to tell you how and why the scandal occurred. It was not that compliance did not have a seat at the table. They did not even have a corner in the house to stand in and watch the bank’s illegal conduct.

The legal department suffered from the same decentralization as the other corporate control functions. As the Report noted, the law department had three periods of involvement with the fraudulent sales issue. The first, prior to 2013, related to “the Employment Law Section of the Enterprise Services Division encountered sales integrity issues as they worked with Human Resources personnel on terminations”. The second was between the LA Times expose in 2013 and Los Angeles country’s lawsuit against the bank in May 2015. The third was post lawsuit filing, “Litigation & Workout Division of the Law Department attempted to assess and manage Well Fargo’s exposure, including by engaging PwC to quantify the scope of the issues in terms of customer harm and potential damages.”

In the period up to mid-2013, the legal department work with the Human Resources (HR) group in “an advisory capacity in investigations, decisions regarding terminations and discussions regarding the application of Wells Fargo’s fidelity bond’s proscription against “dishonest acts.”” While the law department was not brought into to every termination, the group was part of cross-functional teams “set up to address sales integrity issues, and, in that context, lawyers identified and conveyed concerns about “reputational risk” to the Section head.” Later, groups in which law department personnel participated included one around the banks’ fidelity bond, obviously impacted by the fraudulent sales issue (which was at one time called ‘gaming’). The Report noted, “task force decided to “better educate our team members about gaming … and then hold them strictly accountable.” Its work led to the roll out of a new sales integrity training program and a reaffirmed understanding that manipulation and dishonesty were inconsistent with Wells Fargo’s core values, and compromised Wells Fargo’s integrity as an institution entrusted with its customers’ assets.”

 

In 2011, another “recurrence of sales integrity events led employment lawyers to recognize sales pressure in the Community Bank environment as a root cause of gaming cases. Lawyers in the Employment Law Section and the Deputy General Counsel responsible for the Section also began to recognize the existence of significant reputational risk to Wells Fargo arising out of sales integrity issues, particularly mass gaming cases.” Another bank task force was convened to review the sales integrity issue. The Report stated, “Again in this context, members of the Law Department recognized reputational concerns.” Think about this sentence for a minute, even the lawyers recognized the reputational risk.

In the period between publication of the LA Times exposure on the fraudulent accounts and the City of Los Angeles lawsuit, the legal department “conveyed to the Risk Committee and the Board in 2014 as a ‘noteworthy risk’” but for some reason the legal department did not identify legal risks to the bank, including, “a cascade of civil litigation, regulatory action from a host of federal and state agencies and the resulting serious harm to Wells Fargo’s reputation.” However, the information was so damaging that the Bank’s General Counsel (GC) was briefed, together with the Bank’s Chief Risk Officer (CRO). Yet after this briefing the GC did not escalate the issue any further.

After the City of Los Angeles filed its lawsuit, the legal department did what legal departments are best at, it went into full defensive mode and circled the wagons to defend the company. The Report stated, “The Law Department’s focus was principally on quantifiable monetary costs — damages, fines, penalties, restitution.” Yet even in its tradition role, the Wells Fargo legal department dropped the ball as it was confident the litigation costs and any attendant fines and penalties “would be relatively modest”. The bottom line was “the Law Department did not appreciate that sales integrity issues reflected a systemic breakdown in Wells Fargo’s culture and values and an ongoing failure to correct the widespread breaches of trust in the misuse of customers’ personal data and financial information.”

As bad as the legal department’s failures were, it was Wells Fargo’s corporate risk function which had the greatest control failure for this group and housed the company’s compliance function. Yet up until 2007, this group “focused on AML/BSA compliance and compliance with consumer credit, home mortgage disclosure and other laws. Integrity was not within its remit. The CRO added compliance to his remit in 2010 but the report noted, “The CRO did not have any line authority or directive power to enforce changes on the lines of business. He could, and did, try to exercise his influence to encourage the businesses to address risk issues and to air them more broadly within the bank.” He could only “escalate issues.” This denuded compliance function reached down into the group role of risk at the Community Bank group who did not feel their job was to address integrity issues.

To emphasize the extent that the group compliance function was worse than toothless, the Report noted that the when the CRO was told about the “high sales pressure” that led to the sales integrity issue the CRO passed this information to the group’s compliance representative; that compliance representative was told to “toe the line” and not to speak to the CRO. Who made that demand? Community Bank head Carrie Tolstedt. After the LA Times story, Tolstedt even criticized the compliance function for attempting to get internal information on the sales practices.

Even after the LA Times story and City of Los Angeles lawsuit, the compliance function, embedded within corporate risk, was “hampered to some extent by the absence of a formal governance structure for exercising oversight.” In other words, because their charter did not allow them compliance oversight, individual business units such as Community Bank and its overseer, Tolstedt, could simply refuse to cooperate with it going forward.

Lessons Learned

There are multiple lessons for every CCO, compliance professional, Board of Directors, compliance committee, compliance department and Executive Leadership Team (ELT) from the Wells Fargo fraud and this Report. The first lesson is that everything is tied together. The Department of Justice (DOJ) Evaluation of Corporate Compliance Programs focused on the operationalization of compliance. Wells Fargo is the flip side, there was no operationalization of compliance. But more than simply not being in burned into the fabric of the organization, the structure of the company did not allow compliance to even see into the bank’s illegal practices. A decentralized corporate structure can and does work for many businesses, yet it must have control oversight, which was clearly not present at Wells Fargo. If a corporate structure is so unwieldy that compliance cannot have oversight the simple fact is the structure must be tightened up.

The Wells Fargo fiasco should end (yet again) once and for all time who a CCO should report to. They must report directly to the Board of Directors. The Wells Fargo law department and HR functions, the two corporate functions with the most knowledge of the negative impacts of the high pressure sales requirements which led to the illegal tactics, did not view it as their role to bring up integrity or even culture issues. Remember the Wells Fargo legal department identified the reputational risk to the bank from the high number of litigation, unemployment claims and ancillary legal issues. Yet the CRO did nothing about it when he was briefed on it. When the City of Los Angeles filed its lawsuit, the legal department did what legal departments do, they circled the wagons to defend the company. A legal department does not exist to prevent, detect and remediate. It exists to protect the entity from all attacks; even if those attacks are merited.

The corporate compliance function must be given a governance charter which allows it to provide oversight and the ability to prevent, detect and remediate illegal and unethical conduct. The compliance function cannot be over-ridden by a business unit head who tells the group compliance representative not to speak with the head of the compliance function.

There are many other lessons to be learned from this matter and actions Wells Fargo can take to remediate its culture, structure and values; all of which led to the illegal conduct. However, some of the issues I have explored this week should provide insight to a CCO or compliance practitioner on how to move forward to structure the compliance function and inculcate their compliance program into a company.

While you are considering these issues, fire up some J. Geils on the YouTube links below:

Centerfold, click here.

Freeze-Frame, click here.

Love Stinks, click here.

Musta Got Lost, click here.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017