In this podcast I am joined by AMI Managing Director Don Stern. We consider how defense counsel can work proactively with independent monitors to help clients who may have sustained an ethical or compliance violation or are under government scrutiny for allegations of illegal misconduct in a wide variety of industries, disciplines and corporate settings. In this episode, take a deep dive into the nuts and bolts of defense counsel working with a third-part independent monitor.

We began by exploring some basic questions around the attorney/client privilege, which belongs to the client and not the lawyer. Further, if a third-party independent monitor is retained by corporate legal to perform an assessment or review, it can be done under attorney/client privilege. It designed to give the company maximum information and flexibility to not have people being concerned about the information flow. It puts company’s in a position to make a decision on the possible self-disclosure. Not every issue needs to be self-reported nor does the government want to hear about every issue.

Stern emphasized that the privilege provides a company with the ability to self-disclose and, in some cases, to protect that information at least initially without worrying about being sued by private parties or class actions are securities cases. It allows an organization to “get an unvarnished view of the facts by an outsider or it goes to the lawyer who can assess it and discuss it with the client and then make a decision.” It allows you to explore such questions as: Do we need to report it? Should we report it? How should it be reported?” It can be a very powerful tool.

The bottom line is that companies cannot simply bring in a third-party independent, get a report or findings and then put their head in the sand. Stern believes being proactive means not simply bringing in an independent third-party but also using the information developed in a proactive manner. He said, “It is being aggressively proactive in fixing your problems. It is being as transparent as possible within that particular company’s environment. Identifying and fixing the problems, not only builds confidence internally within but provides assurance to the outside world; to shareholders, the media and government regulators that you are identifying your problems and fixing them yourself. This is the way to go.”


EJ Marin is the Director of Solutions Engineering at Nakisa. His role is to see customer challenges from different angles, identify patterns, and engineer solutions for the HR function for HR professionals. He chats with Tom Fox about the changing face of HR in this week’s show.



Organizational Design and Transformation

Tom asks EJ to define organizational design. EJ shares the traditional definition of organizational design and contrasts this with his take on what it means. “Right now,” he remarks, “organizational design is more about agility [and] resilience, due to COVID and everything that’s happening… Now it’s all about adapting to the next normal: not to the new normal, but to the next things that are coming… It’s all about analyzing the organization and making sure that at the end of the day you’re adapting to the situation as fast as possible.”

Skills and capabilities that were optional before COVID, EJ points out, are essential to a company’s survival today. “Transformation needs to become a routine,” he argues. “You need to create these capabilities in your organization so you can easily reply, respond, and adapt to the new challenges that we have in the marketplace today.” Tom asks if traditional HR departments are set up for that kind of adaptation. They have to adapt quickly, he responds. Their survival depends on being agile.

EJ outlines the steps of organizational design. They include assessing the organization, creating objectives, collaboration, and making changes to the core HR systems. Nakisa helps to streamline the entire process using technology. EJ also explains the importance of HR data quality. “HR data is alive… [but] it’s very easy to get out of sync,” he tells Tom.

Diversity and Inclusion

Diversity and inclusion is a business asset. Companies that achieve it do better financially and in other areas. EJ shares three steps to help businesses go through a major transformation, such as a merger and acquisition, and keep this valuable asset.


We continue our exploration of The Goldman Sachs Group, Inc. (Goldman Sachs) Foreign Corrupt Practices Act (FCPA) settlements and related enforcement action, literally across the globe, from the state of New York to Singapore, Hong Kong, Malaysia and United Kingdom. Harry Cassin, writing in the FCPA Blog, said, “Goldman Sachs Group Inc. shattered our top ten list with a $3.3 billion FCPA settlement with the U.S. Department of Justice and Securities and Exchange Commission, sending it straight to number one. In last week’s settlement, the DOJ imposed a $2.3 billion criminal penalty, and the SEC imposed a civil penalty of $400 million and disgorgement of $606.3 million.”

Today, I want to focus on the internal control failures which lay at the basis of the Securities and Exchange Commission (SEC) Cease and Desist Order (the “SEC Order”). Before we get to those failures, I wanted to detail some of the things that the Goldman Sachs compliance function got right. It was around the myriad attempts by self-admitted FCPA felon and former Goldman Sachs Partner Timothy Leissner to have Jho Low approved into the Personal Wealth Management program (PWM). According to the Deferred Prosecution Agreement (DPA), “Leissner and [Goldman Sachs Managing Director Roger] Ng also attempted to onboard Low as a Goldman client, or otherwise work with Low, on numerous occasions in or about and between 2009 and 2013.”

Each of these attempts was rejected by the Goldman Sachs compliance function. In the first instance, a member of the firm’s Business Intelligence Group (BIG) wrote “I do not believe we will ever be able to get comfortable with this matter. I’d like to shut this down once and for all . . . It is seldom that one sees a vendor report, which has been backed up verbally by them, that so clearly states that we should exercise extreme caution.” Later attempts brought the same result. “In early 2011, Leissner tried to onboard two of Low’s companies as clients of Goldman but was unable to do so due to compliance’s continued objections to Low.”

Not being deterred one iota, Leissner made an additional attempt to bring Low on as a PWM client through Goldman’s Singapore office, without referencing the prior attempt. Low was again denied due to, among other things, his questionable source of wealth. In a March 11, 2011 email chain discussing the attempt, a high-ranking employee in compliance and MD noted, “To be clear, we have pretty much zero appetite for a relationship with this individual,” and a high-ranking employee in BIG and MD expressed, “this is a name to be avoided.””

However, when it came to the three bond transactions at issue: Project Magnolia, Project Maximus and Project Catalyze; the Goldman Sachs due diligence fell apart. For deals of this nature, Goldman Sachs had three committees review each deal: (1) The Goldman Sachs Capital Committee (GSGC); (2) Firmwide Capital Committee (FWCC) and (3) BIG. Both the company’s compliance function and FWCC had representatives on the FWCC.

In the due diligence done on Project Magnolia, employees within Goldman’s control functions suspected that Low was involved in the deal,  yet “the only step taken by the control functions to investigate that suspicion was to ask members of the deal team whether Low was involved and to accept their denials without reasonable confirmation.” There was no independent verification of the information provided by the deal team. Leissner repeated lied to anyone internally who asked if Low was involved in Project Magnolia. Yet apparently Goldman Sachs control personnel knew that Leissner was not telling them the truth, with one un-named employee stating, “Important we have no role on our side for Low and we should ask that any payments from any of [the] participants to any intermediaries are declared and transparent.” The deal was approved internally by Goldman Sachs.

In Project Maximus, both “Leissner and Ng understood and intended that Low and others would pay bribes and kickbacks to influence Malaysian and Abu Dhabi officials to obtain the necessary approvals to execute the Project Maximus bond offering.” Moreover, “once again, Goldman’s control functions simply accepted at face value the representations of the deal team members and failed to further investigate Low’s suspected involvement in this bond deal. For example, on or about June 20, 2012, a member of Goldman’s control functions asked members of the deal team, “Is Jho Low involve[d] in this transaction? Please also keep us posted if there are any other politically exposed person involve[d] in this transaction in a non-official capacity.” A deal team member responded “no”.” Finally, “Despite their continued concern, as evidenced by their repeated questions, Goldman’s control functions did not engage in electronic surveillance of Leissner’s correspondence or activities to determine whether Low was involved in the deal.”

The same pattern presented itself with Project Catalyze. The SEC Order stated, “Goldman’s control functions had continued suspicions that Low was working on the third bond deal. Once again, however, the control functions relied solely on the deal team members’ denials of Low’s involvement without any further scrutiny.” This was the third bond deal in less than 20 months, all in 2012. This obvious red flag was never investigated, let alone cleared.

What makes these control failures in the three bonds deals stand out so much is that Goldman Sachs not only knew who and what Low was but the company itself had investigated him. Further, according to the state of New York Department of Financial Services Consent Order, Goldman Sachs had a single, enterprise wide compliance function. Yet it appears that the information that was developed by the compliance function when Leissner sponsored to Low become a PWM client seemingly did not make its way to the GSCC, FWCC or BIG.

Tomorrow I will consider the fines, penalties and DPA.

On this episode of The Ethics Experts, Mary Inman joins Nick to discuss whistleblowing in the United States and around the world.

Check out more episodes, and don’t forget to subscribe on your favorite podcast platform!

In this episode, I visit with Susan Divers, Senior Advisor at LRN. It is part of my continuing series this year looking back over the past decade of Foreign Corrupt Practices Act enforcement and the evolution of compliance. Some of the topics we consider are:

  1. How the heavy emphasis on enforcement by the DOJ led to organizations investing in compliance.
  2. How did companies begin to evolve their compliance programs away from paper programs, written by lawyers for lawyers?
  3. How the first industry sweep through energy led to a pragmatic business solution to compliance throughout the energy ecosystem.
  4. The DOJ evolution in communicating information on its expectations on best practices compliance program.
  5. The change in ERM emphasis requiring each company to manage its risks.
  6. The use of data in compliance.
  7. Trends into the 2020s and beyond.