In this episode, I visit with Kristy Grant-Hart, founder of Spark Compliance Consulting and author of now three books in the compliance arena. We discuss her most recent book “How to Have a Wildly Successful Career in Compliance“, which will be released on Amazon.com on June 19. For those of you who have seen Kristy speak you know she is high energy and very passionate about compliance and the compliance profession. She channels that energy and passion into her latest book. In this podcast we discuss:

  • Why she wrote this book?
  • Why the winding career of a compliance professional so important?
  • Why it more important for women to “Ask for it?” around salary/comp/promotions?
  • Why moving up the corporate ladder more like climbing a jungle gym?
  • Why understanding the numbers and business plan so important to a compliance professional?
  • How does one raise their profile in the compliance profession?
  • Why is collaboration so important for a compliance professional and a corporate compliance function?

Kristy is the author of two prior books on compliance, How to Be a Wildly Effective Compliance Officerand Wildly Strategic Compliance Officer Workbook. Both are must reads for compliance professionals. Her latest entry gives solid tips and point-by-point steps on how to have a successful career in the compliance field. But it is more than simply Kristy’s thoughts as she interviewed compliance professionals from literally across the globe on how they have become wildly successful.

Yet there is one thing about the book that I think makes it most useful for every compliance practitioner out there. It is that the book works on multiple levels and for multiple stakeholders. Obviously, it is targeted and works for the compliance practitioner but it also works for a CCO who is thinking about working with senior management and a Board of Directors. Further it works on a compliance program level, with many of Kristy’s tips translating into compliance program best practices.

Finally Kristy tackles head on the issue of women succeeding in the compliance profession. She writes this chapter with clear-eyed focus; not ranting or raving but giving women the tools, they need to succeed in the compliance profession and in the greater corporate world. I found this chapter so powerful I bought a copy for my 21-year-old daughter to help prepare her for your professional career after she graduates from college.

To purchase a copy of How to Have a Wildly Successful Career in Complianceon Amazon.com, click here.

For more information on Kristy’s books, check out her site, Compliance Kristy by clicking here.

Finally for more information on Kristy’s consulting company, Spark Compliance Consulting, click here.

 

With a wild ride of FCPA cases over the past week, Jay Rosen and myself are back in the FCPA saddle  again to take a look at some of the top compliance stories from the past week.

  1. Société Générale S.A. becomes No. 5 in the Top 10 of FCPA settlements, paying $585MM for bribes paid to garner business in Libya. Dick Cassin reports in the FCPA Blog. Henry Cutter reports in the WSJ Risk and Compliance Journal. Jaclyn Jaeger gives full coverage to the FCPA and LIBOR violations in Compliance Week. (sub req’d)
  2. Legg Mason pays $71MM for being SocGen’s partner and fellow bribery schemer in Libya. Dick Cassin breaks the story (as usual) in the FCPA Blog. Tom blogs on Legg Mason hereand notes the inter-relatedness of the two matters in another blog here. The Legg Mason NPA is available here.
  3. Credit Suisse pays $47MM to settle a princeling FCPA enforcement action for its illegal hiring of sons and daughters of Chinese government officials. Dick Cassin reports in the FCPA Blog.
  4. In another princeling matter, Jonathan Browning and Donal Griffin report in Bloombergthat Deutsche Bank AG is under FCPA scrutiny for similar practices involving sons and daughters of Russian government officials.
  5. The new Director of the UK Serious Fraud Office is a Yank. See report by Dick Cassin in the FCPA Blog. Mara Lemos Stein asks if she will recharge the SFO in the WSJ Risk and Compliance Journal. The Bribery Act guys, Barry Vitou and Richard Kovalevsky QC give their take on com.
  6. Channelling his inner Churchill, Mike Volkov asks what happens when corporate leaders fail to listen. Find out in Corruption, Crime and Compliance.
  7. Netflix is more than a disruptor in movie watching and entertainment. It’s corporate governance model is also quite unique. Bill Snyder tells us how in Insights by Stanford Business.
  8. The devastating and company closing sanctions against ZTE will be lifted based upon a new deal with the Department of Commerce. Dick Cassin reports in the FCPA Blog. Anna Swanson reports in the NYT. Sam Rubenfeld reports in the WSJ Risk and Compliance Journal. Alex Lawson, writing in Law360 asks if sanction relief is now for sale?
  9. Tom announces a new Compliance Master Class, which will be held in Houston on June 21 & 22. Information and registration is available here. Learn about compliance from the guy who wrote the book on compliance.
  10. Support your local book sellers! River Oaks Bookstore, 3270 Westheimer, in Houston is now stockingThe Complete Compliance Handbook. Tom will be on hand for a book signing on Thursday, June 28 from 5:30 to 7.
  11. Tom’s new book The Complete Compliance Handbookremains a hot seller. It is available oncom. Purchase an autographed copy here. It is reviewed in the FCPA Blog, Radical Complianceand Corruption, Crime and Compliance.
  12. Tom has a great five-part series on Suspension and Debarment with AMI Managing Director Rod Grandon. Check out all five topics. Part 1-Introduction; Part 2-the differences between suspension and debarment; Part 3-Convergence of suspension and debarment and the FCPA; Part 4-what is present responsibility?; and Part 5-Remedies and Compliance. It is available on the FCPA Compliance Report, iTunes, Libsyn, YouTubeand JDSupra.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

There were two notable deaths in the sports world this week, one in baseball and one in football. They both will inform today’s blog post on Legg Mason’s Foreign Corrupt Practices Act (FCPA) enforcement action and demonstrate the positive benefits available to a company which meets the requirements in the new FCPA Corporate Enforcement Policy.From the world of baseball comes one of the lesser known players, yet one who has always stuck with me, Bruce Kison. I was huge fan of Roberto Clemente and the Pittsburgh Pirates in the ‘60s and ‘70s. Many fans remember Kison as a rookie pitcher for the ‘71 Pirates, who won the first World Series game played in Pittsburgh at night, against the Baltimore Orioles. I was in high school at that time and because game was played at night, I was able to watch it. The Orioles were up in the series 2-1 and in Game 4 rocked the Pirates starting pitcher for three runs in the top of the first. Pirates’ Manager, Danny Murtaugh, brought in the rookie, who pitched 6 scoreless innings. During that time the Pirates tied the game, then took the lead and held on to win this critical game. Baltimore manager Earl Weaversaid, “the fourth [game] was the turning point of the Series, and that Kison had been the pivotal figure. Weaver explained that with a three-run lead in the first inning and a rookie pitcher at their disposal, the Orioles never should have lost.” Pittsburgh won the series, 4-3.

Kison was a cool as a cucumber in mowing down the Orioles in Game 4 and his performance is still etched in my memory. The other sports hero who died this week was more demonstrative and is equally etched in my memory but for a more negative reason. It was Dwight Clark who made “The Catch” over Everson Walls in the 1982 NFC Championship Game, giving the San Francisco 49ers the win over my Dallas Cowboys. It marked the end of a Cowboy dynasty, led by Coach Tom Landry, which had stretched back to the late 1960s and the beginning of the 49er dynasty which led them to four Super Bowl wins in the next 8 years. “The Catch” is second only to Bart Starr’s touchdown in the 1967 Ice Bowl as the worst moment in the annuls of the storied Dallas Cowboys.

Legg Mason, Inc. (Legg Mason) also demonstrated that an entity can make a comeback through some very egregious facts and failure to self-disclose if it meets the remaining components of the new FCPA Corporate Enforcement Policy. The Department of Justice (DOJ) continued its trend to give maximum reward to companies who fully cooperate during the investigation and extensively remediate their compliance program. This was demonstrated in the Non-Prosecution Agreement(NPA) secured by the company.

Legg Mason had engaged in a straight-forward bribery scheme and the perpetrators had actively engaged to hide it from the corporate headquarters. The bribery scheme involved Société Générale S.A. (SocGen) and the entity “Permal Group Ltd. (“Permal”) a U.S.-headquartered investment management firm within Legg Mason’s International Division.” Permal acted as agent, broker and fund manager for SocGen. Permal was a group of companies who rushed into Libya, after economic sanctions were dropped against it and the country was opened to the west for investment in 2005. It was obvious to anyone who looked that all the national wealth management agencies were covered by the FCPA, as they had the following names Central Bank of Libya, the Libyan Investment Authority, the Libyan Arab Foreign Bank and the Economic and Social Development Fund.

It was also specifically clear that “By at least 2006, two Permal employees and several Société Générale employees, together with their co-conspirators, knew that the Libyan Intermediary was paying bribes and providing other improper financial benefits to Libyan government officials in order to secure financial investments for Société Générale, and willfully agreed to continue to use the Libyan Intermediary despite that knowledge.” Indeed, the actions of Permal employees continued to demonstrate they knew they were engaging in illegal conduct as they paid commissions for no work, paid commissions when no contract existed with Libyan agents and Permal, paid monies into offshore accounts in Panama, entertained state-owned enterprise officials lavishly and in locations which had no business connection to the transactions and used Libyan intermediaries who were family members or close associates of state-owned enterprise officials.

In other words, the conduct of Permal was about as pernicious as a company can engage it. Yet even with this level of activity, Legg Mason was able to obtain a NPA. What were the factors the DOJ specifically called out?

  1. Extensive cooperation – Here Legg Mason received full credit under the FCPA Corporate Enforcement Policy for “conducting a thorough and robust internal investigation; proactively bringing information” to the DOJ; making factual presentations to the DOJ, “timely and fully producing all requested documents; voluntarily making foreign-based employees available for interviews in the United States and facilitating their occurrence; entering into agreements tolling relevant statutes of limitations; and collecting, analyzing, and organizing voluminous evidence and information” for the benefit of and delivery to the DOJ.
  2. Disclosed Individuals – Legg Mason provided “all relevant facts known to it” about the individuals identified as having participated in the bribery scheme.
  3. Extensive Remediation – Legg Mason extensively remediated its compliance program and internal controls in the wake of the FCPA violations by its subsidiary. Further, the company will continue to implement its enhanced compliance obligations as set in Attachment C to the NPA and will report at regular intervals to the DOJ on their progress. The perpetrators at the Legg Mason subsidiary left the company over four years ago.
  4. Mitigating Factors – The specific facts of the matter were cited by the DOJ as mitigating the overall penalty. They included, “the misconduct in the attached Statement of Facts involved only two mid-to-lower level employees of a subsidiary of the Company and was not pervasive throughout the Company; that the employees are no longer employed by the subsidiary and have not been for at least four years; that the Company’s coconspirator — and not the Company itself — maintained the relationship with the intermediary and was responsible for originating and leading the scheme; that the profits earned by the Company in connection with the corrupt transactions described in the attached Statement of Facts were less than one-tenth of the profits earned by the Company’s co-conspirator; and that the Company has no history of similar misconduct.”

All of the above led to a 25% discount off the low end of the US Sentencing Guidelines bottom range.

In the new FCPA Corporate Enforcement Policyit states:

  1. Limited Credit for Full Cooperation and Timely and Appropriate Remediation in FCPA Matters Without Voluntary Self-Disclosure 

If a company did not voluntarily disclose its misconduct to the Department of Justice (the Department) in accordance with the standards set forth above, but later fully cooperated and timely and appropriately remediated in accordance with the standards set forth above, the company will receive, or the Department will recommend to a sentencing court, up to a 25% reduction off of the low end of the U.S.S.G. fine range.

The DOJ has now put in this component of the new Policy into an enforcement action. We previously saw the presumption of a declination come to fruition in the Dun & Bradstreet Inc. declination. The Legg Mason enforcement action provides solid information for every compliance practitioner to use in setting up compliance programs to prevent, detect and remediatein a company. It also gives companies a clear incentive to step up and follow the new policy. Now imagine if Legg Mason had self-disclosed the matter, what level of sanction would they have received?

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2018

Today is the 74thanniversary of D-Day, the day the Allied powers crossed the English Channel and landed on the beaches of Normandy, France, beginning the liberation of Western Europe. The invasion was a success as some 155,000 Allied troops – Americans, British and Canadians – had successfully stormed Normandy’s beaches. This was in addition to the 18,000 paratroopers and glider troops who had landed the night before. While almost one year of more hard fighting was in store, it was the beginning of the end for Nazi Germany. Quora.com estimates there are only “A few thousand survivors, in their early to mid-90s. A very small number in their late 90s. A scattering of centenarians. And a very rapid rate of passing at the present time period. The “few thousand” will drop to a few hundred in a very short time span.” They are forever intertwined with history.

The Department of Justice (DOJ) announced two Foreign Corrupt Practices Act (FCPA) enforcement actions earlier this week and the intertwined nature of these two enforcement actions informs today’s blog post. The first involved SocGen S.A. (SocGen), a global financial services institution based in Paris, France, and its wholly owned subsidiary, SGA Société Générale Acceptance N.V. (SGA), who agreed to pay a combined total penalty of more than $860MM to resolve charges with criminal authorities in the US and France, including $585MM relating to a multi-year scheme to pay bribes to officials in Libya. One-half of this total was credited to a fine paid in France. This makes SocGen No. 5 on the Top Ten FCPA penalty list, displacing Halliburton and its 2009 FCPA penalty of $579MM. It also comes in at No. 10 in the Top 10 International anti-corruption enforcement actions.

SocGen also agreed to a financial penalty of $275MM for violations arising from its manipulation of the London Interbank Offered Rate (LIBOR). As noted in the DOJ Press Release, SGA “will plead guilty in the Eastern District of New York in connection with the resolution of the foreign bribery case. Together with approximately $475 million in regulatory penalties and disgorgement that Société Générale has agreed to pay to the Commodity Futures Trading Commission (CFTC) in connection with the LIBOR scheme, the total penalties to be paid by the bank exceed $1 billion.” The final resolution documents for SocGen will be a Deferred Prosecution Agreement (DPA) and Criminal Information.

According to the DOJ Press Release, between 2004 and 2009, SocGen paid bribes through a Libyan “broker” in connection with 14 investments made by Libyan state-owned financial institutions. For each transaction, SocGen paid the Libyan broker a commission of between 1 ½ to 3 percent of the nominal amount of the investments made by Libyan state institutions. In total, SocGen paid the broker over $90 million, portions of which were then paid to high-level officials in order to secure the investments from various Libyan state institutions for SocGen. As a result of the corrupt scheme, SocGen obtained 13 investments and one restructuring from the Libyan state institutions worth a total of approximately $3.66BN and earned profits of approximately $523MM.

The second involved the private equity firm Legg Mason, Inc. (Legg Mason), which entered into a Non-Prosecution Agreement (NPA) with the DOJ and agreed to pay $64.2MM to resolve an investigation into violations of the FCPA in connection with Legg Mason’s participation, through a subsidiary, in a Libyan bribery scheme. The bribery scheme was a part of the scheme used by SocGen so to some extent, the enforcement actions are related.

According to the DOJ Press Releasea Legg Mason subsidiary, Permal Group Ltd. (Permal), partnered with SocGen to solicit business from state-owned financial institutions in Libya, including the Central Bank of Libya, The Libyan Arab Foreign Bank, the Economic and Social Development Fund and the Libyan Investment Authority. During this time, SocGen paid bribes through a broker in connection with 14 investments. In seven of the transactions, SocGen paid commissions to the broker to benefit Legg Mason, through its subsidiary Permal, which managed funds invested by the Libyan state institutions. In total, SocGen paid the broker over $90MM, portions of which the Libyan broker paid to high-level officials in order to secure the investments from various Libyan state institutions for SocGen. As noted, SocGen obtained 13 investments and one restructuring from the Libyan state institutions and Legg Mason, managed seven of these investments through its subsidiary Premal, and earned profits of approximately $31.6MM.

Most interestingly, neither entity self-disclosed to the US government, so they lost the chance for a declination right off the bat. With regard to SocGen, when you couple the failure to self-disclose its misconduct to the DOJ; with its substantial, though not full, cooperation with the DOJ; laid upon the seriousness of the companies’ conduct, including the high value of the bribes paid to foreign officials, you can begin to understand the high amount of the penalty. Yet these factors were tempered by the company’s “significant remediation which, together with the company’s risk profile and ongoing monitoring by L’Agence Française Anticorruption, resulted in the” DOJ determining that a monitor was not necessary in this case.”

While Legg Mason did not voluntarily and timely disclose the conduct at issue, it fully cooperated in the investigation and fully remediated. Moreover, Legg Mason’s misconduct involved only mid-to-lower level employees of Permal and was not pervasive throughout Legg Mason or Permal. SocGen, and not Legg Mason or Permal, maintained the relationship with the Libyan broker and was responsible for originating and leading the scheme; the profits earned by Legg Mason and Permal were less than one-tenth of the profits earned by SocGen. Finally, neither Legg Mason nor Permal has a history of similar misconduct.

Tomorrow I will consider the Legg Mason NPA.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2018

In this episode I visit with John Torres, the COO of Guidepost Solutions. We discuss the recent SEC enforcement action involving Yahoo and its failure to disclose data breaches in 2014, 2015 and 2016. As this was the first SEC enforcement action involving a public company for the failure to disclose to investors and shareholders information of a data breach which materially impacts an organization, Torres and I take a deep dive into the matter.

In this episode, we consider some of the following issues:

  • A discussion of the background facts in the Yahoo SEC enforcement action and why the matter is so important?
  • We consider what the SEC said was the obligation of a publicly listed company when it learns of a breach?
  • In Paragraph 9 of the SEC Order, there were a series of risk factors listed. We discuss their importance.
  • We consider when a publicly listed company must disclose a breach to outside auditors and/or outside counsel.
  • We consider the sufficiency of the penalty.

For a full copy of the SEC Order involving the Yahoo matter, click here.