Malcom Young died over the weekend. He was the rhythm guitar half of brothers who founded AC/DC, the great Australian rock and roll band. Not as flamboyant as his lead guitar playing brother Angus, Malcom was the cornerstone of the band’s driving style, which really never deviated over 40 years of being the spotlight. Dan Epstein, in a Rolling Stone article, entitled “Remembering AC/DC’s Malcolm Young, Band’s Unassuming Mastermind”, wrote “Malcolm never once allowed the band to deviate from its swinging, swaggering, riff-driven course. During Malcolm’s tenure, AC/DC’s recordings featured three different lead vocalists, three different bassists and five different drummers; and yet, the band’s musical aesthetic remained so stubbornly consistent as to make the Ramones look like flighty trend-jumpers by comparison.”

What was that sound? Malcom himself described it as “Rock bands don’t really swing … a lot of rock is stiff. They don’t understand the feel, the movement, you know, the jungle of it all.” That sound led to the second highest selling rock and roll album of all-time, Back in Black a tribute to their deceased co-founder and lead singer Bon Scott.  But Malcom was the mainstay of the band and their sound. A rock guitar authority of no less than Eddie Van Halen once called him the “heart and soul of AC/DC”. He did all that while playing rhythm guitar.

Emily Glazer and Allison Prang, reporting in a Wall Street Journal piece, entitled “Wells Fargo Fires a Top Official”, wrote about the termination of a 23 year company employee, Franklin Codel, who was the head of consumer lending for the bank. Codel was terminated “over a disparaging remark he made about regulators to Greg Gwizdz, a senior mortgage official who worked under Mr. Codel and was terminated earlier this year.” His remarks “related to how so-called golden parachute payments had been limited at the bank because of its regulatory problems last year”.

One un-named source indicated, “Though it isn’t uncommon for bankers to make disparaging remarks about regulators in private, one person familiar with the matter said that given Wells Fargo’s position with a bevy of investigations, it felt the need to act.” This person noted that “Wells has to be very thoughtful and careful here. What others may do, they can’t.” The Bank’s Chief Executive Officer (CEO) Timothy Sloan, “said in a statement that as “difficult as this situation is, the decision reflects our commitment to our values and culture.”” The reporters added the termination “highlights the tense environment at the lender as it sorts through a variety of regulatory probes stemming from sales-practice issues in its retail bank.”

This is not the situation of a public comment violating an anti-disparagement clause in a settlement agreement but merely a negative comment about the terms of the resolution. Gwizdz reported the remarks to Wells Fargo and Wells reported the comment to regulators. It points up why such comments can be considered so divisive within an organization and perhaps to the reason that Wells acted so aggressively. Michael Lewis, in his book The Undoing Project, related a story from Houston Rocket General Manager (GM) Daryl Morey where he banned negative comments and even nicknames for prospective draft picks as such comments colored the perception of candidate.

The same is true when company employees engage in negative comments about a settlement agreement. I once worked in a company which was under a Deferred Prosecution Agreement (DPA) for Foreign Corrupt Practices Act (FCPA) violations. A large part of the employees’ time was spent complaining (internally) about the terms of the DPA and the requirements of the corporate monitor. At one point, the CEO was terminated for continued non-compliance with the terms of the DPA. One of the first dictates of the new CEO was to bar negative comments about both the DPA and monitor. By continually focusing on the business the DPA prevented the company from engaging in, employees lost sight of the business they could go after and garner. Simply put, if bad mouthed for long enough those negative comments become your truth. This can be particularly damaging when a company has agreed to a DPA and is trying to clean itself up going forward.

The issue for Codel was that Wells was restricted in its ability to give golden parachutes to employees who were terminated as a result of the fraudulent account scandal. Yet the termination also relates to the company’s attitude going forward. If company employees are going to complain about complying with the terms of the settlement; they will be less likely to focus on the solution they need to implement going forward. When you have a senior executive who makes such negative comments that a terminated employees reports it to his former employer, this is beyond the pale. Wells noted, “The dismissal was the result of Codel’s acting in a manner that was contrary to the company’s policies and expectations of its senior leaders during a communication he had with a former team member regarding that team member’s earlier termination.”

How does all of this relate to Malcom Young? Young did the spade work for the band in playing rhythm guitar. It was not flashy but it kept the sound tight and, most importantly for AC/DC fans, consistent. If Wells Fargo is going to change its culture of skirting the rules to make money and get itself in compliance; it must have the steadiness of the management team all moving the same way. That means a senior executive vice president such as Codel cannot be seen disparaging the terms under which the bank now finds itself. It is not under such scrutiny for following the law and not engaging in fraudulent conduct. Senior executives must take the lead to create a new cultural ethos. Whining, moaning, complaining and disparaging the terms a company is under for a corporate resolution is certainly not the way to do so.

Join me for the Doing Compliance Master Class in NYC on November 28 & 29. Registration and information here.


This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2017



In this episode, Matt Kelly and I take a deep dive into the Cardinal Health corporate governance imbroglio. In it, a disgruntled shareholder, the Teamsters Pension fund brought a motion to have the CEO stripped of his title as Chairman of the Board. Although the motion failed, the Teamsters prevailed as the company took the requested step and separated the position. This matter included complaints about GC/CCO pay where those roles were held by one person who received a sizeable bonus even though the company did not meet its financial goals.

We consider the joint role of a GC-CCO and the potential corporate governance issues involved when the roles are held by one person. Does this create an irreconcilable conflict? What are the different functions of the General Counsel and the Chief Compliance Officer and how should we interpret a bonus payment? Should it be for one role or both roles. How does a joint GC-CCO role impeded the work of each corporate function individually? Finally, we consider how shareholder activism may now impact not only corporate governance but also corporate structures in functions such as compliance. What does this mean for the compliance function and Chief Compliance Officers going forward.

We also touch on the role of compliance in drug distribution companies which have been drug into the opioid crisis. Cardinal Health shipped drugs totaling up to 55 pills for every person in the state of West Virginia to one town in that state. What, if anything, should the compliance function do in such a situation?

This case makes a fascinating case study in corporate governance and much more.

For more information, see Matt Kelly’s blog posts

Compliance Lessons in the Cardinal Governance Fight and

Teamsters Blast Cardinal Health Compliance Efforts

In this episode, I am interviewed by Jonathan Armstrong, a partner at Cordery Compliance in London on the implications of the Paradise Papers and Saudi Arabian corruption crackdown for the compliance practitioner.

What every international business person should absolutely remember that there is no country in the world which makes bribery and corruption legal by statute. That means if and when a government decides to clamp down on what may have been a long-standing accepted business practice, of which you have been an active participant, there is nowhere to hide and very few places to hide. Witness GlaxoSmithKline PLC (GSK) in China in 2013 and 2014 where the Chinese subsidiary unit President returned to China to be criminally charged and convicted. He was summarily deported back to the UK where GSK almost as quickly summarily terminated him from his employment. Now we have the omens of a potentially equally seismic event, this time from Saudi Arabia.

In the Paradise Papers, it exposed mainly US and UK companies which use legal tax evasion strategies by moving to low tax rate havens. While these strategies may be legal, the reputational fallout may be greater for the companies doing business with them. How much do you really know about your third party partners, business venture partners or Supply Chain partners? Why is it important to know with whom you are doing business from the compliance perspective?

What can the compliance practitioner do in both situations to protect your company? What processes do you have in place to prevent or protect yourself from compliance contagion? How will your company respond when regulators or the press comes knocking? All of these questions and many more are raised by these most recent and very public events.

For more information, see my blog post Saudi Arabia Has a Corruption Crackdown – What is Your Response?


Jay and I return for a wide-ranging discussion on some of the top compliance and ethics related stories of the week, including:

  1. Justice Department announces 4 guilty pleas and one indictment as follow on prosecutions from the Rolls Royce corruption case. See Tom’s article in the FCPA Compliance Report. See Sam Rubenfeld’s article in WSJ Risk and Compliance Report.
  2. Dick Cassin asks if the SEC is targeting foreign companies for FCPA enforcement. See article by Dick Cassin in the FCPA Blog.
  3. Hui Chen suggests there should be more FCPA enforcement of US domestic companies, reviews monitorships and the FCPA Pilot Program. Henry Cutter interviews Chen in the WSJ Risk and Compliance Report.
  4. Saudi Arabia has a corruption crackdown. What does it mean for the compliance practitioner? See Tom’s article in FCPA Compliance Report.
  5. What happens if your General Counsel is also your CCO? Joe Murphy explores this conundrum in the SCCE Blog.
  6. What will become of the DOJ’s Evaluation of Corporate Compliance Programs? Matt Kelly explores in Radical Compliance.
  7. What do the Paradise Papers mean for the compliance practitioner. Sam Rubenfeld considers in the WSJ Risk and Compliance Journal.
  8. Mike Volkov has a two-part series on the intersection of COSO and compliance. Part I on the framework; Part II on using the framework to break down siloes.
  9. AML concerns. Adam Davidson returns to the Compliance Report-International Edition podcast to explain the intersection of money-laundering and the Trump business empire. DAG Rod Rosenstein discusses the intersection of FCPA, AML prosecutions and international investigations in a speech to Clearing House 2017 Annual Conference.
  10. Join Tom’s monthly podcast series on One Month to a More Effective Compliance Program. In November, I consider how a 360-degree view of communications can enhance your compliance program. This month’s sponsor is the Dun & Bradstreet. It is available on the FCPA Compliance Report, iTunes, Libsyn, YouTube and JDSupra.
  11. FCPA Master Class Training in NYC on November 28 & 29. For information and registration, go here.

For those who might have wondered if the Sessions Justice Department (DOJ) was going to enforce the Foreign Corrupt Practices Act (FCPA), that question seems to have been answered in the affirmative. In September, the DOJ and Securities and Exchange Commission (SEC) announced the largest FCPA fine ever, that being against Telia Company at $965MM. Now we have five criminal matters involving individuals who all were involved in the Rolls Royce Ltd. (RR) corruption case, in which the corporate matter had been resolved in January before the new administration took power. There were four guilty pleas and one Indictment of a defendant on the lam.

Yesterday, the DOJ announced it had secured guilty pleas from four individuals. According to the DOJ Press Release, they were: James Finley, who had been a Vice President and Global Head of Sales of Rolls-Royce’s Energy Division pled guilty on July 28, to one count of conspiracy to violate the FCPA and one count of violating the FCPA.”  Aloysius Johannes Jozef Zuurhout, who was a Director of an international engineering consulting firm which worked for Rolls-Royce’s former customer in Kazakhstan, Andreas Kohler, who had been a Sales Manager of Rolls-Royce’s Energy Division and Keith Barnett, who had been a Regional Director of Rolls-Royce’s Energy Division all “pled guilty to one count of conspiracy to violate the FCPA”. Additionally there was one Indictment brought against Petros Contoguris, who had acted as an intermediary of Rolls-Royce in Kazakhstan, was charged with one count of conspiracy to violate the FCPA, one count of conspiracy to launder money, seven counts of violating the FCPA and 10 counts of money laundering.

All of the individual were involved in a wide-ranging corruption scheme used by RR to pay bribes to receive international contracts, primarily around a gas pipeline in Central Asia which it built for a Joint Venture (JV) owned by Kazakhstan and Chinese state-owned enterprises. According to the BBC, “In exchange for the payments, Rolls-Royce Energy Systems Inc, which is a US subsidiary of the UK engineering giant, won work with Asia Gas Pipeline which is building and connecting a gas pipeline between central Asia and China. Mr Finlay, a former senior executive in energy at Rolls-Royce, pleaded guilty on to one count of conspiracy to violate the Foreign Corrupt Practices Act and one count of violating the act. Mr Barnett, a former regional director in energy at Rolls-Royce, Mr Zuurhout, previously an energy sales employee at the company and Mr Kohler each pleaded guilty to one count of conspiracy to violate the Foreign Corrupt Practices Act.”

In addition to answering the question of whether the Sessions DOJ would prosecute FCPA cases, it also demonstrated the continuing international cooperation in investigations and enforcement. Obviously the lion’s share of the fines and penalties against RR are going to the UK government for the spade work done by the UK Serious Fraud Office (SFO). Yet these guilty pleas and indictment demonstrate the cooperation when it comes to individual enforcement as well. The DOJ Press Release noted, “The Criminal Division’s Office of International Affairs provided significant assistance in this matter. The United Kingdom’s Serious Fraud Office provided significant cooperation and assistance in this matter, as did law enforcement colleagues in Brazil, which both coordinated with the Department to reach simultaneous resolutions with Rolls-Royce. The Department also thanks its law enforcement colleagues in Austria, Germany, the Netherlands, Singapore and Turkey.”

For the compliance practitioner there was some interesting information on the bribery scheme as well. According to the Contoguris Indictment it is alleged that, by working with employees of Technical Advisor, an international engineering consulting firm, he and defendant Kohler, “devised a scheme with Rolls-Royce executives and employees, including Zuurhout, Barnett and Finley, where Rolls-Royce would pay kickbacks to the Technical Advisor employees, and bribes to at least one foreign official, and disguise these payments as commissions to Contoguris’s company, Gravitas, in exchange for helping Rolls-Royce win contracts with Asia Gas Pipeline LLP (AGP).”

AGP was created to build and connect a gas pipeline between Central Asia and China. The Technical Advisor purported to provide independent engineering consulting advice and other services to AGP. After AGP awarded RR a contract in November 2009, worth approximately $145MM, RR “made commission payments to Gravitas, and Contoguris then passed a portion of those commission payments onto the Technical Advisor employees knowing that they would share that money with a foreign official consistent with their corrupt agreement.”

Rather amazingly (or perhaps stupidly) there were a number of meetings, phone calls, emails and other forms of communications originating from or to the US. Also there were money transfers through the US banking system. One can only assume the defendants were extremely arrogant in thinking they would not be discovered, caught or arrested. RR kept its collective corporate response short and sweet, only saying, as reported in The Guardian, “A spokesperson for the company said: “Rolls-Royce has committed to full ongoing co-operation with the Department of Justice and cannot comment on action against individuals.””

While it is not clear if there are other indictments or guilty pleas in the works from the US side of the Atlantic, it will certainly be interesting to see if the SFO brings any individual criminal charges. Yet for the US compliance practitioner, this fall is shaping up to be quite an interesting quarter going forward for FCPA cases, first with Telia Company and now these individual actions. Of course, Wal-Mart is still hanging out there as are several other long-standing FCPA investigations.

Additionally the SFO stated in a Press Release that “The SFO’s investigation in respect of the conduct of individuals in Rolls-Royce Civil, Defence, Marine and former Energy Divisions continues. The SFO and DOJ continue to cooperate in their parallel investigations.” This may portend additional individual prosecutions in either the UK or US.

Overlaid on all of these matters is the announced DOJ review of the various Memos, FCPA Pilot Program and other information which has been released over the past few years by the DOJ on its expectations for companies and compliance programs. November is traditionally the time when the DOJ both brings out new information in speeches at conferences and wraps-up where enforcement has gone over the past year. Hopefully it will continue to be an informative end of the FCPA year.


This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2017