In this first emergency Compliance into the Weeds podcast, Matt Kelly and myself review the information that Michael Cohen was paid by several US and international multi-national organizations for insight on and influence upon the Trump Administration. We consider it from the compliance angle and what steps a company is going to take if it hires the President’s personal lawyer as its paid lobbyist.

For more see Matt’s blog post on Radical Compliance entitled “Oh Lord, Michael Cohen Risk Is Now a Thing

And for even more see Matt’s piece in entitled, “It’s Harder To Pay Off Foreign Governments Than The US One

In this episode of Across the Board, I visit with Preston Pugh and AIysha Hussain from the firm of Miller & Chevalier on their recent paper entitled, “A More Effective Way For Corporate Boards To Respond In A #MeToo World” which they authored with Ian Herbert. In this paper they suggest ways Boards of Directors could begin to address corporate harassment scandals. We use their article as a starting point to explore the roles and responses of Boards to the #MeToo and other corporate scandals.

With these and other scandals putting corporate brands at a fundamental risk, the days of Boards of Directors taking a hands-off approach to what was viewed as fundamentally litigation risks are over. We discuss some of the specific ways a Board can address these matters. Both Pugh and Hussain see #MeToo as compliance issues, not simple employment issues. As such they advocate a much broader remit by the Board. Some of the topics we discuss are:

  • Why is this so important for Boards right now?
  • Has this changed in the #MeToo era?
  • Do you think a Board committee should handle this issue or the full Board?
  • Who should report to the Board on this issue?

For more information go to the paper, “A More Effective Way For Corporate Boards To Respond In A #MeToo World

We continue our exploration of the Foreign Corrupt Practices Act (FCPA) enforcement action involving Panasonic Avionics Corporation (PAC) and its parent Panasonic Corporation (Panasonic). Today, I want to review the bribery schemes involved.

The penalty assessed was approximately $280 million broken down into a $137 million payment by the company’s US unit, PAC, in criminal penalties to the Department of Justice (DOJ). The Japanese parent, Panasonic, agreed to pay disgorgement of $126,900,000 and prejudgment interest of $16,299,018.93, for a total payment of $143,199,018.93 to the Securities and Exchange Commission (SEC). The DOJ resolution documents included a Deferred Prosecution Agreement(DPA) and a Criminal Information(the Information). The SEC issued a Cease and Desist Order(the SEC Order). Both the DOJand SECalso issued Press Releases.

PAC is a US subsidiary of Panasonic, the Japanese electronics giant. PAC manufactures and markets in-flight entertainment and communication systems for airlines. In many parts of the world, airlines are state owned enterprises and PAC found itself in FCPA hot water for issues around bribery and corruption with some of these foreign state-owned enterprises. Interestingly, PAC’s corruption also extended to the US domestic market and while some of its fraudulent conduct occurring in the US domestic market was detailed in the resolution documents, it is not clear how it may have worked its way into the FCPA enforcement action, other than contributing to the accounting provisions violations.

The Bribery Schemes

The first thing that jumps out are the breadth and scope of the bribery schemes. Not only did they last for almost 15 years, with the participation of top management at PAC (PAC Executives 1-4), but they also encompassed airlines across the globe and even domestically in the US. It certainly appears that bribery and corruption was a part of the business strategy and business plan of the US subsidiary. While there were no individuals identified from the Japanese parent, one can only wonder how closely, if at all, they were watching their money-making US subsidiary from the compliance perspective.

Bribing Government Officials with Consultancy Offers

There were several bribery and corruption schemes identified in the Information. One scheme was to bribe a foreign official while he was employed by a foreign government with the promise of a consulting gig after he left his employment. Using this tactic, PAC negotiated a consulting position with a foreign official at the same time this person was involved in negotiating a lucrative contract amendment on behalf of Middle East Airline with PAC. After he left the employ of the government the foreign official ultimately did little work for PAC, over a six-year period PAC made $875,000 in payments to foreign official that were accounted for in Panasonic’s accounting books and records as legitimate consulting expenses.

The Presidential Fund

A second scheme was truly Presidential in inspiration. This is so because bribe payments were made out of discretionary fund designated as “Office of the President Budget” which was controlled by un-named PAC Executive 1 (maybe the President?). This money was solely and totally at PAC Executive 1’s discretion and it was “neither reviewed nor approved by any Panasonic personnel.” This budget exceeded several hundred thousand dollars annually and was “booked on PAC’s general ledger in various categories, including travel, payroll, and consultant payments”. For over seven years, PAC Executive 1 “used the Office of the President Budget to make payments to multiple individuals, including consultants that performed limited or no work for PAC with little to no supervision by anyone at PAC.”

As early as two years into the use of the President’s Fund, PAC’s internal audit department flagged that services providers where (1) hired without following procurement department processes; (2) contracted with no oversight; and (3) paid without delivering anything tangible to PAC. The initial internal audit report stated, “consultant payments should be carefully reviewed in light of FCPA regulation [sic] due to lack of clarity in deliverables” [bold in original] and was circulated to PAC senior management but amazing (or perhaps not) this highlighted language was removed from the final audit report. In legal parlance, this is called actual knowledge.


PAC also used the tried and true method to pay bribes to corrupt third-parties. This strategy was a favorite in the Asia-Pacific region. PAC did little to no due diligence on these third-party agents;  hired agents recommended by those counter-parties they were negotiating with, hired agents with no experience in the aviation industry and made offshore payments to agents in locations other than where they purportedly delivered services and lived. PAC also actively worked to hide the identities of its third-parties in some countries by moving them to sub-agents of previously approved agents. Of course, neither PAC nor Panasonic had effective internal controls to detect this subterfuge or detect when payments to previously approved agents increased.

Domestic Corruption

Given the corruption business plan PAC senior executives utilized, it is perhaps not too surprising their unethical conduct would also be employed in the US domestic market. Here PAC bribed a domestic consultant who was employed with an airline with which PAC was negotiating to provide “non-public, inside, or otherwise sensitive information to PAC Executive 1 and others at PAC, including forwarding internal communications among Domestic Airline’s employees about PAC, information about Domestic Airline’s negotiations with a PAC competitor, and pricing information of a PAC competitor”. This domestic consultant was paid some $825,000 for this inside information and while his bribery may not have violated the foreign aspect of the FCPA, the characterization of his payments as “consulting services” by PAC and as “selling and general administrative expenses” by Panasonic violated the books and records provisions of the FCPA, as noted below.

False Books and Records

PAC worked to actively hide its corrupt payments in its books and records. The $875,000 in payments made to the former foreign official who was hired as a consultant was named as “consulting payments” on PAC’s books and records but magically became “selling and general administrative expenses” on Panasonic’s books and records. One approved sales agent was paid over $7 million which “for the benefit of at least thirteen different sub-agents were improperly booked by PAC as commission payments to PAC Sales Agent 2, when in fact they were payments to other sales agents who were otherwise ineligible to work with PAC”.

Tomorrow I will consider Panasonic’s and PAC’s conduct during the investigation and their remediation which led to a 20% discount in the overall DOJ criminal penalty.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2018

In this episode of Countdown to GDPR, Jonathan Armstrong and myself are interviewed by Laura Petrolino, the Chief Client Officer at Arment Dietrich, Inc. on the applicability of GDPR to the professional communications industry. It was a fascinating way to discuss some of the key points of GDPR in the context of one industry/profession.

Some of the topics we discussed are:

  • What are the top three areas where most businesses’ data protocols are currently not GDPR compliant?
  • Communicators deal with databases and email lists a lot. If they already have residents of the EU in their database, do they need to get them to re-opt-in, in order to be GDPR compliant?
  • Are communications agency owners liable if they are in charge of their client’s email lists or databases, and those databases aren’t GDPR compliant?
  • Article 5 says only data needed for the consented exchange is collected. Theoretically, to sign-up to download an eBook the only info really needed is an email address. Often in situations like this, we will collect additional demographic, interest, or industry information in order to create segment lists and further communicate (with content or offers specific to them). Is that no longer OK?
  • Along those same lines, if they sign-up to download an eBook and then a few months later we send them a blog post they might be interested or something else, is that against GDPR? How specific do we need to be upon sign-up about anything we might send them in the future?
  • Article 5 also says we can only keep the data for the amount of time needed. What type of timelines or guidelines should we use to know how long is too long to keep an email?
  • How would you respond to Americans who think the GDPR won’t affect them?
  • Anything else communicators should know?

For the communications specialist, you learn a lot about GDPR compliance and data privacy and protection. But the key takeaways should give you a lot to think about as far as how you use data as part of your communications strategy. They include:

  1. GDPR is an opportunity to make sure you, your organization, and/or your clients use data in a strategic and effective way.
  2. No tactic in absence of a strategy is effective. And more data isn’t necessarily better.
  3. GDPR compliance forces smart communications. It’s good for the industry and it’s good for your communications strategy.


To see Laura Petrolino’s blogs on GDPR for the communications professional check out her musing on SpinSucks:

GDPR Compliance: Everything Communicators Need to Know and

The Communicator’s GDPR Checklist and Resource Guide

In this episode, Matt Kelly and I go into the weeds to consider the recent racial incident at Starbucks store in Philadelphia where two African-American males were arrested for criminal trespass while waiting for a third colleague to join them for a business meeting. They had not purchased any products but were not engaging any type of disruptive behavior. They were released with no charges filed.

We consider several points around this incident from the compliance perspective, including the lessons for compliance officers are really about the challenges of policy and procedure at large organizations. The gap between those two requirements is filled by employee judgment — and that is where things went awry. We consider if a single solution, such as  all seats and bathrooms are reserved for patrons who have already purchased a product, create more problems than they solve. We also review the underlying premise of ‘what is Starbucks’ to see if a more robust risk assessment process might have helped identify these gaps.

This week’s discussion is literally torn from recent headlines. It provides an excellent example of the many compliance challenges every business and CCO face.

For more reading, see Matt’s blog post Starbucks and Policy Management Perilsand Tom’s blog post Starbucks and Lessons for the Compliance Practitioner in Risk Management