In this special live, on location episode, Jay Rosen and I discuss the recent SCCE 2017 Utilities and Energy Conference held in Washington DC. He hit on the highlights, topics, vendors and key note speakers. We also discuss the impact of the recently released DOJ Evaluation of Corporate Compliance Programs. Finally we have a guest appearance by Jim Moore, recently installed as SVP at Trust Point International. For a copy of the Evaluation of Corporate Compliance Programs, click here. For my two blog posts on the Evaluation, Part I and Part II.

In this episode I visit with Morrison Forrester partner James Koukios on the firm’s December newsletter on the Top Ten International Anti-Corruption Developments for December 2016. James and I visit about some of the lesser known highlights from the month of December 2016 in the global enforcement of anti-corruption.


In this final five days of my One Month to a Better Board series, I will look at inquiries and questions a Board can take to help the organization actually do compliance going forward. I begin with an exploration of how can a Board work to incorporate the compliance function into a long-term business strategy of the organization. A Board can do so by engaging with the Chief Compliance Officer and compliance function through having a strong Board which is committed to doing business ethically and incompliance with anti-corruption laws such as the FCPA and engaging actively with the CCO and compliance function. This post will begin a discuss of various tools and techniques a Board can use and engage to move to this level of engagement.

The first point is to develop a framework for incorporating compliance into your long-term strategy. This framework draws from the State Street Global Advisors’ strategy for sustainability and adapts it to compliance. To set up the framework for evaluation of the compliance function is a three-step process, which you can use to determine how comprehensive you compliance program is as a starting point.

Step 1-has the company identified the compliance issues relevant to the Board?

Step 2-has the company assessed and incorporated those compliance issues into its long-term strategy?

Step 3-has the company communicated its approach to compliance and the influence of those factors on its overall strategy?

From this initial inquiry you can move into some specific questions that the Board can use to determine the overall state of your company’s compliance program. First a Board can work to identify compliance issues material to your organization. This can be accomplished with compliance related key performance indicators, which a Board should then prioritize to elevate their impact on compliance. A Board should consider these through the life-cycle of a business line or geographic sales area. Next the Board should work to move compliance into both the long-term strategy for the company and also have the CCO detail the long-term strategy for the compliance function.

Drawing from the February release Justice Department Evaluation of Corporate Compliance Programs (Evaluation), the Board should actively work to incorporate compliance into the long term capital allocation of the company. Obviously the earlier the investment the better as it brings benefits such as benefits through brand differentiation, lowering the risk profile of the company and improving nimbleness in market responses.

The Board should oversee the incorporate of KPIs into senior management performance evaluations and compensation. Once again building upon the Evaluation which asks how the company monitors its senior leadership’s behavior and how senior leadership modelled proper behavior to subordinates, the Board should make certain systems are in place to quantify or measure performance related to compliance issues, should establish performance goals against which they measure compliance achievement and finally disclose to shareholders the material compliance issues that drive compensation, the specific goals or performance targets that management has to achieve and report on the actual performance against established goals to justify compensation payouts.

Finally the Board should work to communicate the influence of compliance factors on overall corporate strategy by demonstrating how compliance was integrated into the business. Not only is this good from a business perspective and shareholder expectation but also as the DOJ Evaluation makes clear what the government expects is the operationalization of compliance going forward.

These general factors will lead us into more specific questions that a Board can pose as we continue one month to a better board for a best practices compliance program.

Three Key Takeaways

  1. Having a long term strategy is critical.
  2. What is the Board’s framework for assessing compliance?
  3. Create KPIs to measure senior management’s actions around compliance.

Today we honor one of the most iconic moments of World War II (WWII) and one of the most famous photographs of all time, that of the Marines raising the US flag on Mount Suribachi on the island of Iwo Jima. Marine photographer Louis Lowery was with them and recorded the event. American soldiers fighting for control of Suribachi’s slopes cheered the raising of the flag, and several hours later more Marines headed up to the crest with a larger flag. Joe Rosenthal, a photographer with the Associated Press (AP), met them along the way and recorded the raising of the second flag along with a Marine still photographer and a motion-picture cameraman. Rosenthal took three photographs atop Suribachi. The first, which showed five Marines and one Navy corpsman struggling to hoist the heavy flag pole, became the most reproduced photograph in history and won him a Pulitzer Prize. While it is still uncertain, up to this day, the identities of the six men who raised the flag, one thing that is certain is what the photo meant to America in 1945 and what it still means today.

I thought about this in the context of the just released Department of Justice’s (DOJ’s) Evaluation of Corporate Compliance Programs (Evaluation), the intersection of doing compliance and operationalizing compliance at the Board of Directors. I am currently exploring how to make your Board of Directors a more integrated, functional and operationalized part of an effective compliance program through my February podcast series, One Month to a Better Board, which is available through a variety of distribution channels including this site, iTunes, Lybsyn and JDSupra.

In the Evaluation, under the prong of Oversight and Autonomy, it ask the following questions relating to the oversight responsibility of a Board of Directors regarding a compliance program, “What compliance expertise has been available on the board of directors? Have the board of directors and/or external auditors held executive or private sessions with the compliance and control functions? What types of information have the board of directors and senior management examined in their exercise of oversight in the area in which the misconduct occurred?” The clear emphasis of the DOJ Evaluation for Board’s is to actively engage in oversight and not simply sit back and accept what senior management may be feeding them.

It really does not matter what level of senior management expertise is on a Board, what matters is compliance expertise and then engagement. The Wells Fargo fraudulent accounts scandal continues to resonate in this regard. Jeff Spross, in an article entitled “The agonizingly familiar problem with Wells Fargo’s board of directors”, noted, “Wells Fargo was dogged by lawsuits and news reports for years over its poisonous sales practices, but the board only acted after Los Angeles prosecutors, federal regulators, and a pack of enraged senators acted first.”

Further, even with a diverse Board, including multiple former Chief Executive Officers (CEOs) on it and two former banking regulators, it did not “stop the board from falling into some of the same traps that bedevil the American corporate world as a whole. The fact is, boards are often way too cozy with the CEO.” As Spross went on to state, “Officially, the directors on corporate boards are elected by shareholders, and the boards then hire the CEO. In practice, boards tend to exercise pretty tight control over who goes up for election in the first place, and no single person tends to influence the process more than the CEOs themselves — effectively, CEOs often hand pick the people ostensibly meant to oversee them.” He went on to write, “A corporation’s board of directors is supposed to shepherd the long-term well-being of the company, and make sure the CEO is pursuing that same purpose. But in reality, directors and CEOs are more like members of the same tribe, floating freely from company to company, draining corporations for all the shareholder payouts they’re worth.”

Yet who can change the Board’s focus to actually represent the interest of the shareholders rather than that of senior management? Such a change will only come from shareholders who are large enough to make their voices heard; whether as loud knocking and talking activist or quietly on the inside. It is because those large institutional investors see the effects of the lack of Board engagement on their investments and in the case of large entities want better governing decisions at the Board level.

Alexandra Stevenson and Leslie Picker, writing in the New York Times (NYT) Dealb%k column in a piece entitled “Among Some Executives Who Control Trillions, the Power Tie Is a Rare Sight”, wrote California State Teachers’ Retirement System (Calstrs) wants to have their voice heard at the Board level, wants to know what Directors are doing on their behalf and just how could shareholders speak up. Such investors tend to work with senior management to quietly make changes, including in sustainability and the ethics and compliance areas. They cited to Nick Dawson, a co-founder of Proxy Insight, who said, ““there is a clear preference for behind-the-scenes engagement on these issues.” “Asset managers prefer to ensure that management teams are capable of dealing with E.S.G. [environmental, social and governance policies] issues in-house, rather than by applying external pressure”.”

Yet with Wells Fargo, or any of the companies which were embroiled in Foreign Corrupt Practices Act (FCPA) matters which recently settled, where was the Board when the company was busy paying out millions in bribes, in some cases literally across the globe? The Evaluation makes clear that the Board has a role in doing compliance and there should be compliance program expertise at the Board level, which is exercised in an actively engaged oversight responsibility. It is incumbent for these large institutional investors and hedge funds, such as State Street, through its commitment to robust ESG corporate initiatives to make a change in Board attitude.

But it will also be driven by regulators such as the DOJ. For if the DOJ specifies what and how a Board of Directors needs to do to become more engaged in compliance and there continues to be such abject failure at the Board level, they will likely bring the hammer down on a company and its Board. I fear it is this enforcement which may then lead shareholders to require the Boards of companies they invest in to do compliance at the Board level.


This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2017

In this episode, Matt Kelly and myself take a deep dive into the Department of Justice (DOJ) recent release, entitled “Evaluation of Corporate Compliance Programs” (Evaluation), which went up on the Fraud Section website on February 8.

The document is an 11-part list of questions which encapsulates the DOJ’s most current thinking on what constitutes a best practices compliance program. Within the list are some 46 different questions that a Chief Compliance Officer (CCO) or compliance practitioner can use to benchmark a compliance program. In short, it is an incredibly valuable and most significantly useful resource for every compliance practitioner.

The Evaluation, most generally, follows the DOJ and Securities and Exchange Commission’s (SEC) seminal Ten Hallmarks of an Effective Compliance Program, released in the 2012 FCPA Guidance. If there is one over-riding theme in the Evaluation, it is the DOJ’s emphasis on doing compliance as the questions posed are designed to test how far down your compliance program is incorporated into the fabric of your organization. The Evaluation is not simply a restatement of the Ten Hallmarks, as it clearly incorporates the DOJ’s evolution in what constitutes a best practices compliance program, and it certainly builds upon the information put forward in the DOJ’s FCPA Pilot Program regarding effective compliance programs, most particularly found in Prong 3 Remediation.