You may not recognize the full name, John Warren Geils Jr., but you probably do recognize the name J. Geils, as in the J. Geils Band, who died this week. J. Geils was ubiquitous in the 70s and early 80s with, as noted by an article in Rolling Stone, “a slew of albums during the Seventies and early Eighties. With vocalist Peter Wolf at the helm, the band became best known for singles like “Centerfold,” “Love Stinks,” “Come Back” and “Freeze-Frame,” which have since become rock radio mainstays.” The article said, “Wolf shared a short message about his former bandmate, writing, “Thinking of all the times we kicked it high and rocked down the house! R.I.P. Jay Geils.””

Geils’ death ends a feel-good band from a feel-good era of music and seems and appropriate way to conclude my look at the “Independent Directors of the Board of Wells Fargo & Company Sales Practices Investigation Report” (Rep ort) which was issued earlier this week. I want to consider the role of the legal department, the Corporate Risk Department and the lessons for the compliance professional going forward. Earlier this week, I consider the structural and control failures which contributed to the fraudulent accounts opened by the bank.

The compliance function is the easiest to discuss. Do a word search in the 110-page Report and you will find the bank’s Chief Compliance Officer (CCO) mentioned once. That is probably enough alone to tell you how and why the scandal occurred. It was not that compliance did not have a seat at the table. They did not even have a corner in the house to stand in and watch the bank’s illegal conduct.

The legal department suffered from the same decentralization as the other corporate control functions. As the Report noted, the law department had three periods of involvement with the fraudulent sales issue. The first, prior to 2013, related to “the Employment Law Section of the Enterprise Services Division encountered sales integrity issues as they worked with Human Resources personnel on terminations”. The second was between the LA Times expose in 2013 and Los Angeles country’s lawsuit against the bank in May 2015. The third was post lawsuit filing, “Litigation & Workout Division of the Law Department attempted to assess and manage Well Fargo’s exposure, including by engaging PwC to quantify the scope of the issues in terms of customer harm and potential damages.”

In the period up to mid-2013, the legal department work with the Human Resources (HR) group in “an advisory capacity in investigations, decisions regarding terminations and discussions regarding the application of Wells Fargo’s fidelity bond’s proscription against “dishonest acts.”” While the law department was not brought into to every termination, the group was part of cross-functional teams “set up to address sales integrity issues, and, in that context, lawyers identified and conveyed concerns about “reputational risk” to the Section head.” Later, groups in which law department personnel participated included one around the banks’ fidelity bond, obviously impacted by the fraudulent sales issue (which was at one time called ‘gaming’). The Report noted, “task force decided to “better educate our team members about gaming … and then hold them strictly accountable.” Its work led to the roll out of a new sales integrity training program and a reaffirmed understanding that manipulation and dishonesty were inconsistent with Wells Fargo’s core values, and compromised Wells Fargo’s integrity as an institution entrusted with its customers’ assets.”

 

In 2011, another “recurrence of sales integrity events led employment lawyers to recognize sales pressure in the Community Bank environment as a root cause of gaming cases. Lawyers in the Employment Law Section and the Deputy General Counsel responsible for the Section also began to recognize the existence of significant reputational risk to Wells Fargo arising out of sales integrity issues, particularly mass gaming cases.” Another bank task force was convened to review the sales integrity issue. The Report stated, “Again in this context, members of the Law Department recognized reputational concerns.” Think about this sentence for a minute, even the lawyers recognized the reputational risk.

In the period between publication of the LA Times exposure on the fraudulent accounts and the City of Los Angeles lawsuit, the legal department “conveyed to the Risk Committee and the Board in 2014 as a ‘noteworthy risk’” but for some reason the legal department did not identify legal risks to the bank, including, “a cascade of civil litigation, regulatory action from a host of federal and state agencies and the resulting serious harm to Wells Fargo’s reputation.” However, the information was so damaging that the Bank’s General Counsel (GC) was briefed, together with the Bank’s Chief Risk Officer (CRO). Yet after this briefing the GC did not escalate the issue any further.

After the City of Los Angeles filed its lawsuit, the legal department did what legal departments are best at, it went into full defensive mode and circled the wagons to defend the company. The Report stated, “The Law Department’s focus was principally on quantifiable monetary costs — damages, fines, penalties, restitution.” Yet even in its tradition role, the Wells Fargo legal department dropped the ball as it was confident the litigation costs and any attendant fines and penalties “would be relatively modest”. The bottom line was “the Law Department did not appreciate that sales integrity issues reflected a systemic breakdown in Wells Fargo’s culture and values and an ongoing failure to correct the widespread breaches of trust in the misuse of customers’ personal data and financial information.”

As bad as the legal department’s failures were, it was Wells Fargo’s corporate risk function which had the greatest control failure for this group and housed the company’s compliance function. Yet up until 2007, this group “focused on AML/BSA compliance and compliance with consumer credit, home mortgage disclosure and other laws. Integrity was not within its remit. The CRO added compliance to his remit in 2010 but the report noted, “The CRO did not have any line authority or directive power to enforce changes on the lines of business. He could, and did, try to exercise his influence to encourage the businesses to address risk issues and to air them more broadly within the bank.” He could only “escalate issues.” This denuded compliance function reached down into the group role of risk at the Community Bank group who did not feel their job was to address integrity issues.

To emphasize the extent that the group compliance function was worse than toothless, the Report noted that the when the CRO was told about the “high sales pressure” that led to the sales integrity issue the CRO passed this information to the group’s compliance representative; that compliance representative was told to “toe the line” and not to speak to the CRO. Who made that demand? Community Bank head Carrie Tolstedt. After the LA Times story, Tolstedt even criticized the compliance function for attempting to get internal information on the sales practices.

Even after the LA Times story and City of Los Angeles lawsuit, the compliance function, embedded within corporate risk, was “hampered to some extent by the absence of a formal governance structure for exercising oversight.” In other words, because their charter did not allow them compliance oversight, individual business units such as Community Bank and its overseer, Tolstedt, could simply refuse to cooperate with it going forward.

Lessons Learned

There are multiple lessons for every CCO, compliance professional, Board of Directors, compliance committee, compliance department and Executive Leadership Team (ELT) from the Wells Fargo fraud and this Report. The first lesson is that everything is tied together. The Department of Justice (DOJ) Evaluation of Corporate Compliance Programs focused on the operationalization of compliance. Wells Fargo is the flip side, there was no operationalization of compliance. But more than simply not being in burned into the fabric of the organization, the structure of the company did not allow compliance to even see into the bank’s illegal practices. A decentralized corporate structure can and does work for many businesses, yet it must have control oversight, which was clearly not present at Wells Fargo. If a corporate structure is so unwieldy that compliance cannot have oversight the simple fact is the structure must be tightened up.

The Wells Fargo fiasco should end (yet again) once and for all time who a CCO should report to. They must report directly to the Board of Directors. The Wells Fargo law department and HR functions, the two corporate functions with the most knowledge of the negative impacts of the high pressure sales requirements which led to the illegal tactics, did not view it as their role to bring up integrity or even culture issues. Remember the Wells Fargo legal department identified the reputational risk to the bank from the high number of litigation, unemployment claims and ancillary legal issues. Yet the CRO did nothing about it when he was briefed on it. When the City of Los Angeles filed its lawsuit, the legal department did what legal departments do, they circled the wagons to defend the company. A legal department does not exist to prevent, detect and remediate. It exists to protect the entity from all attacks; even if those attacks are merited.

The corporate compliance function must be given a governance charter which allows it to provide oversight and the ability to prevent, detect and remediate illegal and unethical conduct. The compliance function cannot be over-ridden by a business unit head who tells the group compliance representative not to speak with the head of the compliance function.

There are many other lessons to be learned from this matter and actions Wells Fargo can take to remediate its culture, structure and values; all of which led to the illegal conduct. However, some of the issues I have explored this week should provide insight to a CCO or compliance practitioner on how to move forward to structure the compliance function and inculcate their compliance program into a company.

While you are considering these issues, fire up some J. Geils on the YouTube links below:

Centerfold, click here.

Freeze-Frame, click here.

Love Stinks, click here.

Musta Got Lost, click here.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

In this episode Matt Kelly and I take a deep dive into the recent kerfuffle involving United Airlines and its policy which prevented to teenaged girls from boarding a flight wearing leggings. Was United within its rights to exclude the passengers for inappropriate dress? Is the policy valid? Did the gate agent receive appropriate training to make their decision? In the world of today, social media accelerates the ability to judge, without improving the ability to judge. For ethics & compliance officers, that means every compliance risk is now magnified into a reputation risk. Finally, we consider Matt’s closing sentence, “Training, values, culture, judgment. Funny how those four things keep cropping up, isn’t it?” and what it means for compliance.

For more insight, read Matt’s blog post, “United’s Policy Management Lessons

In this episode, Jay and I have a wide-ranging discussion on compliance and ethics. We discuss:

  1. Why powerful people fail to stop bad behavior by their underlings. Click here for the article.
  2. Some policy management lesson, courtesy United Airlines. Click here for Matt Kelly’s article on Radical Compliance.
  3. Why you shouldn’t linger too long in the wrong compliance position. See Julie DiMauro’s blog post on the FCPA Blog.
  4. Bribe recipient in the Gerald and Patricia Green FCPA case gets 50 years in prison. See article in the FCPA Blog.
  5. Using data to operationalize your compliance program. Read Tom’s blog post, by clicking here.
  6. What the New York state Department of Financial Services new regulation on cybersecurity for financial services companies means for compliance officers. See Tom’s blog post by clicking here.
  7. Jay previews his weekend report.

Jay Rosen new contact information:

Jay Rosen, CCEP

Vice President, Business Development

Monitoring Specialist

Affiliated Monitors, Inc.

Mobile (310) 729-6746

Toll Free (866)-201-0903

JRosen@affiliatedmonitors.com

What happens when a company delivers a superior product or service which is enthusiastically embraced by the consuming public, has a contented, if not equally enthusiastic, public facing work force and the business itself makes money, hand over fist? You might say that it is a company that you want to participate in as an investor. Now you add in what can only be described as a toxic culture and a corporate ‘win-at-all costs’ attitude. Would you still be interested? This paradox exists today at Uber. Several recent very unflattering events have put the company and its Chief Executive Officer (CEO) Travis Kalanick in a very unfavorable light. The question is does it matter in a company with an estimated value well north of $50 million?

In a Financial Times (FT) Big Read piece, entitled “Crisis inside the ‘cult of Travis’”, it was reported that the crises began in February when a former female Uber engineer, “went public with her account of sexual harassment and rampant sexism inside the company. Susan Fowler described how the human resources department ignored her complaints, which included being propositioned by her boss.” Even after reporting her complaints to HR, she was told the miscreant was a ‘high producer’ and there would be no discipline for his actions. Kalanick responded that the events “were “abhorrent and against everything Uber stands for” and set up a task force to investigate” which is headed by former Attorney General Eric Holder.

Next came what the FT termed as an “unflattering” video recording where Kalanick berated an Uber driver who had told him he had been forced to declare bankruptcy from his work at Uber. Kalanick’s response was “Some people don’t like to take responsibility for their own shit. They blame everything in their life on somebody else.” Sounds like the type of CEO you would want to run away from as fast as possible, doesn’t it? Kalanick later apologized and said he was “ashamed” of his conduct and “I must fundamentally change as a leader and grow up.”

Also revealed was the company’s technological tool to evade law enforcement and regulators with its Greyball program. All of this was after Kalanick and Uber took public relations hits for (1) agreeing to cozy up to the Trump Administration and (2) refusing to participate in the initial taxicab boycott at JFK airport when the Administration’s first Muslim ban was put into effect. This tone deafness was only exceeded by the company charging surge pricing when breaking the boycott. Both events led to a the #deleteuber campaign. All of these events have cost the company 5% market share which has migrated to its rival Lyft.

Perhaps none of this is too surprising given the company’s stated cultural values of “super-pumpedness and fierceness”. In a Business Week piece, an Uber spokesperson defined these values as: “Super Pumpedness — Bring energy and infectious enthusiasm to everything you do. For Managers: Motivate and inspire team members to perform their best, and stretch themselves professionally. Fierceness — Be fierce. Do whatever it takes to make Uber a success, even when it’s hard and takes some risk to get there.”

These values and what the FT calls “the cult of Travis” has led to what can only, most generously, be termed as one very toxic workplace. The FT said, “Uber that is extreme, even by the standards of US tech start-ups. Former employees interviewed by the Financial Times talk about gruelling work hours and a dog-eat-dog ethic reminiscent of the worst excesses of Wall Street.” One former Uber employee said, “When I joined it was like walking into a buzzsaw. It was a hostile culture.”

How can the company change this clear perception of toxicity? Normally one might expect shareholders to demand a change. Indeed, the FT noted that such behavior “would not be tolerated in publicly traded company.” However, Uber is private and only has investors. They had hoped to cash in when the company went public but with these recent PR disasters, there is talk the initial public offering (IPO) will not occur until 2019 “because it will take the company that long to recover.” Employees are equally stuck because many were lured with stock options which are illiquid until the company goes public.

Yet many Uber employees are now voting on such cultural values and antics with their feet. Another FT article, entitled “Hail and farewell as Uber staff eyes exit”, quoted Guillaume Champagne, president at SCGC Executive Search, who said “From a purely financial perspective, Uber would need to become an awful place for them to leave.” Nevertheless, in the past few weeks, Mr. Champagne has seen an increase of about 5-10 per cent in the number of people interested in leaving, particularly those who are “a bit less of a culture fit.” Finally, “employees who planned to stay with Uber through its eventual initial public offering are reconsidering.” The article quoted one un-named executive, who said “Previously it was difficult to get them [Uber employees] because of their stock. Now they don’t seem so confident about what that’s worth.”

There are several stakeholders at play here. The investor class, Kalanick as deity with absolute power in the company, employees looking for that great IPO pot at the end of the rainbow when the company goes public and the public which is the beneficiary of one of the greatest service innovations in transportation in the past 100 years. Will Uber’s culture change? Probably not as long as Kalanick leads the organization. Tone is set at the top and when you have such a CEO who places a dog-eat-dog culture over values, it permeates throughout the organization. As the FT Big Read piece concluded, “Everyone knows what TK is really like,” says a former employee, using Mr Kalanick’s nickname. “Even if he comes back with crocodile tears, it has happened so many times everyone knows how he really feels.”

One of the key, if under-appreciated features, of the Foreign Corrupt Practices Act (FCPA), is that the accounting provisions enforce discipline on companies which desire access to US capital markets through IPOs or stock offerings. If Uber chooses to go public, perhaps some of the worst excesses of CEO Kalanick and his self-imposed buzz saw culture at Uber might be tamed by the requirements of accurate books and records and effective internal controls.

Even if the tone Mr. Kalanick sets as a public company is still his win at all cost persona, the market will step in to sanction him through a drop in share prices. Minority investors with voting rights, truly independent directors forming a stronger board and activist shareholders can also bring a form of discipline and clarity to end the current cultural miasma at the company. While it may well take time for true cultural change to set in on the company, the steady drip, drip, drip of untoward news might move to something less than what we all have observed over the past few weeks.

The FT editorial board, in a piece entitled “Making Uber’s inner fire burn more evenly,  said, “It is also fantastical to think that Uber chief executive Travis Kalanick, who sets the tone at the company, is going to undergo a personality transplant at the age of 40. The question at Uber, as at other businesses, is how to harvest brilliance while minimising the collateral damage.” The FT went through some of the options open to Uber, including bringing in an executive-type who would be the adult in the room and (hopefully) tame the worst excesses of Kalanick and the company or even a new CEO, bumping Kalanick up to a more senior and advisory role; a more robust Board of Directors, even some new outside blood to fill out an expanded and more independent Board; or if the company goes public and puts appropriate internal controls in place  the market could discipline them through a valuation in line with unacceptable behavior.

All of these avenues have pitfalls. But Uber must change or it will have one very large and public fall. One can almost think of Enron, which at one time claimed to be the 7th largest corporation in America, to see how far all this hubris can humble what may be the highest-flying of entities. We are talking the full Greek god tragedy here because as I noted at the start of this post, when a company delivers a superior product or service which is enthusiastically embraced by the consuming public, has a contented, if not equally enthusiastic, public facing work force and the business itself makes money, hand over fist; a very large part of the public wants it to succeed.

The clearest statement came from, Catherine Choe (aka @CultureFloss), the founder of TFL Compass, who said, “I believe that humans have the capacity to change, and change happens most frequently in the face of trauma. I don’t believe, given the ownership structure of Uber, that there has been any trauma, which has implications for them in the future. The seeds of tragedy are there. It’s entirely in their hands whether those seeds bear fruit in ten years or wither away.”

Uber has to change if it hopes to move to the next level in the corporate world. I for one hope it can do so and maintain the trifecta that has made it one of the top disruptive, start-ups around.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

In this episode, Jay and I have a wide-ranging discussion on why good compliance and is good for business. We discuss:

  1. LRN Ethics and Compliance Program Effectiveness Report. Click here for Report.
  2. Ethisphere’s 2017 World’s Most Ethical Companies. Click here for Report.
  3. Why good compliance is good for business. See Tom’s blog post.
  4. Women in compliance: A key to organizational diversity. See article in the FCPA Blog.
  5. ECI Podcast: Engaging With Your Monitor: Best Practices from ECI’s Independent Monitor Benchmarking Group. To listen to the podcast, click here.
  6. Jay previews his weekend report.
  7. Tom previews a presentation he will give with Jenny O’Brien and Roy Snell at the SCCE European Ethics and Compliance Institute in AprilJay previews a presentation at the same event by Eric Feldman of Affiliated Monitors. For more information on the event, check it out by clicking here.

Jay Rosen new contact information:

Jay Rosen, CCEP

Vice President, Business Development

Monitoring Specialist

Affiliated Monitors, Inc.

Mobile (310) 729-6746

Toll Free (866)-201-0903

JRosen@affiliatedmonitors.com