Holy GrailWe conclude our Arthurian themed week with the Holy Grail, which has fired the imagination of artists for millennia. What was the Holy Grail? According to Professor Dorsey Armstrong in her Teaching Company lecture series, entitled “King Arthur: History and Legend”, the Holy Grail has taken various forms over the years. For Chrétien de Troyes, it was a fancy serving dish; for Wolfram von Eschenbach, it is a magical stone; for Robert de Boron, it is the cup that Christ drank from at the Last Supper; for the comedy troupe Monty Python, it is a cartoon sketch that no one ever finds; and for the modern day author Dan Brown, it is both a person, who is a descendant of Mary Magdalene, and a bloodline which leads to the Merovingian kings of France. In other words, it means many things to many people.

One of the articulated reasons for the creation of King Arthur’s Round Table was tied to the Holy Grail, since it was allegedly used at the Last Supper, it seems only natural that Arthur would seek it from his table as well. Indeed in Robert de Boron’s account of Arthur, the wizard Merlin tells Arthur the Round Table was established to identify the one Knight, who was pure of heart, who could find the Holy Grail. Only after the great quest for and locating of the Holy Grail was achieved could Arthur’s other ambitions come to pass.

Another interesting twist on the Grail legend is that it was in Britain. Curiously it was first ‘discovered’ by some enterprising Monks in Glastonbury, England in the late 12th century. They just happened to come across a well that ‘bled’ water around the time of an annual pilgrimage. Going viral in the Middle Ages was tough but the Monks built upon their initial find by claiming that both King Arthur and his Queen Guinevere were also buried at their abbey. Do you believe any of the above? Are you on your own Grail Quest, however dreamy that quest might be?

I thought about the quest for the Holy Grail in the context of the renewed call for a compliance defense addition to the Foreign Corrupt Practices Act (FCPA), which would give companies a pass if they had sustained a FCPA violation. In a recent blog post, entitled “Wal-Mart’s Recent Disclosures, the FCPA Professor renewed his clarion call for a compliance defense for FCPA violators, using Wal-Mart’s last three-year spend on compliance resources as a starting point. He wrote, “Wal-Mart disclosed spending approximately $220 million over the past three years in global compliance program and organizational enhancements.” He went on to note, “The key policy issue is this. Wal-Mart has engaged in FCPA compliance enhancements in reaction to its high-profile FCPA scrutiny. Perhaps if there was a compliance defense more companies would be incentivized to engage in compliance enhancements pro-actively. A compliance defense is thus not a “race to the bottom” it is a “race to the top” (see here for the prior post) and it is surprising how compliance defense detractors are unable or incapable of grasping this point.”

Leaving aside the issue of whether I am “unable or incapable” to grasp these issues I raised, I see this quest for (or ‘race’ as the FCPA Professor calls it) for a compliance defense for companies that violate the FCPA to be as quixotic as the quest for the Holy Grail. As there were two requirements for the Knight who was destined to find the Grail, we will begin pureness of heart. Recognizing that it might be difficult to find a corporation that is ‘pure of heart’, the appropriate analogy might be more than simply spending what may appear to be a large dollar amount on a compliance program. This is because it is not the amount of money you spend that informs the effectiveness of your compliance program. In three years Wal-Mart has reported it spent $220MM. The FCPA was enacted into existence in 1977. What do you get if you divide $220MM total spend into 38 years? My (recovering) trial lawyer math shows that to be approximately $5.78MM per year. How many billions of dollars per year was the annual revenue of Wal-Mart during that time? (Hint – a lot)

Moving our quest time frame to the modern era of FCPA enforcement, to say 2005. That would give an annual compliance spend of $20MM per year. If one looks at the company’s revenue from the middle of the last 10 years, for the fiscal year ending January 31, 2011, Wal-Mart reported net income of $15.4 billion on $422 billion in gross sales. Now what do you think about Wal-Mart’s quest for an effective compliance program based upon three year’s spending of $220 being significant? Indeed what is the percent of its revenues over the past three years that Wal-Mart spent creating its compliance program? Alas my trial lawyer math skills do not allow me to calculate a number so small.

How about the second part of the Grail quest that requires a ‘chaste’ Knight? Once again it is somewhat difficult to understand how a corporation could be chaste but I think the appropriate analogy is the doing of compliance. Put another way, it is not having a compliance program in place but having an effective compliance program. So not only does the amount of money a company spends become immaterial to our quest but also the same can be said to the claim that having a written program should entitle you some type of defense to any FCPA violations. Just as questing for the Holy Grail is seeking something that does not exist, affording companies a defense from their own FCPA violations by having a written program in place is not a temporal reality.

Under the FCPA Ten Hallmarks of an Effective Compliance Program, that it is an interplay of the right compliance message, tools in place to communicate and enforce the compliance message and then oversight to ensure compliance with the entire compliance regime. Such things as monitoring are recognized as a key element so your company should establish a regular monitoring system to spot issues and address them. Effective monitoring means applying a consistent set of protocols, checks and controls tailored to your company’s risks to detect and remediate compliance problems on an ongoing basis. To address this, your compliance team should be checking in routinely with the finance departments in your foreign offices to ask if they have noticed recent accounting irregularities. Regional directors should be required to keep tabs on potential improper activity in the countries they manage. Additionally, the global compliance committee should meet or communicate as often as every month to discuss issues as they arise. These ongoing efforts demonstrate your company is serious about compliance.

In addition to monitoring, structural controls are recognized as an important element. It has been said that large companies “must use structural means to maintain control.” One of the best explanations of the use of internal controls as a structural component of any best practices compliance program comes from Aaron Murphy, a partner at Foley and Lardner in San Francisco, in his book entitled “Foreign Corrupt Practices Act”, where he said, “Internal controls are policies, procedures, monitoring and training that are designed to ensure that company assets are used properly, with proper approval and that transactions are properly recorded in the books and records. While it is theoretically possible to have good controls but bad books and records (and vice versa), the two generally go hand in hand – where there are record-keeping violations, an internal controls failure is almost presumed because the records would have been accurate had the controls been adequate.” These two parts are but a sampling but it is in the doing of compliance that any anti-corruption compliance program becomes effective; it is not simply having one in place.

Finally, as with all quests, what will it bring you if you actually achieve it? As with the Holy Grail, it is a good story but that is about it. I find this view best articulated by Matthew Stephenson, in a blog post entitled “The Irrelevance of an FCPA Compliance Defense”, where he gave three reasons why a compliance defense is not warranted. First (and perhaps almost too obvious to state) is that if your company is invoking a compliance defense, there has been a FCPA violation. The second is “The U.S. Department of Justice (DOJ) already takes into account a corporation’s good-faith efforts to implement a meaningful compliance program when the DOJ decides whether to pursue an FCPA action against the corporation, and what penalties or other remedies to impose. Indeed, the adequacy of the corporation’s compliance program is a standard subject of negotiation between the DOJ and corporate defendants.” Third is that “An FCPA compliance defense would only alter the DOJ’s bargaining position if a corporation unhappy with the DOJ’s position could either (1) convince the DOJ lawyers that the DOJ’s position is unreasonable in light of the corporation’s compliance program, or (2) credibly threaten to go to court and defeat the DOJ’s enforcement action altogether by successfully invoking the compliance defense before a federal judge.” Stephenson discounts subpart 1 because DOJ lawyers already take a company’s compliance program into account. But his second subpart is even more important because no company will go to trial against the government using a compliance defense to a demonstrable FCPA violation. Leaving aside the Arthur Anderson effect, no company is going to risk losing at trial when they can control their own fate through settlement. The modern day Knights seeking the Holy Grail of a compliance defense will never find it because of this last fact. Moreover, just as there were no real Knights who could meet the requirements to actually find the Holy Grail after their quest, there are no companies which can meet the same criteria; that being that a compliance defense could or even should trump a FCPA violation.

So we leave our King Arthur themed week with our quest intact, bringing message I hope that you have ascertained in these five posts about some of the things you need to do around the ‘nuts and bolts’ of anti-corruption compliance. I also hope that you might be able to look at the tales surrounding the King Arthur myth for your own inspiration.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2015

IMG_1173Over this week I have looked at some issues related to compensation and methods from other disciplines that a compliance practitioner might use to test and then improve a company’s third party management regime. Today, I want to go back to the starting point for any compliance program; that is the Tone at the Top. I was reminded of the absolute necessity of having a management not only committed to following the law but the actual doing of compliance when I read about the guilty verdicts in the Atlanta schools cheating scandal.

In an article in the New York Times (NYT), entitled “Atlanta Educators Are Convicted of Racketeering”, reporter Alan Blinder detailed the guilty verdicts handed down in an Atlanta state Superior Court this week where 11 of 12 defendants were convicted in a lengthy trial. Blinder wrote, “On their eighth day of deliberations, the jurors convicted 11 of the 12 defendants of racketeering, a felony that carries up to 20 years in prison. Many of the defendants — a mixture of Atlanta public school teachers, testing coordinators and administrators — were also convicted of other charges, such as making false statements, that could add years to their sentences.” Most stunningly, the trial judge “ordered most of the educators jailed immediately, and they were led from the courtroom in handcuffs.”

The school district’s top administrator Dr. Beverly Hall, channeling her inner Ken Lay, had the temerity to pass away during the trial so there was no finding as to her conduct. Unrepentant to end she said “she had done nothing wrong and that her approach to education, which emphasized data, was not to blame.” When interviewed back in 2011, Dr. Hall had said, “I can’t accept that there’s a culture of cheating. What these 178 are accused of is horrific, but we have over 3,000 teachers.”

Think about those two statements for a moment. They mimic the same tired excuses used by apologizers in the anti-corruption world. First it was only a small subset of those involved who actually broke the law. In other words, the oldie but goodie rogue employee(s) defense. It did have the notable exception that there were 178 roguies out there lying and cheating. But more than the rogue employee defense, she emphasized that she obtained results, the scores on the State of Georgia’s standardized tests for public schools improved dramatically under her watch. In the Foreign Corrupt Practices Act (FCPA) anti-corruption world that is the same as “we had to do it to compete” argument. It is equally as inane as the rogue employee defense.

Moreover, a State of Georgia investigation “completed in 2011, led to findings that were startling and unsparing: Investigators concluded that cheating had occurred in at least 44 schools and that the district had been troubled by “organized and systemic misconduct.” Nearly 180 employees, including 38 principals, were accused of wrongdoing as part of an effort to inflate test scores and misrepresent the achievement of Atlanta’s students and schools. Investigators wrote in the report that Dr. Hall and her aides had “created a culture of fear, intimidation and retaliation” that had permitted “cheating — at all levels — to go unchecked for years.” How is that for tone from the very top?

I bring you another example from a company I once worked at whose management locked themselves behind bolted doors on a floor in the building not accessible by any employees. And just in case someone did make onto this executive floor, there was an armed police presence as a last ditch security measure. The locked down top floor was after the following security measures were already in place: (1) you had to badge in to get into the parking garage, (2) building access was by card entry, (3) elevator access was by card entry, and (4) floor access was by card entry.

Why would senior executives barricade themselves behind such massive physical protection? Did they do this because crazed competitors were sending in assassins, because the company was so profitable and hence unassailable as a competitor? How about something more nefarious such as international hit squads roaming through international businesses in Houston, picking off key executives? Alas the explanation was not anything so exotic. With all of these security measures in place the reason was to keep mere mortal employees away from senior management. What type of message that does send to employee? Much like the one I had growing up, speak only when spoken to.

The point of all this is that tone does matter. Senior management must be committed and communicate its commitment to not only obeying laws but also complying with laws. In the FCPA world, that means you must have a compliance program in place that meets the Ten Hallmarks of an Effective Compliance Program as set out in the FCPA Guidance.

On a completely different note as a compliance practitioner, if you want to have a shot at some serious professional growth and you are in the Houston area, somewhere else in Texas or anywhere else in the South, I suggest you consider attending the FCPA Professor’s FCPA Institute, which will be held in Houston on Monday, May 4 and Tuesday, May 5. The Professor’s goal in leading this first Texas FCPA Institute is “to develop and enhance fundamental skills relevant to the FCPA and FCPA compliance in a stimulating and professional environment with a focus on learning. Information at the FCPA Institute is presented in an integrated and cohesive way by an expert instructor with FCPA practice and teaching experience.” Some of the topics, which will be covered, include the following:

  • An informed understanding of why the FCPA became a law and what it seeks to accomplish;
  • A comprehensive understanding of the FCPA’s anti-bribery and books and records and internal controls provisions and related enforcement theories;
  • Various realties of the global marketplace which often give rise to FCPA scrutiny;
  • The typical origins of FCPA enforcement actions including the prominence of corporate voluntary disclosures;
  • The “three buckets” of FCPA financial exposure and how settlement amounts in an actual FCPA enforcement action are typically not the most expensive aspect of FCPA scrutiny and enforcement;
  • Facts and figures relevant to corporate and individual FCPA enforcement actions including how corporate settlement amounts are calculated;
  • How FCPA scrutiny and enforcement can result in related foreign law enforcement investigations as well as other negative business effects from market capitalization issues, to merger and acquisition activity, to FCPA related civil suits; and
  • Practical and provocative reasons for the general increase in FCPA enforcement.

In other words, it is what you have come to expect from the FCPA Professor; well-thought out reasoned analysis, practical knowledge and learning, and provocative thinking and assessment. But this is also your chance to attend a two-day Institute with one of the most original thinkers in the FCPA space. The FCPA Institute will provide insights into the topics more near and dear to my heart as a ‘nuts and bolts guy’. In addition to the above substantive knowledge, FCPA Institute participants will gain in-demand, practical skills to best manage and minimize FCPA risk by:

  • Practicing FCPA issue-spotting through video exercises;
  • Conducting a FCPA risk assessment;
  • Learning FCPA compliance best practices, including as to third parties;
  • Learning how to effectively communicate FCPA compliance expectations; and
  • Grading a FCPA code of conduct.

In addition, attorneys who complete the FCPA Institute may be eligible to receive those all-important Continuing Legal Education (CLE) credits. The sponsors, King & Spalding, will be seeking CLE credit in CA, GA, NY, TX and if needed in NC and VA. Actual CLE credit will be determined at the end of the program based on actual program time. Attorneys may be eligible to receive CLE credit through reciprocity or attorney self-submission in other states as well.

I hope that you can join the FCPA Professor for this FCPA Institute. I have previously said, “if the FCPA Professor writes about it you need to read it. While you may disagree with him, your FCPA perspective and experience will be enriched by the exercise.” I would now add to this statement that if the FCPA Professor puts on his FCPA Institute you should attend. Not only will you garner a better understanding of the theoretical underpinnings of the law and the plain words of its text; you will also be able to articulate many of the issues which befall companies caught up in a FCPA investigation to your senior management in a way that will help them understand the need for a robust compliance program.

To register for the FCPA Institute, or for more information, click here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2015

Agatha ChristieI conclude my week of exploration of Agatha Christie’s Miss Marple short stories and the Securities and Exchange Commission’s (SEC) enforcement of the Foreign Corrupt Practices Act (FCPA) by reviewing some of the new things I’ve learnt during this week of research. I learned that Christie made several social observations and revealed much about herself through these stories. She is very much constrained by the roles given to women in the early to mid-1920s, including the lack of a proper education. She also writes about some of the disdainful attitudes of people to an older woman. I found a number of inside jokes that Christie placed into the stories, even referring to the prevalence of detective fiction in print and on the stage at the time the stories were written. Finally is the fact that people make the mistake of not noticing her but that she is watching them and listening and that they will remain unaware of her presence for not too much longer.

In his recent blog post, entitled “Are You An FCPA Contender Or Pretender?”, the FCPA Professor suggested that if you want to practice in the area of FCPA compliance, you really should take the time to read some of the very few underlying sources and documents relating to the subject. After my week exploration of the SEC enforcement of the FCPA, I would note that you can learn quite a bit by heeding his advice.

Internal Controls

There was a trend, beginning in the fall of 2014 of SEC FCPA enforcement actions, where the Department of Justice (DOJ) either declined to prosecute the company or settled with the company via a Non-Prosecution Agreement (NPA). This led me to conclude that the SEC was ramping up its review and enforcement of the accounting provisions under the FCPA separate and apart from criminal side enforcement of the FCPA by the DOJ. Earlier this month, when Andrew Ceresney, the SEC Director, Division of Enforcement, spoke at CBI’s Pharmaceutical Compliance Congress in Washington DC he discussed the importance of internal controls in SEC enforcement. While his remarks were primarily directed “in the context of financial reporting” I believe they could be equally applicable in the FCPA compliance context.

Ceresney said, “What kinds of practice pointers for how to avoid these issues? Well, in cases we have brought, we see controls that were not carefully designed to match the business, or that were not updated as the business changed and grew. And we see that senior leadership was not asking the tough questions – and sometimes not even asking the easy questions. Senior management in some cases was just not engaged in any real discussion about the controls. As a result, employees did not properly focus on them and the firm and its shareholders are put at risk.” I think these statements, particularly taken in the context of his overall remarks, portend a greater focus on internal controls review and enforcement in the FCPA context.

Finally, in the area of internal controls, is the interplay of Sarbanes-Oxley (SOX) with FCPA enforcement and several sections of the Act that have FCPA implications. These include SOX §302 that requires the principle officers of a company to “take responsibility for and certify the integrity of these company’s financial reports on a quarterly basis.” Under SOX §404 companies must present annually their conclusion “regarding the effectiveness of the company’s internal controls over accounting.” Finally, SOX §802 prohibits “altering, destroying, mutilating, concealing or falsifying records, documents or tangible objects” with the intent to obstruct or influence a federal investigation, such as the FCPA.

Every public company is required to report on its internal controls. The SEC may well start mining those required, annual public disclosures for information on compliance internal controls. If the SEC finds a company’s report lacking and then after requesting further information, still finds a company’s response lacking, a company may be looking at strict liability and a financial penalty based on profit disgorgement as I lay out next.

Strict Liability

I have written about the coming of strict liability to the SEC enforcement of the FCPA’s accounting provisions, including books and records and internal controls. However, after having read, re-read and reviewed the FCPA and commentary, I now believe that a strict liability interpretation for enforcement of the FPCA is fully supported by the plain language of the Act itself. I come to this conclusion because there is no language in the text of the Act that ties the accounting provision requirements to any other operative violation of the statute. In other words, there is no language that says that an accounting provisions violation must be tied to an offer or payment of a bribe to obtain or retain business. While the FCPA does not specifically say that a company will be strictly liable for a violation of the accounting provisions, it is certainly not prohibited. Since violations of the accounting provisions as enforced by the SEC are civil violations only, I now believe that such a position is not prohibited by the Act.

Profit Disgorgement 

Similar to my views on strict liability for accounting violations, I have also come to believe that profit disgorgement is a remedy fully supported and available to the SEC in FCPA enforcement actions. This change was made by an un-related law, entitled The Penny Stock Reform Act of 1990, which amended the Securities Exchange Act of 1934 to: allow the SEC to (1) impose tiered civil money penalties pursuant to administrative findings of violations of the Act; (2) enter an order requiring an accounting and disgorgement; (3) issue cease and desist orders; and (4) issue temporary restraining orders. Profit disgorgement has generally been considered an equitable remedy. Sasah Kalb and Marc Alain Bohn, in their article “Disgorgement: The Devil You Don’t Know, wrote “As an equitable remedy, disgorgement is not intended as tool to punish, but as a vehicle for preventing unjust enrichment. The SEC is therefore only permitted to recover the approximate amount earned from the alleged illicit activities. Disgorging anything more would be considered punitive.”

In conjunction with this equitable nature for profit disgorgement, is the concept of proportionality. In the article by David C. Weiss, entitled “The Foreign Corrupt Practices Act, SEC Disgorgement of Profits and the Evolving International Bribery Regime: Weighing Proportionality, Retribution and Deterrence”, he wrote that regarding proportionality “punishment schemes fail a utilitarian test when the punishment exceeds, or threatens to exceed, the offense. Put another way, deterrence requires that a punishment be proportionate to the harm—allowing for some multiplier based on the likelihood of being caught. Punishments that are not proportionate are not justified under this utilitarian theory.”

Profit Disgorgement as a Remedy for Strict Liability

In this final section, I give my opinion as to where I think the next step of SEC enforcement may be headed. I think it will be a combination of the enforcement of the accounting provisions of the FCPA through a strict liability reading of them by the SEC to the remedy of profit disgorgement. Admittedly this opinion seems contrary to the equitable nature of the remedy of profit disgorgement. However the greater focus of SEC scrutiny and enforcement of the accounting provisions point me in that direction. While it is also true that profit disgorgement has traditionally required some specific ill-gotten gains; with the statutory authority provided by the Penny Stock Act to the SEC allows for disgorgement with no language around its equitable beginning, this may be enough for the SEC to make such an intellectual leap. Further, as noted by Kalb and Bohn, “Because calculations like these often prove difficult, courts tend to give the SEC considerable discretion in determining what constitutes an ill-gotten gain by requiring only a reasonable approximation of the profits which are causally connected to the violation.”

The final component is the lack of judicial review in FCPA enforcement actions. Every practitioner is aware of the absolute dearth of cases in this area. With the SEC moving towards more administrative actions, through the 2010 Dodd-Frank amendment that enables the SEC to collect civil penalties through administrative proceedings, there may not be many federal district court reviews going forward. Of course to have a federal district court review of a remedy, it generally takes the defendant to make some objection and companies seemingly do not wish to take on the SEC in any FCPA enforcement matter (or the DOJ for that matter). But even if there was a federal district review of a Cease and Desist Order filed before it, you almost never hear the court reject an agreed Order on the grounds that the remedy was too harsh or unwarranted.

I hope you have enjoyed and learned something this week unique to the SEC enforcement of the FCPA. I know I have both enjoyed reading many of the excellent commentators I have reviewed during my research. David Weiss, Marc Alain Bohn, Sasha Kalb, Russ Ryan and the FCPA Professor have all contributed significant legal work and thought leadership in this area that I have built some of my theories on so I thank them for their contributions. Another joy was reading Agatha Christie’s Miss Marple short stories. If you have a few evenings or some down time for spring break or summer vacation, I suggest you pick up the volume. It is just like visiting with an old friend on a dark and stormy night…

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2015

 

 

Blue GeraniumIn Christie’s The Blue Geranium a difficult and cantankerous semi-invalid wife is looked after by a succession of nurses. They changed regularly, unable to cope with their patient, with one exception Nurse Copling who somehow managed the tantrums and complaints better than others of her calling. The wife had a predilection for fortunetellers and one announced that the wallpaper in the wife’s room was evil; pronouncing she should “Beware of the Full Moon. The Blue Primrose means warning; the Blue Hollyhock means danger; the Blue Geranium means death.” Four days later, one of the primroses in the pattern of the wallpaper in the wife’s room changed color to blue in the middle of the night, when there had been a full moon.

On the morning after the next full moon, the wife was found dead in her bed with only her smelling salts beside her. Once again Miss Marple has the solution remembering that potassium cyanide resembled smelling salts in odor. The wife took what she thought were smelling salts but was in reality potassium cyanide. The flowers on the wallpaper had been treated with litmus paper which the turned the geranium in question blue, which unmasked the killer.

I found this story to be an interesting way to introduce the topic of the Securities and Exchange Commission’s (SEC’s) damage remedies. While some are obvious, such as the fines and penalties which are listed in the text of the Foreign Corrupt Practices Act (FCPA), another one, that being profit disgorgement must be seen through the lens of multiple legislations.

Monetary Fines

The damages that are available to the SEC differ in some significant aspects from those available to the Department of Justice (DOJ) in its enforcement of the criminal side of the FCPA. According to the FCPA Guidance, “For violations of the anti-bribery provisions, cor­porations and other business entities are subject to a civil penalty of up to $16,000 per violation. Individuals, including officers, directors, stockholders, and agents of companies, are similarly subject to a civil penalty of up to $16,000 per violation, which may not be paid by their employer or principal. For violations of the accounting provisions, SEC may obtain a civil penalty not to exceed the greater of (a) the gross amount of the pecuniary gain to the defendant as a result of the violations or (b) a specified dollar limitation. The specified dollar limitations are based on the egregious­ness of the violation, ranging from $7,500 to $150,000 for an individual and $75,000 to $725,000 for a company.”

As straightforward as these monetary amounts may seem, the totals can become very large very quickly. As noted by Russ Ryan in a guest post on the FCPA Professor’s blog, entitled “Former SEC Enforcement Official Throws The Red Challenge Flag, the SEC significantly multiplied those amounts in a default judgment context against former Siemens executives by claiming that “four alleged bribes should be triple-counted as three separate securities law violations – once as a bribe, again as a books-and-records violation, and yet again as an internal-controls violation – thus artificially multiplying four violations to create twelve.” Further, under the specific books-and-records and internal-controls allegations “the SEC was super aggressive, taking the position that these classically non-fraud violations involved “reckless disregard” of a regulatory requirement, thus allowing the SEC to demand the maximum $60,000 per violation in “second-tier” penalties rather than the $6,000 per violation in the “first-tier” penalties ordinarily associated with non-fraud violations.”

Profit Disgorgement

In addition to the above statutory fines and penalties, “SEC can obtain the equitable relief of disgorgement of ill-gotten gains and pre-judgment interest and can also obtain civil money penalties pursuant to Sections 21(d)(3) and 32(c) of the Exchange Act. SEC may also seek ancillary relief (such as an accounting from a defendant). Pursuant to Section 21(d)(5), SEC also may seek, and any federal court may grant, any other equitable relief that may be appropriate or necessary for the benefit of investors, such as enhanced remedial measures or the retention of an independent compliance consultant or monitor.” These remedies can be sought in a federal district court of through the SEC administrative process.

As explained by Marc Alain Bohn, in a blog post on the FCPA Blog entitled “What Exactly is Disgorgement?” profit “Disgorgement is an equitable remedy authorized by the Securities Exchange Act of 1934 that is used to deprive wrong-doers of their ill-gotten gains and deter violations of federal securities law. The Act gives the SEC the authority to enter an order “requiring accounting and disgorgement,” including reasonable interest, as part of administrative or cease and desist proceedings”. In another article Bohn co-authored with Sasha Kalb, entitled “Disgorgement – the Devil You Don’t Know” published in Corporate Compliance Insights (CCI), they set out how such damages are calculated. They said, “In calculating disgorgement, the SEC is required to distinguish between legally and illegally obtained profits. The first step in such calculations is to identify the causal link between the unlawful activity and the profit to be disgorged. Once this causal link is established, the SEC may assert its right to disgorge illicit profits that stem from this wrong-doing. Because calculations like these often prove difficult, courts tend to give the SEC considerable discretion in determining what constitutes an ill-gotten gain by requiring only a reasonable approximation of the profits which are causally connected to the violation.”

However if you read the FCPA quite closely you will not find any language regarding profit disgorgement as a remedy. Nevertheless a simple reading of the statute does not limit our inquiry as to this remedy. In a Note, published in the University of Michigan Journal of International Law, entitled “The Foreign Corrupt Practices Act, SEC Disgorgement of Profits and the Evolving International Bribery Regime: Weighing Proportionality, Retribution and Deterrence”, author David C. Weiss explained the development of the remedy of profit disgorgement. As noted by Bohn, profit disgorgement was always available to the SEC from the very beginning of its existence, through the enabling legislation of 1934. But as explained by Weiss, in the completely unrelated legislation entitled The Penny Stock Reform Act of 1990, profit disgorgement was “authorized by statute [as a remedy to the SEC] without a limitation to the FCPA.”

Finally, and what many compliance practitioners do not focus on for SEC enforcement of the FCPA, was the enactment of Sarbanes-Oxley Act of 2002 (SOX). Weiss said, “The most recent change to the way in which the SEC enforces the FCPA—and a critical development to consider—is SOX, which affects virtually all of the SEC’s prosecutions, including those under the FCPA. When assessing penalties, the SEC draws on SOX to provide great latitude in determining the types of penalties it enforces. While SOX did not amend the FCPA itself, it did amend both civil and criminal securities laws relating to compliance, internal controls, and penalties for violations of the Exchange Act. Since the enactment of SOX, the SEC has possessed the power to designate how a particular penalty that it assesses will be classified.” [citations omitted]

There has been criticism of the SEC using profit disgorgement as a remedy. As far back as 2010, the FCPA Professor criticized this development in his article “The Façade of FCPA Enforcement” where he found fault with the remedy of profit disgorgement for books and records violations or internal controls violations only, where there is no corresponding “enforcement action charging violations of the anti-bribery provisions.” He wrote “It is difficult to see how a disgorgement remedy premised solely on an FCPA books and records and internal controls case is not punitive. It is further difficult to see how the mis-recording of a payment (a payment that the SEC does not allege violated the FCPA’s anti-bribery provisions) can properly give rise to a disgorgement remedy.”

Bohn and Kalb said, “Over the last six years, disgorgement has served to significantly increase the financial loss that companies are exposed to in FCPA enforcement matters. In addition to the considerable civil penalties often imposed by the SEC as part of FCPA settlements, the SEC has made clear that it will not hesitate to seek recovery of large sums through disgorgement provided they are reasonably related to the alleged misconduct. Yet the methodology used by the SEC to support the amounts it seeks to disgorge has not been much discussed.  In the absence of adequate guidance as to how these sums are calculated, disgorgement poses an even greater risk in the current aggressive FCPA enforcement climate.” I would only add to their conclusion that profit disgorgement is here to stay.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2015

FCPA-InstituteWhat is accountability in your compliance program? How does it relate to responsibility for a company to prevent, detect and remediate any issues that might arise under a Foreign Corrupt Practices (FCPA) compliance program? What if a company is so big that it cannot provide meaningful oversight of its FCPA compliance program? Robert Jenkins explored these issues, in the context of the ongoing HSBC scandal in the UK, in a recent Financial Times (FT) article entitled “How the HSBC chairman can restore accountability at his bank”. Jenkins chastised the current bank Chairman, Douglas Flint, who claimed that he was not “responsible and therefore accountable” for the bank’s ongoing woes because of the bank’s unwieldy corporate structure.

In a public statement Flint said, “We deeply regret and apologise for the conduct and compliance failures highlighted which were in contravention to our own policies as well as our expectations of us.” Jenkins commended the sentiment but correctly pointed out “management and chairmanship involves more than setting out policies. It involves ensuring that they are carried out and that the culture is conductive to doing so.” Simply put, “the notion of being responsible but not accountable does not wash.”

If I have one colleague who is both responsible and accountable it is the FCPA Professor. As clearly denominated by his moniker, the FCPA Professor, he teaches law with a specialization in the arena of the FCPA. While he teaches classes at a law school, through his blog postings and other writings he also puts on classes around the FCPA for the rest of us through his FCPA Institute, which I am pleased to report is coming to Houston this May. The event will be held over two days, May 4 and 5, and is hosted by the law firm of King and Spalding LLP.

The Professor’s stated goal in leading this first Institute is “to develop and enhance fundamental skills relevant to the FCPA and FCPA compliance in a stimulating and professional environment with a focus on learning. Information at the FCPA Institute is presented in an integrated and cohesive way by an expert instructor with FCPA practice and teaching experience.” Some of the topics, which will be covered, include the following:

  • An informed understanding of why the FCPA became a law and what it seeks to accomplish;
  • A comprehensive understanding of the FCPA’s anti-bribery and books and records and internal controls provisions and related enforcement theories;
  • Various realties of the global marketplace which often give rise to FCPA scrutiny;
  • The typical origins of FCPA enforcement actions including the prominence of corporate voluntary disclosures;
  • The “three buckets” of FCPA financial exposure and how settlement amounts in an actual FCPA enforcement action are typically not the most expensive aspect of FCPA scrutiny and enforcement;
  • Facts and figures relevant to corporate and individual FCPA enforcement actions including how corporate settlement amounts are calculated;
  • How FCPA scrutiny and enforcement can result in related foreign law enforcement investigations as well as other negative business effects from market capitalization issues, to merger and acquisition activity, to FCPA related civil suits; and
  • Practical and provocative reasons for the general increase in FCPA enforcement.

In other words, it is what you have come to expect from the FCPA Professor; well-thought out reasoned analysis, practical knowledge and learning, and provocative thinking and assessment. But this is also your chance to attend a two-day Institute with one of the most original thinkers in the FCPA space. The FCPA Institute will provide insights into the topics more near and dear to my heart as a ‘nuts and bolts guy’. In addition to the above substantive knowledge, FCPA Institute participants will gain in-demand, practical skills to best manage and minimize FCPA risk by:

  • Practicing FCPA issue-spotting through video exercises;
  • Conducting an FCPA risk assessment;
  • Learning FCPA compliance best practices, including as to third parties;
  • Learning how to effectively communicate FCPA compliance expectations; and
  • Grading an FCPA code of conduct.

To facilitate learning some of these practical skills, the FCPA Professor has offered me a guest slot to provide a hypothetical for discussion on Day 2 of the Institute.

At the end of the FCPA Institute, participants can elect to have their knowledge assessed and can earn a certificate of completion upon passing a written assessment tool. In this way, successful completion of the FCPA Institute represents a value-added credential for professional development.

In addition, attorneys who complete the FCPA Institute may be eligible to receive those all-important Continuing Legal Education (“CLE”) credits. The sponsors, King & Spalding, will be seeking CLE credit in CA, GA, NY, TX and if needed in NC and VA. Actual CLE credit will be determined at the end of the program based on actual program time. Attorneys may be eligible to receive CLE credit through reciprocity or attorney self-submission in other states as well.

I hope that you can join the FCPA Professor for this FCPA Institute. I have previously said, “if the FCPA Professor writes about it you need to read it. While you may disagree with him, your FCPA perspective and experience will be enriched by the exercise.” I would now add to this statement that if the FCPA Professor puts on his FCPA Institute you should attend. Not only will you garner a better understanding of the theoretical underpinnings of the law and the plain words of its text; you will also be able to articulate many of the issues which befall companies caught up in a FCPA investigation to your senior management in a way that will help them understand the need for a robust compliance program.

After attending the sessions I am also certain that you will be to explain to a Board, Chief Executive Officer (CEO) or senior management member the need for both accountability and responsibility in your FCPA compliance program. The FCPA Professor holds himself accountable for the opinions he takes and the positions he stakes out. By attending his FCPA Institute, I am certain you will be able to take those concepts to your senior management and prevent bunkum from coming out of your company if it has to remedy any FPCA compliance issues going forward.

To register for the FCPA Institute, or for more information, click here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2015