Old Way New WayToday, I end my exploration of recent Foreign Corrupt Practices Act (FCPA) enforcement actions (and one UK Bribery Act enforcement issue), which have occurred since the enactment of the Department of Justice (DOJ) Pilot Program in April. These three enforcement actions, which resulted in the companies receiving a Declination to Prosecute from the DOJ. Proving once again that I am never gonna give you up, never gonna let you down; I want to look a these Declinations to see what information they can provide to the compliance practitioner to assist them in guiding their own response should their company find itself embroiled in a FCPA investigation and attendant enforcement action.

The enforcement actions involved Nortek Corporation (Nortek), Akamai Technologies, Inc. (Akamai), and Johnson Controls, Inc. (JCI). Nortek and Akamai received Non-prosecution Agreements (NPAs) from the Securities and Exchange Commission (SEC) and Declinations to Prosecute (Declinations) from the DOJ. JCI received a civil Cease and Desist Order from the SEC and Declination from the DOJ. One other matter was resolved with the DOJ via a NPA, that being Analogic Corporation. I will discuss this matter separately below. 

The Declination Letters

The letters issued by the DOJ did not provide a plethora of detail. The Akamai and Nortek Declination letters were identical with the exception of the different corporate names. In relevant part they stated, “we have reached this conclusion … based on a number of factors, including but not limited to the fact that Nortek’s internal audit function identified the misconduct, Nortek’s prompt voluntary self-disclosure, the thorough investigation undertaken by the Company, its fulsome cooperation in this matter (including by identifying all individuals involved in or responsible for the misconduct and by providing all facts relating to that misconduct to the Department) and its agreement to continue to cooperate in any ongoing investigations of individuals, the steps that the Company has taken to enhance its compliance program and its internal accounting controls, the Company’s full remediation”. It went on to add that the company had agreed to profit disgorgement.

The JCI letter, stated, “We have reached this decision based on a number of factors, including but not limited to: the voluntary self-disclosure of the matter by JCI; the thorough investigation undertaken by the Company; the Company’s full cooperation in this matter (including its provision of all known relevant facts about the individuals involved in or responsible for the misconduct) and its agreement to continue to cooperate in any ongoing investigations of individuals; the steps that the Company has taken and continues to take to enhance its compliance program and its internal accounting controls; the Company’s full remediation”. As with the Nortek and Akamai the JCI letter also noted the company had agreed to disgorge its profits.

About the only difference I can ascertain in the letters is that Nortek and Akamai provide “fulsome” cooperation, and JCI provided “full” cooperation. Yet, the overall point of these Declinations seems to be the cooperation was very substantial.

Contrast the triple declination language with the NPA, which Analogic received, specifically noted the company’s lack of full cooperation. It stated, “the Company did not receive full cooperation credit because, in the view of the Offices, the Company’s cooperation subsequent to its self-disclosure did not include disclosure of all relevant facts that it learned during the course of its internal investigation; specifically, the Company did not disclose information that was known to the Company and Analogic about the identities of a number of the state-owned entity end-users of the Company’s products, and about certain statements given by employees in the course of the internal investigation;”

Box Score Summary of Declinations 

Pilot Program

Factor

Self-Disclosure Cooperation During Investigation Remediation Profit Disgorgement
Akamai Yes – before completing internal investigation 1. Sharing investigation;

2. Identify and present relevant documents;

3. Timely updates;

4. Updates on remedial measures;

5. Translating documents; and

6. Making witnesses available

1. Termination of culpable employees;

2. Revision of internal audit testing and protocol;

3. Strengthening of policies;

4. Creation of Compliance Committee;

5. Institution of mandatory compliance training; and

6. Modify auditing schedule to risk based approach

Yes
Nortek Yes 1. Sharing investigation

2. Timely updates

3. Segregation and organization of documents

4. Translation of documents

5. Making witnesses available

6. Conducting Risk Assessment

1. Due diligence program for 3rd parties;

2. Strengthen compliance policies;

3. Enhance compliance function, name CCO;

4. Institution of mandatory compliance training; and

5. Enhance travel and expense controls in China

 

Yes
JCI Yes – one month after it received a second anonymous complaint 1. Real time updates, interview summaries and all requested documents;

2. Yates binders including hot docs, interview summaries, chronologies and emails;

3. Preservation of evidence.

1. Termination of culpable employees;

2. Suspension of culpable 3rd parties;

3. Incorporation of culpable China office into existing corp structure;

4. Enhanced integrity testing and auditing, including random audits; and

5 Random testing of transactions

Yes

 

 

All parties admitted to facts, which could have formed the basis of a criminal FCPA enforcement action brought by the DOJ, yet they all received Declinations. While it would certainly have been more helpful to have a full release of information by the DOJ, to assist the compliance practitioner in understanding the totality of the facts considered, these three Declinations may well mark a new starting point in criminal FCPA enforcement going forward. Since at least 2014, with the Parker Drilling and Hewlett-Packard FCPA enforcement actions, the DOJ has provided significant credit to companies who thoroughly cooperated and provided extensive remediation during the pendency of their enforcement actions. With the Pilot Program implementation, these shifts are now official DOJ policy.

One other point unrelated to the Pilot Program discussion is the length of time that the Akamai and Nortek matters were concluded. It was less than 18 months for both. This short time frame for a resolution is certainly a welcome development and shows that if a company comes forward quickly, is efficient in its investigation and proactive in its remediation, it can benefit with lower overall investigation and remediation costs as well.

All of the above are most welcome for any compliance practitioner. The DOJ Pilot Program has come out of the box with some solid wins for the companies involved, the DOJ and the greater compliance community. If this pattern continues, it will allow the DOJ to focus its resources in driving home the message that it is doing compliance that will not only work to keep a company out of trouble but will also get a company out of trouble.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016

Questions 2I continue my exploration of recent enforcement matters and issues by turning to the Johnson Controls, Inc. (JCI) Foreign Corrupt Practices Act (FCPA) enforcement action, which was announced last week. Mike Volkov has called the enforcement action a “head scratcher”. Whether you agree with Volkov’s analysis or not, the case has several significant points for the Chief Compliance Officer (CCO) or compliance practitioner, which I will review today.

The matter was settled via a Cease and Desist Order (Order) from the Securities and Exchange Commission (SEC) and a Declination issued by the Department of Justice (DOJ). For its penalty, JCI accepted over $11.8 million in profits as a result of approximately $4.9 million in improper payments made by China Marine. JCI agreed to disgorge these profits, pay pre-judgment interest of $1,382,561 and a civil penalty of $1,180,000 for a total amount of $14,362,561.

The underlying facts are about as sordid as they can be for a corporate enforcement action. JCI obtained the Chinese unit, China Marine, through its purchase of York International (York) in 2005. In 2007, York paid $22 million to the DOJ and SEC to resolve FCPA offenses in China and other countries that occurred between 2001 and 2006.  York agreed to a three-year independent compliance monitor. JCI, for its part, terminated those involved in China Marine’s illegal conduct after it acquired York.

JCI installed its own Managing Director and limited China Marine’s use of third party sales agents. However, as stated in the Order, “From 2007 to 2013, the managing director of China Marine, with the aid of approximately eighteen China Marine employees in three China Marine offices, continued the bribery and theft that began under his predecessor by using vendors instead of agents to facilitate the improper payments. The improper payments were made to employees of government-owned shipyards as well as ship-owners and unknown persons”.

The bribery scheme was quite sophisticated. It involved, “a multi-stepped arrangement that required the complicity of nearly the entire China Marine office from the managing director, to the sales managers, the procurement managers and finally to the finance manager. The managing director aided or at times approved requests for the addition of certain vendors to the vendor master file without disclosing that certain sales managers had ownership or beneficial interest in the vendors. After the managing director’s approval, sales managers added bogus costs for parts and services to sales reports, which inflated the overall cost of the project, and generated purchase orders for the bogus parts and services. The procurement manager knowingly approved the purchase orders.” The scheme even included the vendors themselves who “created fake order confirmations for the unnecessary parts and services and submitted invoices for payments.” To complete the circle, the China Marine finance manager would authorize the fraudulent payments.

In what can only be called a complete, total and utter failure of JCI’s internal controls, company auditors could not understand the China Marine transactions. Further, and with even more evidence of the lack of effective internal controls, many of China Marine’s transactions were deemed non-material so they were at a level below that which would trigger a review of corporate oversight from JCI’s Denmark office, which oversaw the China Marine business unit. The Order noted that the average vendor payment in the bribery scheme “was approximately $3,400” but the total amount of bribes paid was $4.9MM. One might reasonably wonder if JCI understood there was no materiality threshold under the FCPA. One might also ask if there was conscious indifference by the JCI corporate office.

For the CCO or compliance practitioner there are several important lessons to be garnered from this enforcement action. First is the absolute requirement for effective internal controls to be put in place. If your company does not understand the transactions that any subsidiary engages in, you have put your company at serious risk. For if a company’s internal auditors cannot understand a series of transactions, they you certainly cannot explain them to an auditor. Further, under Sarbanes-Oxley (SOX) §404, a company must not only acknowledge its responsibility for establishing and maintaining a system of internal controls and procedures for financial reporting and an assessment, but also report on the effectiveness of the company’s internal controls.

Karen Cascini and Alan DelFavero, in an article entitled “An Assessment of the Impact of the Sarbanes-Oxley Act on the Investigation Violations of the Foreign Corrupt Practices Act”, said, “Section 404 “requires management to annually disclose its assessment of the firm’s internal control structure and procedures for financial reporting and include the corresponding opinions by the firm’s auditor”. More particularly, “while the FCPA required public companies to institute effective internal controls to stop the bribes and make executives accountable, SOX 404 goes further, but has similar goals.”

All of this might reasonably lead one to ask, who at the corporate headquarters certified the effectiveness of both the JCI and China Marine’s internal controls? Moreover, the Accounting Provisions of the FCPA also includes a section requiring accurate books and records. Clearly JCI was not too interested in verifying the accuracy of the books and records of its China Marine subsidiary.

More than this lack of compliance with both prongs of the FCPA Accounting Provisions, the lack of seeming awareness of enhanced risks is a confounding aspect of this case. China Marine was clearly identified as a high-risk business unit of both York and later JCI. Simply putting your self-appointed Managing Director in place is not enough. Any competent risk management system requires oversight, or as my wife would say ‘a second set of eyes’. This is why an effective compliance program requires ongoing monitoring. It is even truer when an entire business unit is high-risk.

Tomorrow I will continue my exploration of the JCI enforcement action by looking at the DOJ’s Declination, in conjunction with the Pilot Program.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016