In this episode, Jay and I return for a wide-ranging discussion on some of the top compliance and ethics related stories, including:

  1. We discuss our highlights from the recently concluded SCCE 2017 Compliance and Ethics Institute. See Tom’s blogs, here, here, here and here. Click here for a report from Matt Kelly.
  2. Mike Volkov explores ISO 37001 in a week-long series? See the full week’s series on his site, Corruption Crime & Compliance. Henry Cutter reports on the standard’s slow acceptance in the WSJ Risk and Compliance Report.
  3. What is the status of your Board’s training for compliance? Ben DiPietro reports in the WSJ Risk and Compliance Report.
  4. Italian prosecutor charges Shell and former execs with overseas bribery. Dick Cassin reports in the FCPA Blog.
  5. Revenue recognition rules change in December. Auditors are under orders to ‘show no mercy’ to companies which have not prepared for the changeover. Tammy Whitehouse reports in Compliance Week.
  6. Continued chaos in the Trump Administration. Matt Kelly is back with addition ethical considerations from HHS Secretary Tom Price in Radical Compliance.
  7. Astros come home down 3-2 to the NY Yankees. Will they overcome?
  8. Join Tom’s monthly podcast series on One Month to a More Effective Compliance Program. In October, I consider compliance with business ventures such as in the M&A context, joint ventures, distributors, channel ops partners, teaming agreements and all other manner of business venture. The third week I continue to take a deep dive into JVs under the FCPA. This month’s sponsor is the Volkov Law Group. It is available on the FCPA Compliance Report, iTunes, Libsyn, YouTube and JDSupra.
  9. The Everything Compliance gang recorded a podcast at the 2017 Compliance and Ethics Institute, with special guest Roy Snell sitting in for Mike Volkov. The podcast will go up Thursday October 26th.
  10. Tom premiers an exciting new service offering the Doing Compliance Master Class.
  11. AMI SVP Eric Feldman is speaking in Houston on November 2, at 1:30. If you are in Houston, please plan to join us. For more information see the GHBER website for details and registration.
  12. Jay previews the Rosen Weekend Report.

The 2017 SCCE Compliance and Ethics Institute (CEI) is now in the books. Once again, the organization had record setting attendance with over 1,800 attendees from some 41 different countries. During the event, I had the chance to do an Everything Compliance podcast where we were lucky enough to have SCCE President Roy Snell join our group of top compliance commentators. Today I want to write about their observations on some of the highlights of the 2017 CEI.

For Roy Snell, myself and everyone who attended the Awards Banquet, the highlight was the acceptance speeches by Bojan Bajić and Višnja Marilović. Their story of how, in the still war-torn country of Bosnia, they worked to literally create a speak up whistleblower culture, legislation to protect whistleblowers, then moved forward to create an entire anti-corruption legislation for the country was one of the most inspirational moments I have experienced in my compliance career. In his acceptance speech Bajić showed himself to be naturally gregarious and hugely funny, even in his second language of English. The contrast with Marilović could not have been starker, as she recited all the trials and travails she went through as the whistleblower who helped bring down corruption. At the end of her acceptance speech there were SCCE members in the audience who were literally in tears from listening to her story. It was that powerful. Roy Snell has committed to finding a way to post the videos of their acceptance speeches to the SCCE website.

Jay Rosen thought the advanced discussions groups, of which he led a panel, were a highlight. He talked about the format which brings compliance professionals from many disparate industries and countries together to talk about best practices in a way that facilitates learning going forward. He contrasted the advanced discussion groups with more basic sessions for newbies or others who might have less experience in the compliance profession.

Rosen’s biggest insight was from the keynote speech by Marjorie Doyle. She told a great story on compliance and, apparently, he never realized that doing compliance is like taking care of cows on the ranch. Doyle even posted the ten lessons of compliance derived from ranching. Also, Doyle firmly believes in rewarding one’s self for a job well-done. She does so by purchasing jewelry for herself and while Rosen had thought it was all about shoes he indicated that he did note the overall pattern. He also found her keynote to have been “an incredibly passionate speech.”

Jonathan Armstrong brought an international perspective to his highlights. He noted that it is a huge advantage for a compliance practitioner from outside the US to be able to not only hear about cutting edge US best practices in compliance but also sitting down for in-depth dialogue with fellow compliance practitioners to foster more and greater learning. He also noted there was clearly a conscious effort to include the first-time participants or international attendees who might have felt uncomfortable in walking up to engage with another compliance practitioner. He provided an example from the Saturday volunteer event where first time attendees spent no longer than one minute alone as someone would come up to engage them. From an English perspective, he found the welcoming spirit quite a refreshing change and effective.

The thing that Armstrong identified as a key insight was what I might term the “360 degree” view of communications around compliance. It began with the insight that the language a compliance practitioner uses can often drive the perception of what compliance is in an organization. Put simply if the employees perceive you as the compliance police or Dr. No from the Land of No; they will treat you as such and not engage with you on anything close to a voluntary basis.

Matt Kelly has organized and participated in many conferences. He picked up on Armstrong’s theme that some of the best conversations he garnered the most learning through were informal discussions. He gave an example of a compliance practitioner he with whom he struck up a conversation during one of the break times in the vendor room. Kelly related that she is overhauling all the risk assessments her company does as they do a large number of them and they realized we were all asking the people the same things over and over. The company employees were becoming exasperated employees and she was looking at how to streamline it. He related this is a very typical problem for a lot of compliance officers and she could bounce some ideas off Kelly about how to simplify it. This was an example of what Kelly sees as one of the real strengths of the CEI, to bring compliance professionals together to share ideas in an informal setting. It drove home the power of the informal portion of the event and how it works with the formal agenda to facilitate growth for the compliance professional and the compliance profession.

Kelly bookended his thoughts with something that he gained more insight from in one of the formal sessions. It was around the issues of Artificial Intelligence (AI) and compliance. He noted that he has previously considered AI as simply “more of a tech thing”. However, in a session he garnered an appreciation of the US Sentencing Guidelines obligations that a compliance program is supposed to be designed so that people can be trained to learn from their mistakes and can improve the incentives for good conduct and provide punishment for bad conduct. If you simply have an algorithm which does not respond to either punishment or rewards you may need to rethink your approach.

For myself probably the biggest insight was from Donna Boehme, the Lion of Compliance. Even with her current travails Donna was present and participating in the conference. She told me she did so because she wants to support the next generation of up and coming compliance professionals. She views it as the responsibility of more senior compliance practitioners to participate and be present for the next generation who are learning the ropes. While I certainly know that lesson well, I found it good to be reminded of it by Donna.

I hope you will plan to join us at the SCCE 2018 CEI, which will be held once again at Caesar’s Palace in Las Vegas from October 14 to 19, 2018.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

The first full day of the SCCE 2017 Compliance and Ethics Institute (CEI) featured a talk by Eugene Soltes, an associate professor at Harvard Business School and author of “Why They Do It”. For this book Soltes spent over seven years interviewing some 50 prominent white-collar criminals to learn what made them tick, why they blew it all, and what, if anything, distinguishes them from us. He eventually got to know Ponzi schemers Bernard Madoff and Allen Stanford, former Tyco Chief Executive Officer (CEO) Dennis Kozlowski, Enron Chief Financial officer (CFO) Andy Fastow, ImClone CEO Samuel Waksal, McKinsey partner Anil Kumar, KPMG partner Scott London, and many others.

The book came from a rather innocuous source, the television show on MSNBC called Lockup – which he described as a cross between a reality and documentary show. The programs were about criminals, mostly violent offenders, but it got Soltes to wondering about nonviolent offenders, what made them do what they did to break the law and get convicted and why they did the acts which got them convicted. He wrote down the ten questions that came to mind and sent letters to several prominent white-collar criminals.

What I found most interesting was that many of the felons he interviewed could not accurately describe why they engaged in the conduct they did. Most of them were well to do, successful professionals who did not need the money. Why did they engage in the conduct? There was some rationalization along the lines of the fraud triangle’s three sides. But many seemed to point towards what fraud examiner Jonathan Marks says is really a Pentagon shaped fraud symbol where arrogance comes into play. Simply put the persons Soltes interviewed never thought they would get caught. Moreover, it never even entered their consciousness that they could be caught. Yet Soltes found they are largely like us.

In an interview in Fortune online by Roger Parloff, Soltes noted, “The main challenge that not just managers face, but that we all face as humans, is that we’re not hardwired to detect harm that we’re doing when the harm is distant. It’s not enough to know the difference between right and wrong. One should feel that one’s actions are harmful to avoid going forward. So take something like insider trading. You don’t see the victims. It’s impossible in many instances to identify who those victims are. So, it’s not surprising that if you engage in insider trading, there’s not going to be any internal alarm screaming out that you’re engaging in some extraordinarily heinous crime.”

Soltes went on to say, “There’s a trait associated with being a leader of any large firm. We have people who are CEOs and CFOs come regularly to Harvard Business School and there’s a lot of similarities. You don’t become head of large firm by luck. There are some characteristics of temperament that allow you to get there. Temperament, discipline, and self-control are crucial.I see momentary lapses of self-control and restraint as being one of the things that undermined the executives in my book. They showed discipline and self-control for decades. But we all have momentary lapses.”

For the compliance professional, the question is how does this impact a bestpractices compliance program? There is one school of thought that says 5% of your employee base can never be reached through training. Basically, they must be written off as you will never be able to communicate ethical values to them. If you accept this as true, the response is that another part of your compliance program must compensate for this deficiency. The way to make up for this is to have a more robust hiring program, focusing on the compliance and ethical background of your high-risk candidate, meaning those which could put your company at risk for compliance violations, stealing money through fraud or other conduct which might damage the reputation of your organization.

This is also where the process of compliance is so important. It means having internal controls in place to pick up and detect such conduct. It also means having oversight or a second set of eyes as process validation of your program going forward. It can also mean putting a process in place where the person who is about to engage in illegal conduct can be made to see how their actions going forward will have consequences. Soltes said that a compliance process can help them to be in a place that they not only need to be in but want to be. He pointed to the recent Nobel Prize award to behavioral economist Richard Thaler to illustrate the point that in many ways compliance and ethics programs are behavioral engineering, helping to nudge people to act as they see themselves; basically, as honest hard working individuals.

It was this final takeaway that I found so powerful. Your compliance program is not simply a set of rules and regulations but one that influences behavior. This insight explains why there should not be a compliance defense appended to anti-corruptions laws such as the Foreign Corrupt Practices Act (FCPA). For it is only in the operationalization of compliance that a program moves towards this type of influencing. Just as Thaler’s research informs the modern compliance program, Soltes work also demonstrates that is through the doing of compliance that a program can function on all levels.

 

 This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

I continue my look at the Beatles classic album, Sgt. Pepper’s Lonely Hearts Club Band. Today I want to consider the song For the Benefit of Mr. Kite. Jordan Runtagh, writing in a Rolling Stone article entitled “Beatles’ ‘Sgt. Pepper’ at 50: How an Old Circus Poster Led to ‘… Mr. Kite!‘”, noted that John Lennon found all his material for this song on an old circus poster in an antique shop. While filming a promotional video for Strawberry Fields Forever near Kent, England, in early 1967, Lennon saw a “framed Victorian circus advertisement, breathlessly hawking the “Grandest Night of the Season” – February 14th, 1843, a Tuesday – more than a century after the applause had died away. “Pablo Fanque’s Circus Royal, Town Meadows, Rochdale, and Positively the Last Night but Three!” the verbose headline trumpeted. “Being for the Benefit of Mr. Kite, (Late of Wells’s Circus) and Mr. J. Henderson, the Celebrated Somerset Thrower! Wire Dancer, Vaulter, Rider, Etc.””

Lennon bought the poster for about one-half shilling, or $0.50. Later during the Sgt. Pepper’s recording sessions the “poster provided a welcomed dose of inspiration. “I had all the words staring me in the face one day when I was looking for a song,” he told biographer Hunter Davies. Keeping the archaic syntax intact, he borrowed a title: “Being for the Benefit of Mr. Kite!”” The song became one of his most personal songs and one of his favorite works. He said in a 1980 Rolling Stone interview “The song is pure, like a painting, a pure watercolor.”

I thought about how Lennon was able to use this simple poster to create an enduring, if whimsical, song as I read about the burgeoning scandal involving Kobe Steel, Ltd (Kobe). The basics were laid out by Peter Wells and Emiko Terazono in a Financial Times (FT) article entitled “Kobe Steel scandal hits Boeing, Toyota and Nissan”. The Japanese company admitted it had falsified “inspection data on an estimated 20,000 tons of metals shipped to about 200 customers in the year to August 2017. The steelmaker had sold metal with strength that did not match the quality standard it had promised its clients for use in products ranging from cars to aircraft.” Unfortunately, it may get much worse and Kobe announced over the weekend that the fraud may extend back 10 years.

This has the distinct possibility of being a truly international scandal involving companies as disparate as Boeing, Nissan, Toyota, Mitsubishi Heavy, the rail group that operates the bullet train JR Tokai and Mitsubishi Regional Jet. All of these companies must “check the safety of their products after it emerged they had been supplied with falsely certified metal.”

This is yet one more dent in the quality component of the Made in Japan brand as the scandal follows on the heels of the “string of scandals highlighting wider concerns about inspection and quality control in Japan from wobbly building pilings at the construction arm of Asahi Kasei to overstated fuel economy at Mitsubishi Motors.” The FT article noted Yasuji Komiyama, the Director of Metal Industries at Japan’s Ministry of Economy, Trade and Industry, “said the scandal was “threatening fair and proper trading” by other companies. He called on the firm to do extra safety checks, investigate the root cause of the certification failure and put forward proposals to prevent problems.”

Unfortunately, the Kobe scandal is not an isolated example of a company fudging the books, not on its financial statements but in the area of quality control. Francine McKenna, writing in the online Wall Street Journal (WSJ) site MarketWatch, in a piece entitled “Kobe Steel joins rogues gallery of companies that have falsified data”, noted this was one example in a line drawn from Lumber Liquidators to Volkswagen (VW) to Tata Steel. McKenna noted the 20% drop in stock value for Kobe. She also reported that the company admitted the fraud was ““systematic.” The practices go back up to 10 years for some items, according to executive vice president Naoto Umehara who apologized for the fabrications at a news conference on Sunday. He said workers were “feeling pressure” to meet delivery goals the products, but that senior management had ordered or was aware of the conduct.”

Yoshifumi Uesaka, writing in the Nikkei Asian Review article entitled “Kobe Steel’s falsified data undermines trust in ‘Made in Japan‘”, also noted that “Dozens of employees, including senior managers, were involved in the misconduct. Furthermore, a review of the past 10 years revealed other incidents of falsification, suggesting a widespread organizational effort to mold the data to align with customer specifications.” This appears to have been a case of fraud up and down the organization.

The Kobe scandal points to another way to think about the fraud triangle. The fraud triangle is well-known to most compliance practitioners. It is pressure, opportunity and rationalization. When these three factors converge, there is danger of an ethical lapse which could lead to violation of law. Here you add on the role of senior management identified by Kobe Executive Vice President (EVP) Umehara and you can see an entire systemic failure in both compliance and ethical values.

When your stock in trade is quality, a company must not only do everything it can to protect it; it must not actively seek to damage it. The cost to Kobe may well end up far greater than the loss of market cap. It could take years to repair its reputation, which going forward may be the company that actively misled its customers. For companies which purchased Kobe products, the potential cost is equally high if there are structural failures.

While John Lennon created an entire story around one 19th century circus poster. The Japanese steel industry may learn the lesson the German auto industry learned from the VW scandal the entire national Made in Japan brand for quality may be at risk. That is certainly a high price to pay for creating a fiction.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

The top compliance roundtable podcast is back with a wealth of new topics.

  1. Matt Kelly opens with a discussion of the Equifax data breach and its implications for the compliance profession.

For Matt Kelly’s posts on the Equifax data breach and cybersecurity, see the following:

Vendor, Cybersecurity Risk, Ugh

Clayton, Congress Talk Cybersecurity

  1. Jonathan Armstrong considers the Uber situation in London where it recently lost it license to do business from the regulator Transportation for London (TfL). He discusses a prior case that he handled which had similar issues.
  2. Jay Rosen considers the massive FBI undercover operation resulting in 10 arrests in college basketball for corruption regarding high school recruits.
  3. Tom Fox sits in for Mike Volkov, who is on assignment this week. He discusses the top FCPA enforcement action of all-time, the recently announced Telia enforcement action.

For Tom Fox’s posts on the Telia enforcement action, see the following:

The Telia FCPA Resolution, Part I – Introduction

The Telia FCPA Enforcement Action: Part II – The Bribery Schemes

The Telia FCPA Enforcement Action: Part III – The Individuals

Telia FCPA Enforcement Action: Part IV – Getting Some Monies Back

Telia FCPA Enforcement Action: Part V-Lessons Learned

The gang is back with rants which follow the discussions.

The members of the Everything Compliance panel include:

  • Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
  • Mike Volkov – One of the top FCPA commentators and practitioners around and the Chief Executive Officer of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com.
  • Matt Kelly – Founder and CEO of Radical Compliance, is the former Editor of Compliance Week. Kelly can be reached at mkelly@radicalcompliance.com
  • Jonathan Armstrong – Rounding out the panel is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com