Show Notes for Episode 31, week ending December 2, 2016-the Government Speaks edition

  1. Justice Department Assistant Attorney General Sally Yates remarks at 33rd annual ACI National FCPA Conference;
  2. Head of SEC Enforcement Andrew Ceresny remarks at 33rd annual ACI National FCPA Conference;
  3. Richard Bistrong interview of Barry Vitou on the future of the SFO, on the FCPA Blog;
  4. Release of new eBook on Trump and Compliance by the Everything Compliance podcast gang, published by Corporate Compliance Sights;
  5. Matt Ellis releases new book on The FCPA in Latin America;
  6. With help from US, Dutch enter the global fight against terrorism in a big way, see article by Geert Vermeulen, on the FCPA Blog;
  7. Bloomberg News is reporting a potential settlement by Brazilian & US authorities with Odebrecht for $2.5bn over corruption allegations unearthed in Operation Car Wash;
  8. Reflections on the First FCPA Mock Trial Institute;
  9. New DOJ site on Individual Accountability; and
  10. How ‘bout them 11-1 Cowboys and the impact of Gronk’s injury on the Patriots.

qtq80-0i5583When I was in the corporate world, I cannot begin to recall the number of times senior management had an overly optimistic forecast regarding some transaction; whether the transaction was the purchase of a smaller company, a joint venture (JV), teaming agreement or you name the business venture. Unfortunately, such unrealistic forecasting is not simply limited to business ventures as the UK learned in the run up to the Brexit vote and the US learned in the most recent presidential election. Tim Harford, writing in his Undercover economist column in the Financial Times (FT), said “the truth is once Trump secured the nomination, a Trump presidency was always a strong possibility. The betting markets seemed to recognize this, offering odds of three-to-one a week or so before the” election. Of course, three-to-one shots “happen all the time – or at least, about a quarter of the time.”

What I found interesting was three lessons Harford suggested from the wildly inaccurate polling before the US election. Drawing on research by Guy Mayraz from Oxford University’s Experimental Social Science center, the first lesson is the bias towards predicting what they hope will happen. If you want your business to increase, you have to believe your transaction/investment/deal will always make money. After all, have you have ever seen a business plan that was designed to lose money?

The second lesson derived from something called the Good Judgment project and almost sounds like someone channeled their inner Howard Sklar and his maxim of “Water is Wet”. It is that that “self-critical, open-minded forecasters do a better job than narrow-minded overconfident ones.” He goes on to further note that dwelling on our own fallibility is not something people do very well; whether it involves hanging out with our friends or on cable news. The result is that “Confident, eye-catching forecasts are the snack food of analysis”. Unfortunately, this is even more true in the business world.

Finally, forecasters must always remember that more than one outcome is possible. A strong possibility may be a possibility but it is not a certainty. Harford suggests that one way to overcome this bias is to develop alternative scenarios. My 12 O’Clock High podcast host Richard Lummis calls this the “devil’s advocate” role at the business planning table. Harford further formalizes this contra-concept by suggesting every scenario-planner create at least two contradictory alternatives to their rosier, positive scenario.

Harford’s ultimate point is that in any forecast there must be preparedness for contra-events. Elizabeth Holmes, founder of Theranos, famously said that if you have a Plan B as a back-up, you have already lost. I find that to be worse than not helpful in any setting, particularly the business setting. No matter what your forecasting or scenario planning model shows, prepare for other results. For any Board of Directors overseeing a compliance program or managing any type of risk, it all begins by asking questions.

Just as any compliance program begins with your risk assessment so should a Board begin at this point. However, the Board should start by reviewing what process is being used to identify risks, whether those risk be corruption in violation of such law as the Foreign Corrupt Practices Act (FCPA), violation of anti-trust law such as the Sherman Act or any other risk which might arise in a business segment, product line or geographic area. This risk analysis should be broader than simply a legal/compliance risk assessment and should be tied to other matters, such as business continuity planning, crisis response plans and even basic fraud which led to the sales incentive program which recently laid Wells Fargo low.

The key is that Boards of Directors need to use their expertise and ask the right questions. The problem is that many Board members do not know what questions to ask in this area. Some of the following are good areas to begin your inquiry.

  • What is the risk assessment process? When was the last time your risk assessment was performed? Was it enterprise wide or limited in scope?
  • How effective is your overall risk assessment process? Is it stale? Here you are focusing not so much on the recency of your risk assessment but have corporate circumstances changed so that the risks which were previously assessed?
  • Who is involved in the risk assessment process? Was it performed in-house? Did you bring in a regular service provider who may have created the processes which are now being assessed?
  • Does the risk assessment process take into account any new legal or compliance best practices developments? Technology development speeds along for every business. Even the Justice Department recognizes this in every Deferred Prosecution Agreement (DPA) it enters into for FCPA violations by requiring companies to take into account relevant developments in the field and evolving international and industry standards for best practices in compliance.
  • Are there any new operations that pose substantial compliance risks for the company? Where has your company moved geographically or product-wise? Have there been any significant acquisitions or other business developments which have changed thing for the company?
  • Is your company tracking enforcement trends? 2016 has been one of the most significant years in FCPA enforcement but anti-corruption enforcement is only one of the major risk developments which can be derived from reviewing the FCPA enforcement actions. The aforementioned Wells Fargo fraudulent accounts scandal and the ongoing Volkswagen (VW) emissions-testing scandal continue to resonate throughout the business world.
  • Equally important, are any competitors facing enforcement actions? This piece of information has long been a real source of information to Chief Compliance Officers (CCOs) as they have assessed and opened internal investigations based on enforcement actions involving competitors. In a speech at the recent ACI-FCPA Conference, Securities and Exchange Commission (SEC) Director, Division of Enforcement, Andrew Ceresney again said that hedge funds and private equity companies are and will continue to be under SEC scrutiny for FCPA violations around their hiring practices for family members of foreign government officials, as well as other violations of US securities laws. If you are on the Board of such an entity, you might want to ask some very pointed questions about now.
  • Has the company moved into any new markets which impose new or additional risks? This moves beyond the questions I suggested above to consider such things as supply chain and supplier risk. Even a name and shame law like the California Transparency in Supply Chain Act can cause reputational damage. Moreover, even if some types of enforcements lessen under a Trump administration, aggressive states’ Attorney Generals or other state regulators could well pick up the slack.
  • Has the company developed any new product or service lines which change the company’s risk profile? As there will always be some business development along these lines, what changes have increased risk for your business?

For a Board of Directors to be truly effective and informed it must know where the company stands not only at the present moment, but also known that the company has a strategic plan for the management of risk going forward. Arnold & Porter partner Stephen Martin suggests that such knowledge is encapsulated in a 1-3-5-year compliance game plan. I would add that this formulation should be expanded to encapsulate greater risk management. Yet a compliance program must be nimble enough to respond to new information or actions, such as mergers or acquisitions (M&A), divestitures or other external events. If something dramatically changes, you want to get your Board’s attention on the changes which may need to happen with your risk management program. This type of agility is best accomplished by obtaining buy-in from the Board through its understanding of the role of forecasting a compliance program going forward.

Harford ends his piece with this final lesson from the 2016 UK Brexit vote and US election, “uncertainties are not going away, so it’s not too late to learn.” For every Board of Director or CCO, you need to start a forecasting review now to be ready to respond if an incident arises so that it will not become a full legal violation. Better yet, such forecasting could lead you to prevent such conduct before it even arises and needs detection and remediation.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016

st-marks-basilicaI conclude my travel themed posts from Venice by considering the revelations seen in the renovations to St. Mark’s Basilica on St. Mark’s Square. On my previous trips to Venice, the front face of the church was covered in scaffolding for renovations which were under way. On this trip, the scaffolds were gone and the front face of the Basilica revealed glorious frescos across the top of the church, immediately under the eaves. They shimmered as the fleeting sunlight popped through the clouds from time-to-time to reveal gold inlays which literally shined in the wonderful, but all too brief, sunshine. It was truly awe-inspiring to see the church with the grime and soot cleaned away to show some of its true glory.

This week I am exploring the JP Morgan Chase (JPM)  and its subsidiary, JPMorgan Securities (Asia Pacific) Limited (JPM-APAC), (collectively ‘the company’) Foreign Corrupt Practices Act (FCPA) enforcement action which resulted in a Non-Prosecution Agreement (NPA) together with a penalty of $72MM from the Department of Justice (DOJ), a Cease and Desist Order (Order) from the Securities and Exchange Commission (SEC), consisting of profit disgorgement and interest of $135MM, and an agreement with the Federal Reserve Bank (Fed) for a Consent Cease and Desist Order (Fed Order) to put in place a best practices compliance program and pay a penalty of $61MM. The total fines and penalties paid by JPM for its violations of the FCPA was $268MM. Today I want to end this consideration with an exploration of what has been revealed and the lessons to be drawn for the Chief Compliance Officer (CCO) and compliance practitioner.

Pilot Program Cause and Effect

As I laid out in some detail yesterday, the FCPA Pilot Program is not only functioning but doing so clearly to the benefit of companies which comply with its requirements. Before the Pilot Program, the reasons such companies such as Hewlett-Packard (HP) and Parker Drilling received penalties below the low end of the minimum range of the US Sentencing
Guidelines was not clear from the resolution documents. That deficiency has been largely cleared up since the implementation of the Pilot Program. On top of the lower overall DOJ assessed penalty is the stunning result of a NPA achieved by JPM. While they admitted to the criminal conduct, as set out in the NPA, they skated on receiving even a Deferred Prosecution Agreement (DPA). Of course, this matter arose long before the Pilot Program came into existence which demonstrates the non-stratified approach of the DOJ in using the tools available to it, to reward companies which engage in such behavior. The Pilot Program is certainly changing the calculus for many companies and this enforcement action will be one more piece of tangible evidence the Pilot Program is working to create an incentive for greater compliance.

Hiring of Family Members of Foreign Official

One thing that this FCPA resolution decidedly does not stand for is the proposition that a company can never hire a family member of a foreign government official or employee of a state owned enterprise. Indeed, it was one JPM-APAC compliance officer (albeit a new one) in 2013 who stopped the entire Sons and Daughters program with the following reason for denying a family member a position at the company, writing, “I’m afraid from an anti bribery [sic] and corruption standpoint, we cannot create positions to accommodate client requests….”. This statement clearly shows that when an official refers a family member for hire, a red flag should go up. It also demonstrates why compliance should be involved in any FCPA high risk endeavor. If there is no position which the candidate can fill based upon their own qualifications at your company, that should be the end of the discussion, full stop (or mike drop for more dramatic effect).

Matthew C. Stephenson, in a blog post entitled “Does an FCPA Violation Require a Quid Pro Quo? Further Developments in the JP Morgan “Sons & Daughters” Case”, analyzed the question of whether there should be prosecutions under the FCPA for the hiring of family members of foreign government officials and employees of state owned enterprises. He wrote, “The three key considerations, to my mind, ought to be (1) the degree of connection between the job offer and a particular official decision, or set of decisions (as distinct from general goodwill and connections); (2) the degree to which the official indicated that he very much hoped the firm would hire the relative (even if there was not enough evidence of agreement to establish a quid pro quo); and (3) the degree to which the firm relaxed its ordinary standards to hire the official’s relative.”

I adapted this approach for Human Resources (HR) and the compliance practitioner with three questions to analyze re the hiring of a family member of foreign official or employee of a state owned enterprise. They can also be installed as internal controls. I would phrase the three questions in the following order and manner:

  1. Does the candidate meet your firm’s hiring criteria?
  2. Did the foreign official whose family member you are considering for hire demand or even suggest your company hire the candidate?
  3. Has the foreign official made or will make a decision that will benefit your company?

If the answer to the first question is No and the second two inquiries YES, you may well be in a high-risk area of violating the FCPA. You should investigate the matter quite thoroughly and carefully. Finally, whatever you do, Document, Document, and Document your investigation, both the findings and the conclusions.

As I mentioned they can be set up as internal controls. This is another example of how a company can operationalize compliance and burn it into the fabric and DNA of an organization. Further, it provides another level of oversight or “a second set of eyes” on the hiring process around hires that are high-risk under the FCPA or other anti-bribery/anti-corruption regime such as the UK Bribery Act.

More to Come?

There has now been three FCPA enforcement actions involving the hiring of family members of government officials or employees of state owned enterprises, Qualcomm Inc. and The Bank of New York Mellon, the reported JPM resolution amount will dwarf those settlements. But there may be others in the works as regulatory files indicate that other banks are under FCPA scrutiny, including Citigroup Inc., Credit Suisse Group AG, Deutsche Bank AG, Goldman Sachs Group Inc., HSBC Holdings PLC, Morgan Stanley and UBS Group AG. So watch this space.

A Happy Thanksgiving to All!

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016

death-in-veniceToday, I consider Commissario Guido Brunetti, the lead character in Donna Leon’s murder-mystery series set in Venice. My wife and I took a tour of Brunetti’s Venice with Dr. Toni Sepeda who leads the only Leon authorized tour of the local areas where these great stories take place. Dr. Sepeda is a good friend of the author and intersperses her walking tours with incidents from various stories and quotations which bring to life the soul of the Commissario and the allure of this most beautiful and unique city. I highly recommend both the Leon’s books and Dr. Sepeda’s tour.

I want to use a scene from the Brunetti adventure Death and Judgment where Brunetti investigates a case involving sex trafficking. He determines the identity of the bad guy (or more appropriately bad girl) when she loses her glasses, which find their way to him. He recognizes they are from Carroro eyewear. Signore Carroro keeps scrupulous records and is able to identify the owner and this puts the good Commissario on the road to solving the case.

 

This leads into my continued exploration of the JP Morgan Chase (JPM) and its subsidiary, JPMorgan Securities (Asia Pacific) Limited (JPM-APAC) resolution its Foreign Corrupt Practices Act (FCPA) matter last week. In doing so JPM, secured a Non-Prosecution Agreement (NPA) from the Department of Justice (DOJ) with a penalty of $72MM, agreed to a Cease and Desist Order (Order) from the Securities and Exchange Commission (SEC), with a penalty consisting of profit disgorgement and interest of $135MM, and reached an agreement with the Federal Reserve Bank (Fed) for a Consent Cease and Desist Order (Fed Order) to put in place a best practices compliance program and pay a penalty of $61MM.

Today I will consider the superior result achieved by JPM in its FCPA resolution. Not only did it receive a 25% discount off the bottom of the US Sentencing Guidelines fine range but it received a NPA and not even a Deferred Prosecution Agreement (DPA) and no outside monitor was required of the company going forward. While some of this result is due to having excellent defense counsel, a large part is due to the cooperation by JPM and the remediation engaged in by the company.

While the fines and penalties are higher in this matter than most cases resolved in 2016, the resolution follows the pattern laid out by the FCPA Pilot Program, announced by the DOJ back in April. To recap, a company can receive up to a 50% discount off the bottom end of lowest range under the US Sentencing Guidelines if it (1) self-discloses to the DOJ, (2) provides significant cooperation with the government, (3) extensively remediates the underlying issues which led to the violation and (4) disgorges all profits from its ill-gotten gains. The NPA, Order and Fed Order all lay out how the penalties under this matter follow this framework, even though the case arose far before the implementation of the Pilot Program.

First and foremost, under this Pilot Program framework, the company did not self-disclose the matter to the DOJ or SEC. It was not stated in the NPA or Order how the matter came to the attention of US authorities. However, once the government’s investigation began the NPA noted “the Company received full credit for its… cooperation with the Offices’ investigation, including conducting a thorough internal investigation, making regular factual presentations to the Offices, voluntarily making foreign-based employees available for interviews in the United States, producing documents to the Offices from foreign countries in ways that did not implicate foreign data privacy laws, and collecting, analyzing, and organizing voluminous evidence and information for the Offices.” By the end of the investigation, the company had provided “all relevant facts known to it, including information about the individuals involved” to government authorities. These actions met Prong II of the FCPA Pilot Program.

One can only say that the company engaged in extensive remediation during the pendency of the investigation. According to the NPA the company took the following steps:

  • ended the employment relations with five employees who participated in the misconduct;
  • fired another employee “who failed to identify issues with referral hiring and failed to take appropriate steps to mitigate risks”;
  • disciplined an additional 23 “employees who failed to detect the misconduct, failed to supervise effectively those who were engaged in the misconduct, failed to take appropriate steps to mitigate corruption and compliance risks, and/or who were lower-level employees engaged in the misconduct at the direction of supervisors”;
  • “imposed more than $18.3 million in financial sanctions on former or current employees”;
  • conducted individualized training for remaining employees;
  • adopted “heightened controls related to their hiring programs, including standardizing hiring programs and requiring that every application for a hire be routed through a centralized human resources application process”;
  • more than doubled company resources devoted to compliance, particularly in the Asia-Pacific region; and
  • requiring improved FCPA training;

The SEC Order specifies additional remedial conduct engaged in by the company more geared towards internal controls, specifically around HR and the role of compliance in high risk hires. These remediation actions included:

  • Enhancing its anticorruption compliance program and hiring practices on a global basis,

making changes to its Anti-Corruption Policy to further address the hiring of government

officials’ relatives;

  • Requiring that every hire with the company, including Referral Hires, be routed through a centralized human resources application process;
  • Establishing a control function role for human resources with respect to hiring;
  • Requiring that company’s anticorruption office reviews and approves each hire of a candidate referred by a client, potential client, or government official; and
  • Instituting procedures and practices for the monitoring and auditing of referral hiring.

Although not a part of the DOJ or SEC resolution, but certainly in concert with those two settlements, the Fed Order also had some interesting points about the company’s conduct going forward which certainly contributed to the favorable result achieved by JPM. There would be senior management oversight which would “ensure that senior management periodically reassesses risks associated with the Firm’s Referral Hiring Practices to proactively identify practices vulnerable to legal and reputational risks”; and ensure senior management’s effective oversight of Firm’s Referral Hiring Practices.

There would be a compliance management risk program which would create and implement “written policies and procedures governing the appropriate evaluation of, and processes for, vetting referred candidates consistent with the Firm’s anti-bribery policies and procedures” tying FCPA compliance to Human Resources (HR). Within the HR function itself, there would written policies and procedures designed to ensure compliance with applicable anti-bribery laws and policies within all business lines; and training “regarding appropriate hiring practices and compliance with applicable anti-bribery laws and policies.”

Internal audit was also assigned an enhanced role going forward. It was designated to conduct audits on a regular basis, business of line controls and compliance detection and monitoring processes, “designed to identify and prevent potential misconduct in connection with the Firm’s Referral Hiring Practices”. Moreover, such audits are to be conducted by “qualified parties who are independent of the Firm’s business lines and compliance functions”. There are to be “enhanced escalation procedures for the timely resolution of material audit exceptions and recommendations in connection with the Firm’s Referral Hiring Practices”. Finally, and sounding right out of the COSO 2013 Framework for internal controls, there is to be a “periodic review of risk assessments to ensure emerging risks associated with the Firm’s Referral Hiring Practices”.

Tomorrow I will review the lessons learned from the JPM enforcement action.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016

venice-foggyWelcome to my annual Venice travel edition. This week I will have a series of Venice themed posts all centered around a deep dive in to the JP Morgan Chase FCPA enforcement action. We arrived this weekend to find Venice shrouded in a deep fog, which seem an appropriate visual representation of this enforcement action. Once again we have a Chinese business unit of a major US entity which engages in conduct, with clear intent to hide its actions from corporate parent. And, once again, we see a corporate parent who is reluctant to look very closely at a business unit in a high-risk jurisdiction, engaging in conduct identified by the corporate parent as high risk, which somehow cannot seem to see the illegal conduct for at least seven years.

JP Morgan Chase (JPM)  and its subsidiary, JPMorgan Securities (Asia Pacific) Limited (JPM-APAC) resolved its Foreign Corrupt Practices Act (FCPA) matter last week, obtaining a Non-Prosecution Agreement (NPA) from the Department of Justice (DOJ) with a penalty of $72MM, agreeing to a Cease and Desist Order (Order) from the Securities and Exchange Commission (SEC), with a penalty consisting of profit disgorgement and interest of $135MM, and reaching an agreement with the Federal Reserve Bank (Fed) for a Consent Cease and Desist Order (Fed Order) to put in place a best practices compliance program and pay a penalty of $61MM. The total fines and penalties paid by JPM for its violation of the FCPA was $268 MM. This week I will review the underlying facts of the enforcement action, consider the penalties, the egregious conduct and attempts to hide their actions and discuss the multiple lessons to be garnered for the compliance professional.

The conduct involved JPM-APAC’s Client Referral Program, named the “Sons & Daughters Program” (Sons and Daughters), which targeted children of high Chinese government officials and employees of state owned enterprises, together with other close family members and even close friends and associates of these officials and employees for hiring in a blatant attempt to win business. It was designed, created and implemented by the top management of JPM-APAC, which went so far as to keep a tally of those persons hired by JPM-APAC and JPM to specific business development. As noted in the NPA, “certain senior executives and employees of (JPM-APAC) conspired to engage in quid pro quo agreements with Chinese officials to obtain investment-banking business, planned and executed a program to provide specific personal benefits to senior Chinese officials in the position to award or influence the award of banking mandates, and repeatedly falsified or caused to be falsified internal compliance documents in place to prevent the specific conduct at issue”. The language quid pro quo is replete throughout the settlement documents because that is the specific language used by JPM-APAC personnel when discussing Sons and Daughters.

These actions led to over $100MM in profit to JPM. While JPM was certainly aware that many of these hires did not meet the companies stringent hiring requirements, there never seemed to be oversight of JPM-APAC over this illegal program or even investigation into the clear red flags presented throughout the conduct at issue. What is more JPM knew the high-risk in hiring family members of government officials as far back as 2001 and indeed, had a written policy prohibiting such conduct. However, in 2006, this program morphed into a targeted program “directly attributable linkage to business opportunity”, and lasted until 2013.

According to the Order, “Over this seven-year period, JPMorgan hired approximately 200 interns and full-time employees at the request of its APAC clients, prospective clients, and foreign government officials. This included nearly 100 candidates referred by foreign government officials at more than twenty different Chinese SOEs. A number of the referral hires resulted in business for JPMorgan APAC…. JPMorgan also hired referrals from more than 10 different government agencies.” Sons and Daughters involved several different hiring programs at JPM, including new hires out of university, summer interns and lateral hires.

As noted above JPM-APAC tracked the metrics of Sons and Daughters, the “employee, whose responsibilities included supervising employees hired under the Client Referral Program, created and then updated a spreadsheet that tracked hires to specific clients, while also tracking revenue attributable to those hires. The spreadsheet included columns for each hire, the referring client, the relationship of the candidate, and the amount of revenue generated attributable to the hire in U.S. dollars. One of the purposes of the spreadsheet was to track deals that resulted from the hires and measure revenue associated with Client Referral Program hires.” So the corruption scheme and the benefits obtained therefrom were fully documented.

Initially, Son and Daughters had five requirements to be considered for hire at JPM-APAC. As set out in the NPA, they were “(1) whether the applicant was qualified for the position; (2) whether the applicant had gone through the normal interviewing process; (3) whether the referring client/potential client was government-related; (4) whether the firm was actively pitching for any business from the client/potential client; and (5) whether there was an “expected benefit to JPMorgan” for hiring the referred candidate.” Written documentation was prepared and submitted to at least JPM-APAC Human Resources (HR) and compliance functions which disguised the true nature of these hires.

Worse, it appears that both the HR and compliance functions were complicit in the scheme because on at least one instance where the JPM-APAC business unit sponsor noted on the form “[t]he hiring of this candidate will place JPMorgan in a more favorable position for securing future

business from the client.” This somehow morphed into the next iteration, which read, “The candidate will be trained by JPMorgan for couple of years and then go to local bank. Thus, will bring more business.” However, JPM-APAC compliance and HR functions “instructed the JPMorgan-APAC employee to remove the offending language, writing, “[h]iring of the candidate should not be for the purposes of securing future business of the firm. Please remove.” Further damning to the JPM-APAC compliance and HR functions was that of the more than 200 candidates hired through the Sons and Daughters program, none were rejected by either HR or compliance.

In 2009 JPM-APAC even went so far as to refine the Sons and Daughters program. Moreover, after approval by the head of investment banking for APAC, JPM-APAC implemented the revised Client Referral Program. According to the Order, it required each potential hire under the program to have “Clear accountability for deal conversion and accountability for abuse of the program.” The Order went on to note that the “revised program was managed by the JRM business support team with input from senior JPMorgan APAC investment bankers. Certain senior bankers were given a “quota” of Referral Hires that could be made each year. Subsequent JRM reports from 2009 through 2012 contained the same language regarding the “revised” referral hiring program with the selection criteria of a “[d]irectly attributable linkage to business opportunity.” These presentations were discussed with the head of investment banking for JPMorgan APAC and other JPMorgan APAC senior executives.”

In addition to the tying of business to the hirings under the Sons and Daughters program, there was the additional problem that these hires did not meet JPM’s basic hiring and retention standards. According to the Order, one JPM-APAC representative described those hired under the program “as a protected species requiring [senior management] input. His reporting line to you is accountable but like national service.” Both the Order and NPA were replete with document evidence that the hires under Sons and Daughters did not meet minimum hiring standards and they often failed to meet minimum standards for retention at the company. Below is a Box Score summary from the NPA of some of the candidates which clearly did not meet JPM hiring standards, yet who were hired and where such hires under the Sons and Daughters program brought benefits to JPM.

Foreign Official or SOE employee Reasons for hire Candidate deficiencies Deficiencies as JPM employee Benefit tied to hire
Client 1 Maintain good relationship with client $4.82MM profit
Client 2 Quid pro quo for business JPM-APAC lead underwriter on IPO
Client 3 Not very impressive, poor GPA Attitude issue. He doesn’t seem to care about work. Don’t need to have an intern doing nothing JPM-APAC lead underwriter on IPO
Client 4 Promised IPO work Not qualified for job at JPM. Tech and quantitative skills ‘light’ Communication skills and interest in work lagged his peers JPM-APAC lead underwriter on IPO. $23.4MM profit
Government Official 1 Father would go the extra mile to help JPM Worst business analyst candidate ever seen Immature, irresponsible and unreliable. Sent out sexually inappropriate emails JPM-APAC lead underwriter on IPO
Government Official 2 Hire would ‘significantly’ influence role of JPM-APAC Unlikely to meet hiring standard New York not comfortable with his work. Recommends he follow a different career path JPM-APAC lead underwriter on IPO

Probably the most amazing thing about this case is the superior result achieved by JPM in its resolution. Not only did it gain a 25% discount off the bottom of the US Sentencing Guidelines fine range but it received a NPA and not even a Deferred Prosecution Agreement (DPA) and no outside monitor was required of the company going forward. While some of this result is due to having excellent defense counsel, a large part is due to the cooperation by JPM and the remediation engaged in by the company. Tomorrow Commissario Guido Brunetti will inform our discussion of how the company’s actions led to this outstanding result.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016