In this episode, Jay and I have a wide-ranging discussion on why good compliance and is good for business. We discuss:

  1. LRN Ethics and Compliance Program Effectiveness Report. Click here for Report.
  2. Ethisphere’s 2017 World’s Most Ethical Companies. Click here for Report.
  3. Why good compliance is good for business. See Tom’s blog post.
  4. Women in compliance: A key to organizational diversity. See article in the FCPA Blog.
  5. ECI Podcast: Engaging With Your Monitor: Best Practices from ECI’s Independent Monitor Benchmarking Group. To listen to the podcast, click here.
  6. Jay previews his weekend report.
  7. Tom previews a presentation he will give with Jenny O’Brien and Roy Snell at the SCCE European Ethics and Compliance Institute in AprilJay previews a presentation at the same event by Eric Feldman of Affiliated Monitors. For more information on the event, check it out by clicking here.

Jay Rosen new contact information:

Jay Rosen, CCEP

Vice President, Business Development

Monitoring Specialist

Affiliated Monitors, Inc.

Mobile (310) 729-6746

Toll Free (866)-201-0903

JRosen@affiliatedmonitors.com

I recently read an article in the MIT Sloan Management Review, entitled “How Blockchain Will Change Organizations, where authors Don Tapscott and Alex Tapscott speculate that the transformations which blockchain may facilitate in the corporate world could lead to some truly revolutionary modifications in key businesses processes. I see some great value propositions for the compliance function.

How could blockchain have such a dramatic impact on compliance? First is the explanation of what blockchain might mean as a tool in business process. The authors explained that in a business transaction, you cannot email money as you can a document so a company must “use intermediaries to establish trust and maintain integrity. Banks, governments, and in some cases big technology companies have the ability to confirm identities so that we can transfer assets; the intermediaries settle transactions and keep records. For the most part, intermediaries do an adequate job, with some notable exceptions. One concern is that they use servers that are vulnerable to crashes, fraud, and hacks.”

The authors then go on to ask, “What would happen if there were an internet of value where parties to a transaction could store and exchange value without the need for traditional intermediaries?” The answer is that blockchain provides a transparent method to verify and approve transactions that is encrypted. Not only would this lower transaction costs and perhaps even barriers to doing business but also allow greater expansion of business into new geographic areas, through the use of previously used external resources which were prohibitively expensive. Think of the possibilities in compliance for the supply chain and vertical integration.

There are several specific areas where the value from blockchain could enhance the operationalization of compliance into the fabric of a company. In Human Resources (HR) and Procurement “Blockchain will enable organizations requiring specialized talent and capabilities to obtain better information about potential contractors and partners than many traditional recruitment and procurement methods offer.” This means that with a potential third party business partner’s consent, a company will have access to a cache of information that is known to be correct because it has been uploaded, stored, and managed on a highly secure, distributable database. Such potential business partners would not be able to misrepresent their capabilities after such information has entered on the blockchain. The authors also note that “Tampering with data after the fact wouldn’t be possible: It would involve taking over the entire blockchain, a nearly impossible task.”

This is made even more powerful in the area of financial reporting. Typically, a search is “horizontal (across the web) and vertical (within particular websites). What you find can be out-of-date or inaccurate in other ways. On a blockchain, though, there’s a third dimension: sequence. In addition to being able to obtain a historical picture of the company since it was incorporated, you can see what has occurred in the last few minutes.” The authors correctly note, “The opportunity to search a company’s complete record of value will have profound implications for transparency as it brings to light off-book transactions and hidden accounts. People responsible for records and reports will be able to create filters that allow stakeholders to find what they are searching for at the press of a button. Companies will be able to create transaction ticker tapes and dashboards, some for internal use”. This would be extremely helpful in the difficult vetting of third parties around financial information.

In the sales realm, blockchain could be most helpful in understanding who you are doing business with and, more particularly, if the company is a state-owned enterprise. The same information you would consider about potential third parties sales agents would be available from customers. Obviously this would be critical in any Foreign Corrupt Practices Act (FCPA) analysis but it could also pay big results in anti-money laundering (AML) compliance. As the authors note, “sellers won’t have to incur the cost of establishing trust — thus they can facilitate transactions that would have been risky or might not have been possible otherwise.” Finally, there could be a data security plus as “blockchains will eliminate the cost of warehousing data and protecting other people’s data from security breaches.”

In the realm of the compliance discipline blockchain provides a potential game changer in the auditing of compliance terms and conditions which have become ubiquitous in third party contracts. As the authors explain, “Blockchains facilitate contracting in both the short and long term. Through smart contracts — software that, in effect, mimics the logic of contracts with guaranteed execution, enforcement, and payments — companies will be able to automate the terms of agreement. A contract can refer to data fields elsewhere on the blockchain”; for example, compliance training, annual certification, or another ongoing obligation, it can trigger alerts and ensure compliance.

The authors conclude that blockchain could help alleviate some of the more egregious scandals seen, beginning back with Enron and up through Volkswagen (VW) and Wells Fargo. They believe that blockchain could help to “codify ethics and integrity into the circuitry of the enterprise, or reduce the moral hazard that too often sees management gambling with shareholder capital? Through smart contracts under blockchain, shareholders will be able to enforce the commitments executives make. Companies can specify relationships and state specific outcomes and goals so that everyone understands what the respective parties have signed up to do and whether those things are actually getting done.”

This final points sounds to me quite a bit like operationalizing compliance. It will be interesting to see when the Department of Justice (DOJ) or Securities and Exchange Commission (SEC) will begin to comment on blockchain as a part of a best practices compliance program.

Announcing New Podcast Series. Today I begin a new podcast series on One Month to Operationalizing Your Compliance Program, sponsored by Oversight Systems, Inc. It is based on the DOJ Evaluation of Corporate Compliance Programs (Evaluation) and will provide to you one month of daily feeds on how you can meet the criteria laid out in the Evaluation. At the end of the month, you will have a solid base for moving forward to operationalize your corporate compliance program. I hope you will join me in this March series. The series is available on this site, www.fcpacompliancereport.com, iTunes, JDSupra and Libsyn.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

In this episode I visit with Morrison Forrester partner James Koukios on the firm’s December newsletter on the Top Ten International Anti-Corruption Developments for December 2016. James and I visit about some of the lesser known highlights from the month of December 2016 in the global enforcement of anti-corruption.

Show Notes:

  1. The SFO announces an investigation into the Swiss engineering giant ABB, Ltd. for allegations of corruption coming out of the Unaoil scandal. See article in the FCPA Blog.
  2. Former Magyar Telekom exec settles with SEC before trial. See article in FCPA Blog.
  3. Tom goes on an extended rant about the ISO 37001 certification process and why it is “worse the useless”. See Tom’s post on the topic on the FCPA Compliance and Ethics Blog.
  4. Jay Rosen’s discusses his new gig with Affiliated Monitors.
  5. Everything Compliance-Episode 7 is out. It is dedicated exclusively to the first two chaotic weeks of the Trump Administration.
  6. Jay Rosen Weekend Report preview.

For some additional reading see:

1.) Mike Volkov Article on Monitors

http://blog.volkovlaw.com/2017/02/yikes-perils-remediation-corporate-monitors/

2.) Jay Rosen Weekend Read

The “Real” FCPA, SCCE + Hello Goodbye

https://www.linkedin.com/pulse/real-fcpa-scce-hello-goodbye-jay-rosen-ccep

3.) Kristy Grant-Hart on The Top Five Myths about ISO-37001 Exposed

http://fcpablog.squarespace.com/blog/2017/2/14/the-top-five-myths-about-iso-37001-exposed.html

4.) Jay Rosen new contact info

Jay Rosen, CCEP

Vice President, Business Development

Monitoring Specialist

Affiliated Monitors, Inc.

Mobile (310) 729-6746

Toll Free (866)-201-0903

JRosen@affiliatedmonitors.com

Today we honor what was called by British Lord Nelson, “the most daring act of its age”; the capture and burning of the US frigate Philadelphia in Tripoli harbor. In October 1803, the ship had run aground near Tripoli and was captured. The Americans feared that the well-constructed warship would be both a formidable addition to the Tripolitan navy and an innovative model for building future Tripolitan frigates. Hoping to prevent the Barbary pirates from gaining this military advantage, President Thomas Jefferson sent Lieutenant Stephen Decatur to lead a daring expedition into Tripoli harbor to destroy the captured American vessel. The Americans recaptured the ship and then set it alight. Decatur and his men escaped without the loss of a single American. The Philadelphia subsequently exploded when its gunpowder reserve was lit by the spreading fire.

A most “daring act” seems to be a good way to introduce a multi-part look at the recent Foreign Corrupt Practices Act (FCPA) enforcement action involving the Chilean chemicals and mining company Sociedad Química y Minera de Chile (SQM), which agreed to pay a criminal penalty of $15.5 million and a civil penalty of $15 million for a total fine and penalty of $30.5 million. The company settled with the Department of Justice (DOJ) via a Criminal Information and Deferred Prosecution Agreement (DPA) and the Securities and Exchange Commission (SEC) via a Cease and Desist Order (Order).

There were a couple of unusual aspects to this matter which bear review and consideration by any Chief Compliance Officer (CCO) and compliance practitioner, particularly for those with companies headquartered or domiciled outside the United States. The first is that the case was rare for its criminal violations of the FCPA for the Accounting Provisions; both the Books and Records and Internal Controls provisions. The second was that the company’s illegal actions appeared to have no US nexus to the conduct involved and the jurisdictional hook was that the company’s shares trade on the New York Stock Exchange (NYSE) as American Depository Receipts (ADRs) and the company is required to file periodic reports with the SEC. There were however some excellent points for review by any compliance practitioner regarding the underlying conduct involved.

According to the DOJ Press Release, “SQM knowingly failed to implement internal controls sufficient to ensure that payments from a fund under the control of one of its officers and high-level executives were made for services received and in compliance with Chilean law. Between 2008 and 2015, SQM made donations to dozens of foundations controlled by or closely tied to Chilean politicians. During this period, for example, SQM funneled approximately $630,000 to foundations controlled by a Chilean official with influence over the government’s mining plans in Chile, a key segment of SQM’s business.” It went on to add, “SQM also admitted to falsifying its books and records to conceal payments to vendors associated with politicians, logging them as consulting and professional services SQM never received. For example, in 2009, SQM paid approximately $11,000 to the sister-in-law of a Chilean official, recording the payment in SQM’s books as a payment for services received, despite the fact that the official’s sister-in-law submitted the false invoice solely to disguise payment to a Chilean senatorial campaign.” The sum total was that “SQM admitted having paid nearly $15 million between 2008 and 2015 to vendors despite having no evidence any goods or services were actually received.”

Yet in none of the resolution documents was there discussion of specific bribes paid or obtaining or retaining business by SQM. Moreover, as noted above, none of the payments were routed through the US or the US banking system. Finally, although there were numerous emails cited in the resolution documents, there was no evidence presented that they were stored on a US server or even went through the US in cyberspace.

What does come through loud and clear from the Information is the discretionary fund used by the person designated as “SQM Executive” and identified as Mr. Patricio Contesse G. – former Chief Executive Officer (CEO) of SQM. When I say discretionary fund, it was apparently at his sole discretion. Simply put, according to the Information “SQM paid approximately US $14.75 million to PEPs [Politically Exposed Persons] and related parties without effective internal accounting controls, such as appropriate due diligence, documentation or oversight.”

Going more deeply into the results of the company’s internal investigation than was reported in the Information, the company made the following Form 6-K SEC disclosure in December 2015.

“(a) payments were identified that had been authorized by SQM’s former CEO, Mr. Patricio Contesse G., for which the Company did not find sufficient supporting documentation;

(b) no evidence was identified that demonstrates that payments were made in order to induce a public official to act or refrain from acting in order to assist SQM obtain economic benefits;

(c) regarding the cost center managed by SQM’s former CEO, Mr. Patricio Contesse G., it was concluded that the Company’s books did not accurately reflect transactions that have been questioned, notwithstanding the fact that, based on the amounts involved, these transactions were below the materiality threshold defined by the Company’s external auditors determined in comparison to SQM’s equity, revenues, expenses or earnings within the reported period; and(d) SQM’s internal controls were not sufficient to supervise the expenses made by the cost center managed by SQM’s former CEO and that the Company trusted Mr. P. Contesse G. to make a proper use of resources.”

This same disclosure also specifically noted that Mr. Contesse G. (the former CEO) and “Mr. Patricio Contesse F. – former director of SQM,” declined to be interviewed by company’s designated outside counsel performing the internal investigation.

Contesse G.’s involvement and fraud was more than simply using his unlimited discretion to facilitate shady payments. He was actively and intentionally involved in falsifying the company’s books and records. The Information stated, “From 2008 to 2013, at the end of each fiscal year, SQM’s books and records, including those that SQM Executive and others intentionally falsified to justify payments to vendors connected to PEPs, were used for the purpose of preparing SQM’s financial statements. In addition, during each of these years from 2008 to 2013, SQM Executive signed financial certifications as part of SQM’s securities filings that he knew to be false.”

Regarding the internal controls violations, the company’s auditors noted payments made to third parties which “had a ‘high-risk’ connection to PEPs.” These findings were even presented to the full company Board of Directors with the recommendation that adequate internal controls be put in place to prevent such conduct going forward. However, none were.

Also interesting was the lack of notation of how the company’s illegal actions came to attention of the US government. There was no company self-disclosure, no reported whistleblower, no reported referral from another law enforcement agency, domestic or foreign. It may well be there was some type of tip or even electronic information obtained by government regulators.

The actions of SQM senior management were certainly daring in the extreme, one might even say stupid, given their blatant disregard for US law. If companies want the benefits of US securities offerings and prestige, they need someone to counsel them on why they have to comply with US regulations, even in their actions exclusively outside the US. The matter also points to the need for a company’s Board of Directors to step up, ask the hard questions and then take action when management fails to fulfill its obligations to do business legally. Finally, the enforcement action makes clear the need for any company which crosses multiple borders to have a best practices compliance program in place as there will be at least one country which has an anti-bribery/anti-corruption compliance program.

In the next post we will consider how the company was able to receive a 25% discount off the minimum fine range through cooperation and remediation after the US government came knocking.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017