Categories
Greetings and Felicitations

Great Structures Week IV: The Gothic Cathedral and Compliance Incentives

Welcome to Greetings and Felicitations, a podcast where I explore topics that might not seem directly related to compliance but clearly influence our profession. In this special series, I consider many structural engineering concepts are apt descriptors for an anti-corruption compliance program. In this episode 4, I consider the Gothic Cathedral and incentives in your compliance program. Highlights include:

·      Why and how was the Gothic Cathedral such an engineering innovation?

·      What are the key principals for an incentive program?

·      How do incentives impact your compliance program?

·      What does the DOJ say about incentives?

·      What KPIs can you use to measure compliance incentives?

Resources

Understanding the World’s Greatest Structures: Science and Innovation from Antiquity to Modernity,” taught by Professor Stephen Ressler from The Teaching Company.

Categories
Life with GDPR

ICO Gets Serious About Subject Access Requests

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the recent action by the ICO against seven UK organizations that failed to respond to Subject Access Requests (SAR), which follows a trend across Europe of more enforcement action on SAR. Some of the highlights  include:

1.     What is a Subject Access Request (SAR)?

2.     Why are these companies in the ‘Naughty Corner.’

3.     How does this follow a trend across Europe of more enforcement action on SAR?

4.     What happens next?

5.     Who is the constituency for change in the SAR process in the UK?

6.     What are the lessons learned?

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Categories
Daily Compliance News

October 27, 2022 the Clawback Edition

In today’s edition of Daily Compliance News:

  • Nigeria loses reimbursement claim against Glencore. (FT)
  • 10 takeaways from the Crypto Story. (Bloomberg)
  • SEC adopts executive compensation clawback rules. (Reuters)
  • Glencore sued over bribery in Congo. (WSJ)
Categories
Blog

Lafarge Part 3: Final Thoughts

We conclude our exploration of one of the most public cases of corporate moral bankruptcy where Lafarge SA and its Syria unit Lafarge Cement Syria, or LCS, each pled guilty to a count of conspiring to provide material support to foreign terrorist organizations and will pay a total of $777.78 million.  According to the Plea Agreement, this amount consisted of a total criminal fine of approximately $91 million and forfeiture of $687 million. As previously noted, this is not a Foreign Corrupt Practices Act (FCPA) enforcement action, but an enforcement action based on USC §2339B for one count of conspiracy to provide material support to one or more foreign terrorist organizations. While this is not a FCPA enforcement action, the mechanisms by which Lafarge paid bribes or otherwise funded the terrorist organizations ISIS and ANF are instructive for the anti-corruption compliance professional. These strategies were laid out in the Statement of Facts and considered in Part 2 of this series.

The Costs of Corruption

One clear message from this matter is the cost of moral bankruptcy and corruption. As noted in the Statement of Facts, “From August 2013 through October 2014, Lafarge and LCS paid ISIS and ANF, through intermediaries, the equivalent of approximately $5.92 million.” For that amount of corruption, through the funding of terrorist and terrorism, Lafarge will pay a total fine of $777.78 million. About the only FCPA matter which comes close to this disparity in the amount of the bribe and penalty was the Avon FCPA enforcement action where bribes totaling $8 million led to led to a reported total penalty of $135 million. By the time of the resolution, Avon also had reported over $300 million in investigative costs.

At the times of the incidents in questions, 2012 to 2014, Lafarge had annual sales in the range of $2 billion plus and annual revenues in the range of $400 to $435 million. Very clearly the bribes paid by Lafarge were not material in the financial accounting sense. That may have been why no one seemed to be looking at the company. However, it drives home the point that a relatively small amount of corporate outgo can generate huge costs in the form of a $777.78 million fine. We have not begun to discuss the pre-resolution costs but in FCPA cases they are in the range of two to six times the final fine. Even if the pre-resolution costs were 1X the fine, that would still drive the all-in cost over $1.5 billion.

Monitoring Non-Standard Communications

One of the areas that bears consideration by the compliance professional is that of internal communications, as, “Many of the Lafarge and LCS executives involved in the scheme used personal email addresses, rather than their corporate email addresses, to carry out of the conspiracy.” In September, the Securities and Exchange Commission (SEC) announced “charges against 15 broker-dealers and one affiliated investment adviser for widespread and longstanding failures by the firms and their employees to maintain and preserve electronic communications. The firms admitted the facts set forth in their respective SEC orders, acknowledged that their conduct violated recordkeeping provisions of the federal securities laws, agreed to pay combined penalties of more than $1.1 billion, and have begun implementing improvements to their compliance policies and procedures to settle these matters.”

In a recent speech (Miller speech), Principal Associate Deputy Attorney General Marshall Miller said, after the announcement of the Monaco Doctrine, in a section entitled “Meeting the Compliance Challenges of Communications Technology”, “Now let me turn to an area that we recognize is a big challenge for all organizations — employees’ use of personal devices and third-party messaging platforms for work-related communications… particularly as to detecting their use for misconduct. However a company chooses to address their use for business communications, the end result must be the same: companies need to prevent circumvention of compliance protocols through off-system activity, preserve all key data and communications and have the capability to promptly produce that information for government investigations.”

Now consider that whopping fine and enforcement action in the context of the fraud of Lafarge executives. The Miller speech focused on both messaging apps and other forms of corporate communications. In the Lafarge matter, the communications were very basic, on company computers using non-company emails through channels like AOL or Gmail. The Lafarge executives were using these outside of standard communication channels to facilitate their crimes with ISIS and ANF. This part of the enforcement action has not received much scrutiny but is something every compliance professional needs to consider – are your employees (or execs) using non-company emails or other forms of communication tools outside of standard company communication methods? The compliance function needs to work with their corporate IT folks to make sure no executives or employees are using such channels for communications and to monitor them if they are.

Failures in M&A Due Diligence

The final area for consideration is that of Mergers and Acquisitions (M&A). The Statement of Facts noted, “LAFARGE and certain of its executives, in fact, failed to disclose LCS’s dealings with ISIS and ANF to Holcim throughout discussions of the transaction and after completion of the deal. LCS had ceased producing cement in Syria by the time the transaction with Holcim was completed, and in the approximately seven months between the completion of the acquisition and the emergence of public allegations regarding the misconduct in Syria, Holcim did not conduct post-acquisition due diligence about LCS’s operations in Syria.”

Not only did the Lafarge executives not disclose this corruption to Holcim, but they also actively discussed continuing the corruption payment so as not to derail the transaction. Moreover, Holcim apparently did not conduct due diligence into LCS or any of these matters. Perhaps the non-material nature of the payments was a factor. Whatever the excuse for this pre-acquisition due diligence failure, it cost Holcim dearly. Even if Holcim was not assessed the fine, they were the entity which bore the administrative and emotional costs of the investigation leading up to the resolution. Dan Chapman once told me that in an all-encompassing investigation, it could take up to 25% of senior executives time. Given the number of investigations across the globe on this matter, that figure might be lower. All of these factors bear witness to the extraordinary costs for the failure of an acquiring company to perform compliance due diligence prior to closing.

We are now at the end of this short blog series. The Lafarge case is perhaps the first corporate matter since the oil-for-food cases where complete corporate moral bankruptcy has played such a factor. We can only hope that it will be that long until we see the next such example.