Day: September 23, 2024

Categories
Blog

Argentieri Speech: 6 Key Takeaways for Compliance Programs

On Monday, Principal Deputy Assistant Attorney General Nicole M. Argentieri spoke at the Society of Corporate Compliance and Ethics 23rd Annual Compliance & Ethics Institute. ( A copy of her remarks can be found here.) She reiterated the long-stated policy that compliance professionals play a critical role in ensuring companies comply with the law and foster a culture of ethics and integrity. She noted that the Department of Justice (DOJ) has made it clear that companies are the first line of defense against corporate crime, and compliance officers are on the front lines of this defense. The 2024 update to the DOJ’s Evaluation of Corporate Compliance Programs (ECCP) and the introduction of new pilot programs in 2024 underscore the increasing importance of the roles of compliance professionals. This blog post will review the highlights from her speech, the key lessons from this 2024 update to the ECCP, and how they should shape our approach to compliance programs in our organizations.

Lesson 1: Embrace Continuous Improvement in Compliance Programs

The DOJ’s emphasis on continuous improvement in compliance programs is a call to action for all of us. The updated ECCP highlights the need for companies to regularly review and update their compliance programs to account for emerging risks, such as those posed by disruptive technologies like artificial intelligence (AI). As the pace of technological advancement is rapid, and with it come new risks. AI, for example, can be a double-edged sword—while it offers efficiency and insights, it can also be exploited for fraudulent purposes, such as generating false documentation or approvals. The DOJ now explicitly expects companies to assess and manage these risks, which means we must stay ahead of the curve in understanding and mitigating the potential pitfalls of new technologies.

Action Steps for the Compliance Professional:

  • Conduct regular risk assessments that include emerging technologies.
  • Implement controls that address the risks associated with AI and other disruptive technologies.
  • Ensure your compliance program evolves alongside technological advancements with continuous testing and monitoring.

Lesson 2: Foster a “Speak Up” Culture

The DOJ’s updates to the ECCP also emphasize encouraging a culture where employees feel comfortable reporting misconduct. The newly integrated questions into the ECCP regarding whistleblower protection reflect the DOJ’s serious stance on this issue. A “speak up” culture is foundational to a strong compliance program. Employees on the ground are often the first to spot potential issues, and creating an environment where they feel safe to report without fear of retaliation is crucial. The DOJ will scrutinize how well companies protect whistleblowers, so we must ensure our organizations have robust policies and training.

Action Steps for the Compliance Professional:

  • Review and strengthen whistleblower protection policies.
  • Regularly train employees on reporting misconduct and reassuring them about the protections in place.
  • Monitor the effectiveness of your whistleblower program and make necessary adjustments to enhance reporting mechanisms.

Lesson 3: Data Access is Key to Compliance Effectiveness

Another critical area highlighted in the DOJ’s ECCP updates is the importance of data access for compliance personnel. The DOJ will now evaluate whether compliance teams have adequate access to the necessary data to assess the effectiveness of their programs.

Over the past 18 months, the DOJ has made it clear that accessing and analyzing relevant data is crucial for identifying risks and monitoring compliance. If compliance teams are siloed or cut off from important data sources, it hampers their ability to do their jobs effectively, and the DOJ will take notice.

Action Steps for the Compliance Professional:

  • Ensure that compliance personnel have access to all relevant data sources.
  • Invest in the necessary technology and resources for effective data analysis and monitoring.
  • Work closely with IT and other departments to break down silos and facilitate seamless data access.

Lesson 4: Leverage Compensation to Drive Compliance

The DOJ’s Compensation Incentives and Clawbacks Pilot Program introduced a new dimension to compliance—aligning compensation with ethical behavior. This initiative requires companies to include compliance-related criteria in their compensation and bonus systems. While it is certainly not new to align compensation with compliance goals, it sends a powerful message to employees and management that ethical behavior is non-negotiable, and the new emphasis on consequences in the form of clawbacks and holdbacks must be considered. The DOJ views this leveraging of positive incentives and negative outcomes as a tangible link between individual performance and the company’s commitment to integrity.

Action Steps for the Compliance Professional:

  • Integrate compliance metrics into performance evaluations and compensation structures.
  • Regularly assess the effectiveness of these incentives and make adjustments as needed.
  • Make sure you have the contractual right to clawback incentive awards or holdback bonuses for executives who are culpable or have buried their collective heads in the sand while corruption surrounds them.

Lesson 5: The Importance of Cooperation and Remediation

The DOJ’s approach to corporate resolutions underscores the importance of timely and effective cooperation and remediation. Companies that act quickly to cooperate with the DOJ and take meaningful steps to remediate misconduct are rewarded with significant penalty reductions. How a company responds can significantly affect the outcome in the unfortunate event of misconduct. The DOJ’s recent resolutions show that companies that move swiftly and decisively to address issues are viewed more favorably.

Action Steps for the Compliance Professional:

  • Develop a clear protocol for responding to potential misconduct, including timely self-disclosure to the DOJ.
  • Ensure that your company is prepared to cooperate fully with any investigation.
  • Focus on meaningful remediation efforts that address the root causes of misconduct and prevent future occurrences.

Lesson 6: Whistleblower Programs as a Strategic Tool

Launching the DOJ’s Corporate Whistleblower Awards Pilot Program (CWA) is a significant development for compliance professionals. This program incentivizes internal reporting and substantially rewards companies that self-disclose misconduct. Given the number of reports the DOJ received in its first month (100), the CWA adds a new layer of urgency for companies to establish strong internal reporting mechanisms. Companies that encourage and protect whistleblowers can benefit from the CWA, while those that fail to do so may face harsher penalties.

Action Steps for the Compliance Professional:

  • Strengthen your internal reporting systems and ensure they are well-publicized within the company.
  • Make sure that your whistleblower policies are aligned with the DOJ’s expectations.
  • Actively monitor and protect whistleblowers, ensuring there is no retaliation against those who report misconduct.

Now is the Time to Act

The DOJ’s updated policies and programs signal that corporate compliance expectations are higher than ever. Compliance professionals must take these developments seriously and use them as a roadmap to strengthen our programs. Do not wait. Whether embracing new technologies, fostering a “speak up” culture, or aligning compensation with ethical behavior, now is the time to make the necessary investments in compliance.

Remember, when misconduct does occur, it’s better to be proactive and call the DOJ before they call you. By taking these lessons to heart and implementing them in our organizations, we can meet the DOJ’s expectations and contribute to building a culture of integrity and accountability that will serve our companies well in the long run.

Categories
All Things Investigations

All Things Investigations: Anchored in Fraud: Mike DeBernardis and Shayda Vance on Austal USA’s Scandal

Welcome to the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group’s podcast, All Things Investigation. In this podcast, host Tom Fox is joined by guests Mike DeBernardis and Shayda Vance to discuss the significant case involving Austal USA, a shipbuilding company facing charges of securities fraud and obstruction of a federal audit due to the misreporting of costs for U.S. Navy ships.

The episode delves into the actions taken by the DOJ and SEC and underscores the complexities involved when senior executives are implicated in fraud and the challenges companies face in maintaining compliance and cooperation with government investigations. The conversation highlights the importance of having a robust compliance program and the critical role of the board of directors in overseeing investigations. The guests also explore the specific ramifications for government contractors and defense contractors and the significant impact of U.S. jurisdiction on foreign companies listed on American Deposit Registries. Through the lens of the Austal case, the discussion provides vital insights and lessons for compliance professionals, corporate executives, and board members.

Key Highlights

  • Details of the Fraud and Legal Actions
  • Lessons Learned and Analysis
  • Government Contractors and Compliance Programs
  • Challenges in Replacing Senior Executives
  • Significance of ‘Not Presently Responsible’ in Government Contracting
  • Implications of Listing on the American Deposit Registry

Resources:

Hughes Hubbard & Reed website

Categories
Riskology

Riskology by Infortal™: Episode 33 – Corporate Intelligence: Myth Vs. Reality

Join hosts Christopher Mason and Dr. Ian Oxnevad as they discuss how companies can harness the power of intelligence to avoid crises and seek out new opportunities.

How can Companies Use Intelligence?

While intelligence is critical for crisis management, its benefits extend far beyond that.

Companies increasingly recognize the long-term advantages of integrating intelligence into their strategic planning. This involves not just avoiding immediate risks but also identifying long-term opportunities.

Business intelligence isn’t just about collecting data; it’s about leveraging the correct information to make informed decisions.

Breaking Down the Misconceptions

Many executives instantly think of spy movies or corporate espionage when they hear “intelligence.” This misconception can prevent companies from enjoying the benefits of a developed intelligence collection and analysis program.   

For example, a company might use intelligence to identify potential supply chain disruptions, allowing them to take corrective actions in advance. Similarly, understanding the political landscape can help businesses anticipate changes that might affect their operations or investments.

Trust but Verify Approach

The principle of “trust but verify” becomes paramount when making substantial strategic decisions. Business intelligence is the verifying mechanism, ensuring trust is well-placed and minimizing risks.

Deploying intelligence investigations and integrating insights into decision-making allows companies to navigate complex market conditions with greater confidence and security. This practice helps avoid immediate pitfalls to establish long-term, resilient business strategies.

Assess Your Risk Profile and Decision-making Processes

Before integrating intelligence functions, companies need to understand their risk profile and decision-making processes. This involves conducting a risk assessment of your firm to establish a baseline to improve on.

Then, you must examine your company’s decision-making processes to determine how best to integrate valuable intelligence into your operations. You can navigate risk more effectively by embedding intelligence functions within your operations, providing a competitive advantage.

Establishing Intelligence Capabilities

Integrating an intelligence function within an organization requires careful consideration. Here are some key steps to consider.

  1. Appointing a Senior Intelligence Officer:
    • Having a dedicated person at the executive level ensures that intelligence activities are coordinated efficiently.
    • This officer would review the collection and analysis of intelligence and ensure that insights are disseminated to relevant stakeholders.
  2. Establishing Clear Communication Channels:
    • Effective communication between the intelligence team and decision-makers is crucial.
    • Regular reports and briefings can help keep the executive board informed and ready to act on intelligence-based insights.
  3. Leveraging Cross-functional Collaboration:
    • Intelligence can enhance ongoing operations across functional departments, including compliance, marketing, and R&D, among others.
    • Intelligence initially considered for one purpose may provide valuable insights to other departments.

Importantly, an effective intelligence management plan ensures that insights are efficiently communicated to the executive team, legal counsel, and relevant department heads.

Importance for Small and Mid-sized Companies

Smaller companies can also gain a competitive advantage by leveraging targeted business intelligence.

While smaller firms may not have the same resources as larger corporations, they can partner with external service providers to gain added insights without taking on the overhead of hiring a full intelligence team.

Gathering critical intelligence before making vital strategic decisions can be the difference between exponential growth and failure.    

We hope you join us for another insightful episode of Riskology by Infortal.™

Resources:

Infortal Worldwide

Email

Chris Mason on LinkedIn

Dr. Ian Oxnevad on LinkedIn

Categories
Corruption, Crime and Compliance

Nicolas Garcia, GC at Orica, on Compliance Trends and Challenges in Latin America

How can companies build trust and drive growth in a region as politically and economically volatile as Latin America?

In this episode, Nicolas Garcia – Vice President, Legal, Regional and Compliance Manager for LATAM and Orica – joins Michael Volkov to discuss the complexities of navigating compliance and leadership in LATAM. The conversation highlights how regional dynamics, such as the crisis in Venezuela, influence business operations and how cultural shifts are changing the role of compliance officers. Nicolas provides valuable insights on the evolving compliance landscape, emphasizing the importance of trust, leadership, and a strong compliance culture in driving business success in challenging environments.

Listen in as Nicolas and Mike discuss:

  • The ongoing political and economic crisis in Venezuela has led to massive immigration into neighboring countries like Colombia, Chile, and Brazil, creating both economic challenges and opportunities in the region.
  • Guyana is experiencing rapid growth due to foreign investment, particularly in the oil and gas sectors, standing in stark contrast to Venezuela’s decline.
  • Nicholas emphasizes the shift from compliance officers being seen as enforcers to becoming strategic business partners. This transition helps companies not only meet regulatory requirements but also drive success.
  • Establishing a trust-based relationship between compliance officers and leadership is essential. When compliance is integrated into the business strategy, it becomes a tool for enabling growth rather than a barrier.
  • Trust in reporting systems is growing in Latin America, though fear of retaliation remains a concern. Anonymous reporting is on the rise, and substantiation rates are increasing as employees gain confidence in the system’s integrity.
  • Ensuring that investigations follow due process is critical to maintaining credibility in compliance programs. It also helps improve trust and the success rate in legal outcomes.

Resources:

Nicolas Garcia on LinkedIn

Nicolas Garcia on Email: Nicolas.Garcia@Orica.com

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Everything Old is New Again: The John Deere FCPA Enforcement Action

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today we review the basics of the John Deere enforcement action and why it is so instructive for compliance professionals.

 

Categories
Daily Compliance News

Daily Compliance News: September 23, 2024 – The That Old Time Religion Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • How Binance found that old time ‘compliance’ religion. (WSJ)
  • Is your supply chain weaponized? (WSJ)
  • Are Zombie Directors stalking US Boardrooms? (FT)
  • Michael Lomas extradited to South Africa. (BBC)

Categories
FCPA Compliance Report

FCPA Compliance Report: Jon May Critiques The DOJ Whistleblower Financial Incentive Program

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this edition of the FCPA Compliance Report, Tom Fox welcomes back the well-known white collar defense practitioner and contrarian, Jon May, as we take a deep dive into May’s concerns with the new DOJ Whistleblower Financial Incentive Program.

Jon May is a renowned legal expert known for assisting fellow attorneys in developing innovative solutions for complex cases. With extensive experience, May has authored papers critiquing the Department of Justice’s Corporate Whistleblower Program, arguing that it is fatally flawed due to the DOJ’s inherent hostility towards whistleblowers and lack of enforceable rights for them. He highlights significant practical issues within the program, such as the stringent requirement for complete cooperation and the misconception that whistleblowers are solely motivated by monetary rewards. By drawing attention to these critical flaws, May advocates for necessary reforms to make the program more effective and fairer.

Highlights in this Episode:

  • Flaws in DOJ’s Whistleblower Reward System
  • Unfair Reward System for Whistleblowers
  • Financial Hurdles in SEC Whistleblower Program
  • Risks and challenges of DOJ whistleblower cooperation
  • Whistleblower rewards in corporate enforcement policies

Resources:

Jon May

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
The Ethics Experts

Episode 183 – Julie Winkle Giulioni

In this episode of The Ethics Experts, Nick welcomes Julie Winkle Giulioni.

Throughout her career, Julie has championed workplace growth and development. She operates on the belief that everyone deserves the opportunity to reach their potential. And she works with organizations and leaders who want to make that happen. Julie is the co-author of the international bestsellers Help Them Grow or Watch Them Go: Career Conversations Organizations Need and Employees Want, translated into seven languages, and Promotions Are So Yesterday: Redefine Career Development. Help Employees Thrive.

Website: https://www.juliewinklegiulioni.com/

Categories
Blog

The John Deere’s FCPA Case: A Throwback to Compliance Fundamentals

In corporate compliance, some very basic compliance lessons are destined to be repeated. This was clear from the recently announced Securities and Exchange Commission (SEC) Foreign Corruption Practices Act enforcement action involving Deere (John Deere herein). The $9.9 million settlement between John Deere and the SEC involved FCPA violations at its Wirtgen Group subsidiary. It offers a stark reminder that even the most established companies can stumble over basic compliance principles. For those in the compliance community, this case highlights the importance of robust integration post-acquisition and serves as a throwback to classic FCPA pitfalls that should have been avoided.

The John Deere Case: A Synopsis

According to the SEC Press Release announcing the resolution, “From at least late 2017 through 2020, Wirtgen Thailand employees bribed Thai government officials with the Royal Thai Air Force, the Department of Highways, and the Department of Rural Roads to win multiple government contracts and also bribed employees of a private company to win sales to that company. The order finds that the bribes included cash payments, massage parlor visits, and international travel for government officials and private company employees. According to the SEC’s order, Wirtgen Thailand made approximately $4.3 million in profits” from these bribes. The improper payments were inaccurately recorded as legitimate expenses in Deere’s books and records.

The settlement resulted in John Deere paying $9.9 million in penalties and disgorgements. While the case details could easily be mistaken for a compliance nightmare from the early 2000s, it happened just last year, making it a timely cautionary tale for compliance professionals today.

The Importance of Post-Acquisition Integration

One of the most glaring issues in this case was John Deere’s failure to integrate Wirtgen’s operations into its compliance program swiftly. This lapse is a textbook example of the risks arising when companies fail to prioritize compliance during and after mergers and acquisitions. The SEC’s settlement order emphasized this point, making it clear that Deere’s delay in extending its compliance framework to Wirtgen created an environment where bribery and corruption could thrive unchecked.

This raises critical questions for compliance professionals: How quickly can we realistically integrate an acquired company into our compliance program? What resources are needed to ensure this integration happens efficiently? The answers to these questions are theoretical; they have real-world implications for preventing violations and avoiding costly enforcement actions.

The Role of Internal Controls and Red Flags

The SEC’s order also highlighted several internal control failures and red flags Deere’s compliance team should have caught regarding gifts, travel, and entertainment (GTE). Expense reports with round numbers, lack of detail in expense documentation, and including non-existent employees to justify expenses are all classic indicators of fraud and bribery. Yet, these obvious signs were missed—or worse, ignored. What makes all of this even more egregious is that the rules around gifts, travel, and entertainment for clients have long been known, since at least 2007 when the Department of Justice (DOJ) issued Opinion Releases 07-01 and 07-02, which detailed the DOJ’s expectations for GTE going forward.

This oversight suggests a deeper issue: a lack of robust internal audit and compliance mechanisms within Deere at the time. It is a stark reminder that strong internal controls are not just a regulatory requirement but essential tools for detecting and preventing unethical behavior. The lesson for compliance officers is to continually assess and strengthen these controls, ensuring they can identify red flags before they escalate into full-blown violations.

The Perennial Importance of Pre-Acquisition Due Diligence

Another critical aspect of this case is the apparent need for thorough pre-acquisition due diligence. The SEC’s order does not mention evidence of John Deere conducting such due diligence before acquiring Wirtgen, raising serious concerns about the company’s risk assessment process. In high-risk markets like Thailand, where corruption is pervasive, skipping or skimping due diligence can be costly.

Compliance professionals should take this as a reminder to prioritize comprehensive due diligence in any acquisition, especially when the target operates in regions of corruption risks. This includes reviewing the target’s compliance program and understanding its business practices, key relationships, and potential vulnerabilities. As Deere’s case demonstrates, failure to do so can expose a company to significant legal and financial liabilities.

Positive Steps and Root Cause Analysis

While the case against John Deere is filled with the company’s missteps, the company’s response post-settlement also offers some positive lessons. John Deere has enhanced its internal audit and compliance programs, including launching an in-house compliance podcast and a bi-monthly compliance newsletter. These initiatives reflect an effort to improve the company’s tone at the top and engage employees in ongoing compliance education.

Moreover, Deere’s commitment to conducting a root cause analysis is particularly noteworthy. We saw this set out by the DOJ in its enforcement action involving SAP earlier this year. Understanding the root causes of compliance failures is crucial for preventing future violations. In this case, the root cause seems to stem from a failure to integrate Wirtgen into John Deere’s compliance framework rather than from deficiencies in accounting or transparency. This distinction highlights the need for companies to identify compliance gaps and address the underlying issues that allow those gaps to exist in the first place.

For compliance professionals, the takeaway is clear: a robust root cause analysis is a vital component of any remediation effort. Whether conducted by the compliance team, internal audit, or an external party, this analysis should be thorough and inform subsequent risk assessments and program improvements.

Learning from the Past

In many ways, the John Deere case feels like a throwback to the early days of FCPA enforcement, when companies were still learning the ropes of anti-bribery compliance. The violations at Wirtgen Thailand are reminiscent of the kind of misconduct that the DOJ and SEC have warned against for over a decade, with the GTE issues mandated nearly 15 years ago. Yet, here we are in 2024, still grappling with the same basic issues.

The John Deere enforcement action serves as a sobering reminder that the fundamentals of compliance—strong internal controls, thorough due diligence, timely post-acquisition integration, and ongoing risk assessment—are as relevant today as they were 20 years ago. The challenge for compliance professionals is ensuring that these fundamentals are understood and deeply embedded in the company’s culture and operations.

Ultimately, the John Deere case is a call to action for the compliance community. It reminds us that even large, sophisticated companies can falter if they lose sight of the basics. It prompts us to revisit those basics in our organizations, ensuring that we are not just keeping up with the latest trends in compliance but also mastering the fundamentals that will protect our companies from tomorrow’s risks.