Categories
Blog

Supply Chain and ESG – What You Need to Know: Responsible Minerals, Supply Chain and ESG

I recently had the opportunity to visit with several folks from Assent Inc. for a sponsored podcast series entitled Supply Chain and ESG – What You Need to Know. We discussed: ESG drivers with Jared Connors and James Calder; UFLPA, Supply Chain and ESG with Travis Miller and Jamie Wallisch; the New World of Product Compliance and ESG, with Cally Edgren and Devin O’Herron; Emissions Reporting Strategies with Devin O’Herron and Jared Connors; and Responsible Minerals, Supply Chain and ESG, with Jared Connors and Daniel Zamora. Today, in our final post, we consider responsible minerals, supply chains and ESG.

We began with a review of the evolution on responsible mineral sourcing. It started with conflict minerals, which has been around for 10 years or so. This led to a rather dramatic shift in the worldwide corporate mindset and companies and stakeholders determined that there needed to be more engagement all levels within the supply change. Zamora pointed to the example of due diligence. “It began as a data collection exercise where you get transparency into your supply chain, but now it’s all about, what can you do  with that information after you collect data? What you see from the expectations of stakeholders is performing risk management, right to diligence activities within your supply chain.” This means going beyond regulatory requirements, it means risk management activities related to identifying sanctions within your supply chain.

One of the key themes of this series has been how a comprehensive ESG program can bring a much more integrated, holistic approach to not simply regulatory compliance but also in overall business operations. That also presents the opportunity to use an ESG approach to move from simply a reactive to proactive program. With Zamora, we look at steps a company can take to facilitate this change.

Zamora said, the “first step is you need to collect data efficiently. Once you do that officially, it allows your organization to have the resources in place to focus at how to perform risk management from within your supply chain. Number two, you need to have a specific program in place that would allow you to see and identify the risks so you can see where minerals are coming from and where the minerals are going afterwards. This allows you to identify those risks ahead of time, having risk assess verifiable sources out there that will allow determine who the bad actors are before then engage in bad behaviors.”

All of this allows a company to make better business decisions in terms of risk management. Zamora said, “it gives them time. It gives them a lot of power to take corrective actions, according to those risks. It could be communicating that those risks within their own supply chain. It could be passing that information along to their legal team. Once you have that ability to see these risks live as if an organization is being proactive about it instead of being reactive and waiting for those risks to show up in your supply change; a company will have a lot of power to have corrective action in order to mitigate those risks.”

We concluded with a discussion of the stakeholders who might be concerned with responsible minerals and how a corporation can use an overall ESG program to engage with them. This can include the shareholders, it could include customers, it could include employees, it could include third parties your organization does business with, and it could include the locales where a company does business or operates. Zamora said, “conversations have definitely changed,”. Now it has expanded to “even metal associations.” These conversations are also at “multiple levels within the supply chain. It is no longer the downstream companies and the shareholders right now, you see expectations at the mid-tier suppliers, you see these conversations at the smelters and at the upstream level.” All these levels are getting engaged in discussions and conversations around the ESG requirements.

To listen to the podcast this blog post is based upon, click here.

The UFLPA is a law which targets goods made, whole or in part, by forced labor in the China Jing Jang region or made by forced labor in other parts of China by Uighurs, or other minorities. Wallisch explained that it is designed to operate as a de facto trade ban on goods from the Jing Jang region of China. US businesses will face the high burden needed to overcome an expectation of forced labor presumption. Wallisch believes this is the most “significant law placed around the issue of forced labor, and it has the most tangible and concrete terms of repercussions, that companies can potentially face.” Further, she believes the key will be around your documentation to provide to US Customs and Border Protection. Miller noted that this means if you are “asking companies to look back into where the actual sand came from, that got turned into the silica, that got turned into the semiconductor, that got turned into the circuit board, that got turned into the device that finds its way into your laptop. There’s just never been anything like it.”

Interestingly, this ties directly into a company’s overall ESG framework as it is combining all elements in such a program. When you tie the UFLPA, together with anti-corruption laws such as the Foreign Corrupt Practices Act (FCPA), export controls laws and regulations enacted by both the Trump and Biden Administrations and anti-money laundering (AML) laws, such as the AML Law of 2020, you begin to see a more integrated approach by the government and how companies must respond with an integrated approach such as a corporate ESG program. Wallisch concluded, “it’s really signaling the intersectionality of all these particular topics under ESG.”

Miller noted, interestingly, about how much this law and its guidance weave together existing business processes. He believes the UFLPA was “birthed out of the America Supply Chain Executive Order in the US/China trade war, which was focused on semiconductors, critical, raw materials elements that are the subject of the extractives. To comply with it, you could not actually start unless you already had a product compliance program in place. This means that if you do not know the bill of materials, if you do not have an approved vendor list, if you do not know where your components are being manufactured; how do you even begin the ESG program? So really in my opinion, the UFLPA is not novel in that it created something new; it is  novel in that it is forcing companies to use all the existing business processes to tie back the breadcrumbs and figure out things that they should already know and then to be responsible for reporting on them.”

Miller believes that even with the UFLPA and other regulatory initiatives, the real driver here is business and business operations. He believes it will require organizations to recognize that their organizational footprint, for each business extends beyond the four corners of the organization. This will come into play for financing whether through private equity investment, public market offerings, bank loans or other mechanisms. It has not extended down into individual responses to requests for quotes in the business world.

Equally importantly, he said, “it’s also about who you chose to do business with, who you chose to profit from, and it’s not enough that you can just say, well, I outsource the bad stuff; slaves being used in my supply chain and bribery occurring in the same place. That is no longer a sufficient answer. It’s this assessment, it’s this realization that you are the sum of your components. You are the sum of your relationships. The business is not an island. It’s everything being pulled together and your entire impact on the globe, on the people on the world, on the business processes that derives your profitability now must be considered. And that’s quite revolutionary. If you think about it.”

Join us in Part 3, where we consider the new world of product compliance and ESG.

To listen to the podcast this blog post is based upon, click here.

Categories
Blog

Supply Chain and ESG-What You Need to Know: UFLPA, Supply Chains and ESG

I recently had the opportunity to visit with several folks from Assent Inc. for a sponsored podcast series entitled Supply Chain and ESG – What You Need to Know. We discussed: ESG drivers with Jared Connors and James Calder; UFLPA, Supply Chain and ESG with Travis Miller and Jamie Wallisch; the New World of Product Compliance and ESG, with Cally Edgren and Devin O’Herron; Emissions Reporting Strategies with Devin O’Herron and Jared Connors; and Responsible Minerals, Supply Chain and ESG, with Jared Connors and Daniel Zamora. Today we review the intersection of the Uyghur Forced Labor Prevention Act (UFLPA), Supply Chains and ESG.

The UFLPA is a law which targets goods made, whole or in part, by forced labor in the China Jing Jang region or made by forced labor in other parts of China by Uighurs, or other minorities. Wallisch explained that it is designed to operate as a de facto trade ban on goods from the Jing Jang region of China. US businesses will face the high burden needed to overcome an expectation of forced labor presumption. Wallisch believes this is the most “significant law placed around the issue of forced labor, and it has the most tangible and concrete terms of repercussions, that companies can potentially face.” Further, she believes the key will be around your documentation to provide to US Customs and Border Protection. Miller noted that this means if you are “asking companies to look back into where the actual sand came from, that got turned into the silica, that got turned into the semiconductor, that got turned into the circuit board, that got turned into the device that finds its way into your laptop. There’s just never been anything like it.”

Interestingly, this ties directly into a company’s overall ESG framework as it is combining all elements in such a program. When you tie the UFLPA, together with anti-corruption laws such as the Foreign Corrupt Practices Act (FCPA), export controls laws and regulations enacted by both the Trump and Biden Administrations and anti-money laundering (AML) laws, such as the AML Law of 2020, you begin to see a more integrated approach by the government and how companies must respond with an integrated approach such as a corporate ESG program. Wallisch concluded, “it’s really signaling the intersectionality of all these particular topics under ESG.”

Miller noted, interestingly, about how much this law and its guidance weave together existing business processes. He believes the UFLPA was “birthed out of the America Supply Chain Executive Order in the US/China trade war, which was focused on semiconductors, critical, raw materials elements that are the subject of the extractives. To comply with it, you could not actually start unless you already had a product compliance program in place. This means that if you do not know the bill of materials, if you do not have an approved vendor list, if you do not know where your components are being manufactured; how do you even begin the ESG program? So really in my opinion, the UFLPA is not novel in that it created something new; it is  novel in that it is forcing companies to use all the existing business processes to tie back the breadcrumbs and figure out things that they should already know and then to be responsible for reporting on them.”

Miller believes that even with the UFLPA and other regulatory initiatives, the real driver here is business and business operations. He believes it will require organizations to recognize that their organizational footprint, for each business extends beyond the four corners of the organization. This will come into play for financing whether through private equity investment, public market offerings, bank loans or other mechanisms. It has not extended down into individual responses to requests for quotes in the business world.

Equally importantly, he said, “it’s also about who you chose to do business with, who you chose to profit from, and it’s not enough that you can just say, well, I outsource the bad stuff; slaves being used in my supply chain and bribery occurring in the same place. That is no longer a sufficient answer. It’s this assessment, it’s this realization that you are the sum of your components. You are the sum of your relationships. The business is not an island. It’s everything being pulled together and your entire impact on the globe, on the people on the world, on the business processes that derives your profitability now must be considered. And that’s quite revolutionary. If you think about it.”

Join us in Part 3, where we consider the new world of product compliance and ESG.

To listen to the podcast this blog post is based upon, click here.

Categories
The ESG Report

Supply Chain and ESG – ESG Drivers with James Calder and Jared Connors

 

James Calder and Jared Connors of Assent are today’s guests on this premier episode of the 5-part series, Supply Chain and ESG – What You Need to Know. In this brief conversation, they chat with Tom Fox about how ESG impacts a company’s performance presently and in the future.

 

 

Before the pandemic, many companies were very dependent on global supply chains. Post-pandemic, however, companies need to focus on environmental resilience. This means that they need to be careful about where they get their supplies from because there is a risk of disruption. It is risky now to source from regions that do not abide by the appropriate environmental controls or expectations on human rights, all of which can lead to a supply chain disruption. Additionally, companies that can’t demonstrate that their products don’t violate human rights are at a disadvantage. Without evidence that they are adhering to labor laws, they could lose business to their competitors, Jared tells Tom. 

 

ESG offers companies the opportunity to determine with data if there are operational inefficiencies. If there are inefficiencies, business solutions can be brought to help make companies actually run more efficiently from the data collation required for an ESG program. This in turn saves companies money. “When you think about that in the context of labor… if you’re helping the well-being of these organizations or these individuals out there working in these organizations, oftentimes you see a lot more efficiency and better quality in their work,” Jared says. 

 

Resources

James Calder | LinkedIn 

Jared Connors | LinkedIn

Assent

 

Categories
FCPA Compliance Report

Mike Huneke on The General Counsel Role in CCO Certification

In this episode, I visit Mike Huneke, a partner at Hughes Hubbard. We look at the role of the GC in the CCO certification requirement as first announced by Assistant Attorney General Kenneth Polite and confirmed by Deputy Attorney General Lisa Monaco.

Key areas we discuss on this podcast are:

  • What is the new CCO certification policy?
  • Why did the DOJ create the policy?
  • How has the DOJ’s thinking around recidivists evolved?
  • Reasonableness is not a factual basis.
  • Companies with full transparency are unlikely to have conflicts due to the recent changes in CCO certification.
  • What is the role of the monitor going forward?

Resources

Mike Huneke on Hughes Hubbard

What is the General Counsel’s role in CEO and CCO compliance certifications? On the FCPA Blog

Categories
Blog

Oracle: FCPA Recidivist Part 1 – Background

Oracle Corporation now joins the ignominious group of Foreign Corrupt Practices Act (FCPA) recidivists. Last week, in a Press Release, the Securities and Exchange Commission (SEC) announced an enforcement action which required Oracle to pay more than $23 million to resolve charges that it violated the FCPA when “subsidiaries in Turkey, the United Arab Emirates (UAE), and India created and used slush funds to bribe foreign officials in return for business between 2016 and 2019.” The recidivist label comes from the sad fact that the SEC “sanctioned Oracle in connection with the creation of slush funds. In 2012, Oracle resolved charges relating to the creation of millions of dollars of side funds by Oracle India, which created the risk that those funds could be used for illicit purposes.”

 As reported in the FCPA Blog, Oracle is now one of 15 FCPA recidivists out of a total of 246 FCPA enforcement cases. This gives a recidivism rate of 6.1%. Clearly recidivism is also on the mind of the Department of Justice (DOJ) in the announcement of the Monaco Doctrine and release of the Monaco Memo. Given the overall tenor of the Oracle SEC Order, it is not clear if the SEC has the same level of concern as the DOJ on repeat offenders.

According to the Order, from at least 2014 through 2019, “employees of Oracle subsidiaries based in India, Turkey, and the United Arab Emirates (collectively, the “Subsidiaries”) used discount schemes and sham marketing reimbursement payments to finance slush funds held at Oracle’s channel partners in those markets. The slush funds were used both to (i) bribe foreign officials, and/or (ii) provide other benefits such as paying for foreign officials to attend technology conferences around the world in violation of Oracle’s internal policies.” I guess those employees at the subsidiaries, and specifically those in India, did not receive the Memo about Oracle’s 2012 FCPA settlement, where they promised to institute a series of internal controls to clean up the problem.

During the period in question, Oracle used two sales models, direct and indirect. Under the direct model, Oracle transacted directly with customers who paid Oracle directly. Under the indirect method, Oracle transacted through various types of third parties including straight distributor models, value added distributors (VADs) and value added resellers (VARs). While Oracle used the indirect sales model for a variety of legitimate business reasons, such as local law requirements or to satisfy payment terms, it recognized since at least 2012 that the indirect model also presented certain risks of abuse – including the creation of improper slush funds.

Learning one lesson from the 2012 enforcement action, “Oracle utilized a global on-boarding and due diligence process for these channel partners that Oracle implemented at the regional and country levels. Oracle only permitted its subsidiaries to work with VADs or VARs who were accepted to its Oracle Partner Network (“OPN”). Similarly, Oracle prohibited its subsidiaries from conducting business with companies removed from the OPN.”

Distributor Discounts

According to its policies regarding distributors, a valid and  legitimate business reason was required to provide a discount to a distributor. Oracle used a three-tier system for approving discount requests above designated amounts, depending on the product. In the first level, Oracle at times allowed subsidiary employees to obtain approval from an approver in a subsidiary other than that of the employee seeking the discount. At the next level and for higher level of discounts, Oracle required the subsidiary employee to obtain approval from Oracle corporate headquarters. The final level was a committee which had to approve the highest levels of discount.

The weakness in the Oracle distributor discount policy was that “while Oracle policy mandated that all discount requests be supported by accurate information and Oracle reviewers could request documentary support, Oracle policy did not require documentary support for the requested discounts – even at the highest level.” The standard requests for discounts were those previously seen in the Microsoft FCPA enforcement action, including “budgetary caps at end customers or competition from other original equipment manufacturers.” As the Order noted, “Oracle Subsidiary employees were able to implement a scheme whereby larger discounts than required for legitimate business reasons were used in order to create slush funds with complicit VADs or VARs.” Naturally it allowed distributors which “profited from the scheme by keeping a portion of the excess deal margin” to create a pot of money to pay a bribe.

Marketing Reimbursements

Distributor policies also allowed Oracle sales employees at the Subsidiaries to “request purchase orders meant to reimburse VADs and VARs for certain expenses associated with marketing Oracle’s products.” Once again there was a multi-pronged approval process in place. For marketing reimbursements “under $5,000, first-level supervisors at the Subsidiaries could approve the purchase order requests without any corroborating documentation indicating that the marketing activity actually took place.” Above this $5,000 threshold, additional approvals were required with additional requirements for business justification and documentation.

With these clear and glaring internal control gaps, you can see where it all went wrong for Oracle, the Order noted that “Oracle Turkey sales employees opened purchase orders totaling approximately $115,200 to VADs and VARs in 2018 that were ostensibly for marketing purposes and were individually under this $5,000 threshold.” Yet even when the $5,000 threshold was breached and supervisory approval was required in Turkey and the UAE, “The direct supervisors of these sales employees, who were complicit in the scheme, approved the fraudulent requests.” It is not clear if Oracle compliance had visibility into marketing reimbursement protocols. Of course, the “Oracle subsidiary employees in Turkey and the United Arab Emirates requested sham marketing reimbursements to VADs and VARs as a way to increase the amount of money available in the slush funds held at certain channel partners.” These slush funds were then used to pay bribes.

Please join me tomorrow where I look at the bribery schemes in action and how Oracle was able to obtain such an outstanding resolution and their extensive and aggressive remedial actions.

Categories
Sunday Book Review

October 2, 2022 the Frankenstein edition

In today’s edition of Sunday Book Review:

Frankenstein by Mary Shelley

The Gloem by Avram Davidson

The Casebook of Victor Frankenstein by Peter Ackroyd

The Strange Case of Dr. Jekyll and Mr. Hyde by Robert Louis Stephenson

Categories
Popcorn and Compliance

Leadership Lessons from Dr. Frankenstein

I have always loved the classic Universal monster movies from the 1930s. I am exploring one movie each week to mine it for leadership and compliance lessons this month. For this first entry in this short series on Popcorn and Compliance, I look at the original 1931 version of Mary Shelley’s seminal work, Frankenstein, which starred Boris Karloff as the Monster. Karloff embued the Monster with great pathos, but in this podcast, I want to consider the leadership lessons of Dr. Victor Frankenstein or the lack of leadership by the good doctor, which led to the deaths of a small child, his brother, and the rape of his wife-to-be on her wedding day. Of course, it also led to the unleashing of his Monster, technically called Frankenstein’s Monster, upon the movie-going world for years to come.

Categories
Daily Compliance News

October 1, 2022 the Simply Staggering Edition

In today’s edition of Daily Compliance News:

  • FINRA spells out AML penalties. (WSJ)
  • McKinsey and ex-partner added to the corruption case in South Africa. (Bloomberg)
  • Somebody needs to be fired. (ESPN)
  • Barclay’s fined (yet again). This time $361MM. (Reuters)
Categories
Corruption, Crime and Compliance

Episode 248 – Deep Dive into the GOL Brazil FCPA Settlement

The Department of Justice and the Securities and Exchange Commission reached a $41 million settlement with GOL Linhas Aéreas Inteligentes S.A. (“GOL”) to resolve criminal and civil foreign bribery charges. GOL entered into a three-year deferred prosecution agreement (“DPA”) with the DOJ in exchange for payment of a $17 million criminal penalty. DOJ credited $1.7 million of that penalty against a $3.4 million fine that GOL agreed to pay law enforcement authorities in Brazil to resolve charges in Brazil. In a separate resolution, GOL agreed to pay the SEC $24.5 million over two years. The SEC’s initial settlement calculation was for $70 million, but it was reduced to $24.5 million based on GOL’s financial condition. Michael Volkov reviews the DOJ and SEC FCPA settlement actions in this episode.

Categories
FCPA Compliance Report

The EC Gang on the Monaco Doctrine

In this special 5 part podcast series, I am deeply diving into the Monaco Memo and analyzing it from various angles. In this episode of the FCPA Compliance Report, we have the Award-Winning Everything Compliance quartet of Jonathan Marks, Jonathan Armstrong, Karen Woody, and Tom Fox on the Monaco Memo.

1. Tom Fox looks at the Monaco Memo through the monitorship language and answers a listener’s questions about compliance programs under the Monaco Memo.

2. Karen Woody reviews the Monaco Memo, the self-disclosure angle, and investigatory considerations and ponders the role of defense counsel going forward.

3. Jonathan Marks also looks at investigatory issues under the Monaco Memo, the role of the Board of Directors, and the role of the forensic auditor under the Monaco Memo.

4. Jonathan Armstrong’s self-disclosure from a UK angle joins Karen Woody in questioning how defense counsel should move forward.

Resources

Tom 5-Part blog post series in the FCPA Compliance and Ethics Blog

1.     A Jolt for Compliance

2.     Timely Self-Disclosure

3.     Corporate Compliance Programs

4.     Monitors

5.     The Heat is On

Monaco Memo