In today’s edition of Daily Compliance News:
Author: admin
The SEC is a very busy agency. While promising more aggressive enforcement of securities rules, the SEC has issued two sets of comprehensive rule amendments. The first proposes new rules governing cyber incident reporting, disclosures, and governance. The SEC issued its long-awaited rules governing climate change and greenhouse gas emissions in the second major policy action. In this episode, Michael Volkov reviews the two proposals.
Categories
Lawyers, Guns & Money
Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – they all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the Compliance Podcast Network. In this episode, Tom and Ronnie begin a short series on provocative statements on compliance training and communications, followed by discussion. In this episode, Tom channels his inner Warren Zevon to explore lawyers, guns and money as an introduction to targeted, focused training using real stories.
Resources:
Ronnie Feldman (LinkedIn)
Learnings & Entertainments (LinkedIn)
Ronnie Feldman (Twitter)
Learnings & Entertainments (Website)
60-Second Communication & Awareness Shorts – A variety of short, customizable, quick-hitter “commercials” including songs & jingles, video shorts, newsletter graphics & Gifs, and more. Promote integrity, compliance, the Code, the helpline and the E&C team as helpful advisors and coaches.
Workplace Tonight Show! Micro-learning – a library of 1-10-minute trainings and communications wrapped in the style of a late-night variety show, that explains corporate risk topics and why employees should care.
Custom Live & Digital Programing – We’ll develop programming that fits your culture and balances the seriousness of the subject matter with a more engaging delivery.
Tales from the Hotline – check out some samples.
As the Celtics win Game One with a buzzer beater, Tom and Jay are back to look at some of the week’s top compliance and ethics stories in the NBA playoffs are here edition.
Stories
- Mike Volkov takes a deep dive into the recent DOJ trial record. In a 3-part series on Corruption Crime and Compliance.
- Sexual harassment case too implausible for Hollywood? Adam Manno in the Daily Mail.
- KT Corp FCPA enforcement action analysis. Lawyers from Debevoise in Compliance and Enforcement.
- Stericycle FCPA settlement. DOJ Press Release. Harry Cassin the FCPA Blog. Tom begins a 3-part series on the FCPA Compliance Report.
- Data analytics informs SEC enforcement action. Jaclyn Jaeger in Compliance Week.
- SEC Chair Gensler reflects on 1st year of Chairmanship? Ephrat Livny in NYT.
- Into the crystal ball on climate disclosures. Mai-Khoi Nguyen-Thanh and Taylor Wirthin CCI.
- Should Elon Musk have been stopped long ago? Francine McKenna in Time.
- What should be on your audit committee agenda for 2022? Maureen Bujno, Krista Parsons and Kimia Clemente in Harvard Law School Forum on Corporate Governance.
- Putting the ‘G’ first in ESG. Lawrence Heim in practicalESG
Podcasts and More
- Tom visits with Matt Galvin and Dan Kahn over a 2-part podcast series. In Part 1, they talk about dealing with the DOJ during a FCPA investigation and thereafter. In Part 2 we took a deep dive into the Lisa Monaco speech and what it means for compliance professionals.
- What is the only podcast dedicated to the intersection of Compliance and ESG? It’s the Compliance ESG Podcaston the CPN. Check out this week’s episode with Erika Peters of Exiger on the ESG Standards. For your added viewing pleasure check out the video pod on YouTube.
- This month on the Compliance Life, I visit with Susan Divers, Director of Thought Leadership at LRN. In Part 1, academic life and early professional career. In Part 2, she moves to the corporate world. In Part 3, Susan moves into the CCO chairs at AECOM.
- Are you a MCU fan? If so check out the latest 2 episodes of Popcorn and Compliance-the MCU Series as Tom and Megan Dougherty are going through the full MCU in chronological, not release date order. The latest two episodes are Black Widow and Black Panther.
- Why should you attend Compliance Week 2022? Find out on this episode of From the Editor’s Desk. Listeners get a $200 discount to CW 2022 with the discount code TFLAW $200 OFF. More here.
Tom Fox is the Voice of Compliance and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.
Earlier this week, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) announced a Foreign Corrupt Practices Act (FCPA) enforcement action, involving the waste management company, Stericycle, Inc. (Stericycle). According to the Information and Deferred Prosecution Agreement(DPA), Stericycle entered into a three-year DPA. The company was charged with two counts of conspiracy to violate (1) the anti-bribery provision of the FCPA, and (2) the FCPA’s books and records provision. Under the DPA, Stericycle agreed to a criminal penalty of $52.5 million of which the DOJ agreed to credit up to one-third of the criminal penalty against fines the company pays to authorities in Brazil in related proceedings. According to the SEC Cease and Desist Order (Order), Stericycle violated the anti-bribery, books and records, and internal accounting controls provisions of the FCPA and agreed to pay approximately $28.2 million in disgorgement and prejudgment interest. The SEC Order also provided for an offset of up to approximately $4.2 million of any disgorgement paid to Brazilian authorities. In today’s post we will consider the bribery schemes.
The Problem
According to the Order, Stericycle got into FCPA hot water when it initially entered the Latin America market in 1997 and then rapidly expanded through the acquisition of many local businesses in Argentina, Brazil, and Mexico. Stericycle operated through wholly-owned subsidiaries in Brazil (“Stericycle Brazil”), Mexico (“Stericycle Mexico”), and Argentina (“Stericycle Argentina”). The prior local business owners continued to run the operations in each country. Each country had an executive team that reported to, among others, a former Stericycle executive responsible for all of Latin America (the “LatAm Executive”). The LatAm Executive reported directly to executives at Stericycle’s corporate headquarters. If all of this sounds familiar to readers of this blog, it was this similar fact pattern which brought the UK company WPP to FCPA grief as well.
Moreover, as the company grew in Latin America through acquisition, it failed to implement even the most basic internal controls for compliance. The Order noted, “the accounting processes and systems remained mostly decentralized with neither uniformity nor proper oversight, resulting in internal control deficiencies.” To top it all off, “Stericycle had no centralized compliance department and failed to implement its FCPA policies or procedures prior to 2016.” Clearly compliance was not something that was of the least interest to the company and it clearly contributed to an overall culture of corruption as a business practice. Finally, the corporate office, in the form of the LatAm Executive, “signed and transmitted numerous sub-certification letters in which they falsely stated that they were not aware of any actual or potential material event in their region, including any actual or alleged violation of any applicable law.”
The Bribery Schemes
The bribe payments were allegedly hidden through the use of code words for bribery. ‘Little pieces of chocolate in Brazil’, ‘IP’ or incentive payments in Argentina and ‘cookies’ in Mexico. In Brazil, the bribes paid were usually a percentage of the contract value, although occasionally it was a simple fixed fee. The DPA noted, “as part of the scheme, Stericycle Brazil employees agreed upon bribe payments in return for receiving payment priority on certain invoices owed under contracts with government agencies; the bribe payments were typically a percentage of the invoice amount owed or a fixed amount. The entire Brazilian business unit was apparently in on the scam as Stericycle Brazil sales employees, who used the cash to make bribe payments to government officials in different regions.” But it was not the BD folks who were running this bribery, as the “Stericycle Brazil finance employees prepared bank orders in the names of the Stericycle Brazil sales employees, who would retrieve the money from the bank and deliver the cash funds—often through an intermediary—to government officials associated with government customers.”
But it did not even stop there. According to the Order, in 2012, “Stericycle Brazil executives formed a sham third-party vendor that purportedly provided accounts receivable collection services to Stericycle Brazil, which were never provided. Rather, the sham third-party vendor issued false invoices that Stericycle Brazil used to support the bribe payments in its books and records. Each month, Stericycle Brazil finance employees estimated the amount of cash withdrawals attributable to the bribe payments. At the end of the month, Stericycle Brazil finance employees requested false invoices from the sham third-party vendor in the amount of the preceding month’s estimated cash withdrawals used for bribes. These invoices for purported debt collection services concealed the true purpose of the payments. The invoiced amounts were recorded in Stericycle’s general ledger, and the cash withdrawals appeared in company bank statements. In 2015, a Stericycle Brazil executive formed two other sham third-party vendors to continue the same scheme.”
To top it all off, all of the above was documented in company books and records. The finance employees “maintained spreadsheets which identified the government customers receiving bribes and the corresponding amount (either a set percentage of revenue or fixed amount), and the Stericycle Brazil employee responsible for retrieving the cash and delivering the bribe payments either directly or through a third-party intermediary. The spreadsheets contained entries, organized by month and region, of both the total amount of bribes paid and the amounts of the fake invoices used to provide cover for cash withdrawals. The Stericycle Brazil finance employees stored these spreadsheets on Stericycle’s servers, and the Stericycle Brazil executives and the LatAm Executive had knowledge of the payments by, among other things, receiving one or more copies of these spreadsheets.”
Just to reiterate, the finance team was preparing fraudulent money orders for employees to cash to create a pot of money to pay a bribe. Additionally, business unit executive themselves created a sham vendor to generate false invoices to also create pots of money to pay bribes, all of which was documented in the company’s books and records. This is not some pedestrian bribery scheme. This is a business unit which has systematized bribery as a business process.
In Mexico, this same basic format was used but with a twist. There was not a sham vendor or vendors. Here the corrupt LatAm Executive formed a joint venture (JV) which the company entered into to form Stericycle Mexico. It was all documented by spreadsheets which “identified invoices from approximately 45 third-party vendors which purported to provide otherwise undocumented consulting and market research services. The spreadsheets linked invoices to payments to government officials, including the name of the customer and calculation of the bribe as a fixed amount or percentage of the customer’s invoice value. Some spreadsheets also detailed the recipient of the bribe and method of delivery (cash versus wire transfer). These spreadsheets were sent to, among others, the LatAm Executive and a Stericycle Mexico executive on Stericycle’s servers.”
In Argentina, the specific method of how the cash was generated to pay the bribes was not report. The DPA noted, the “Argentina Country Management calculated and approved bribe payments, which were typically paid in cash by Stericycle Argentina sales employees. For example, on occasions when a bribe needed to be paid, a Stericycle Argentina sales employee emailed an estimate of the bribe payment, which was typically a percentage of the underlying contract payment. Upon approval of the payment, the Stericycle Argentina sales employee obtained cash from the Stericycle Argentina office in Buenos Aires and subsequently delivered the bribe payment to the foreign official.” These payments were called “alfa” and “alfajores”, a traditional cookie popular in Argentina.
Join us tomorrow where we look at the fallout and then the comeback.
Mike McDonnell, a CSR/ESG Consultant to the RBA/RLI and a founding member of the Responsible Business Alliance’s Responsible Labor Initiative, joins host Gwen Hassan to discuss the impact of fast fashion on workers, forced labor, and the responsibility of companies to ensure that they don’t use vendors and suppliers who engage in unethical and harmful practices.
Many workers who end up in the grips of human trafficking often flee hardship and poverty. This makes them targets for exploitation by agencies and facilities. Mike explains that some workers have to pay fees to be hired, and because of these fees, they are put under tremendous pressure by the employers. The workers feel indebted to the ones exploiting them, allowing their superiors to maintain a sense of control over them. Companies may also be receiving free hiring services and benefits through human trafficking, sometimes without their knowledge.
The workers pay fees in two ways: above board by charging limits or extracting cash in rougher aspects. These fees are ongoing so that workers can keep their heads down and out of the line of fire. There are digital programs put in place to audit this. Surveys are given to workers with questions on whether anyone has asked them for money. One of the positives about this type of technology is that companies can monitor real-time when these situations arise.
It’s not enough to not harm a company. It’s not enough to say that you’re following your code of ethics. You have to show it in your actions and break it down to its elements. Rethink your tools, assess your suppliers and their business practices, and these can become your rail factors on whether or not to engage in business with them. If they present too much risk, or you cannot prove that they aren’t engaging in unethical behavior, you will have to rethink your outsourcing.
Resources
Mike McDonnell on LinkedIn
Responsible Labor Initiative
Categories
Why Compliance Needs to Talk to Tax
What is the intersection of tax and compliance? Why does a Chief Compliance Officer (CCO) or compliance professional need to sit down with the corporate head of tax? How does a corporate tax function fit into a best practices compliance program? It turns out there is quite a bit a compliance professional can learn from a tax professional. Moreover, there are many aspects of tax which should be considered by a CCO and compliance professional from an overall risk management perspective. Unfortunately, these questions are rarely explored in the compliance community. In this inaugural episode, we consider the following topics.
Why Should Compliance and Tax Interact?
All organizations have an enterprise risk management (ERM) system. One risk common to multinational companies especially is corporate tax risk; and yet, it tends to remain under the radar. While tax professionals are usually very good at identifying and mitigating tax risk, if there is no close interaction between compliance and tax professionals, the risks are elevated.
Sophistication in Taxing Jurisdictions
Most jurisdictions have a tax code, but street rules tend to also be in play. “You have to establish very early on that you don’t pay bribes,” Tracy advises. The results of following the law are more expensive, but it pales in comparison to the cost of putting your company at risk.
Resources
Tracy Howell | Email | LinkedIn
Welcome to the only roundtable podcast in compliance. In 2021, Everything Compliance was honored by W3 as a top talk show in podcasting. In this episode, we have the quintet of Jay Rosen, Jonathan Armstrong, Jonathan Marks, Karen Woody and Matt Kelly. We conclude with our fan favorite Shout Outs and Rants.
1. Jay Rosen discusses the increased antitrust enforcement by the DOJ in the healthcare arena. Rosen shouts out to Rachael Smith, Gilnet Sainvil and High-Five Man which reminded Rosen of Johnny Bank from his childhood
2. Matt Kelly takes a deep dive into the SEC proposed rules cyber security disclosure. Kelly gives a ‘mild’ rant to the SEC for proposing companies should have to disclose with 4 days after a cyber breach even if law enforcement asks a company not to do so.
3. Jonathan Armstrong looks data transfers from the EU to US and UK. Armstrong goes on his most epic rant ever using 2 funerals and a birthday party to excoriate Tory Politicians to not simply talk the talk but follow the rules when it comes to Covid-19 protocols.
4. Karen Woody wades into Elon Musk and his dalliances about investing in and potentially buying Twitter. Woody rants about the recent Declination with Disgorgement given to a MarshMac subsidiary in the UK, the Jardine Group Holdings and says this is simply a NPA and should be monikered as such.
5. Jonathan Marks discusses the difference between Tone at the Top and Conduct at the Top and why so many companies are falling short in the latter. Marks shouts out to Phillies 3rd baseman Alec Bohm who went from Phillies’ fan goat to hero with a mea culpa and SF Giants assistant coach Alyssa Nakken, who became the first female to take the field and coach in the history of MLB.
6. Fox shouts out to author Margaret Atwood and in her book The Handmaiden’s Tale, which is not a dystopian novel but a prophecy of current Texas in 2022.
The members of the Everything Compliance are:
• Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
• Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu
• Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
• Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at jonathan.armstrong@corderycompliance.com
• Jonathan Marks is Partner, Firm Practice Leader – Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at jonathan.marks@bakertilly.com
The host and producer, ranter (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.
In today’s edition of Daily Compliance News:
- Stericycle FCPA settlement announced. (DOJ Press Release)
- Amazon workers were illegally fired for protected activity. (WaPo)
- FATF to evaluate countries more often. (WSJ)
- Why compliance needs to be concerned with social media. (WSJ)