This week I have been writing about the speech Deputy Attorney General (DAG) Lisa O. Monaco gave as a Keynote Address at ABA’s 36th National Institute on White Collar Crime last week (Monaco Speech). Her remarks were noted by many commentators, including on two Compliance Into the Weeds podcasts where Matt Kelly and myself took two deep dives into her speech our podcast. Her remarks reframed a discussion about this Department of Justice’s (DOJ) priorities on white collar criminal enforcement, including under the Foreign Corrupt Practices (FCPA). Her remarks should be studied by every compliance professional as they portend a very large change in the way the DOJ and potentially other agencies enforce the FCPA. This has significant implications for every Chief Compliance Officer (CCO), compliance professional and corporate compliance programs.
Today, I am going to end with what it all might mean for the compliance professional. First note the emphasis on culture. Monaco’s remarks were, “Now, I recognize the resources and the effort it takes to manage a large organization and to put in place the right culture. The Department of Justice has over 115,000 employees across dozens of countries and an operating budget equivalent to that of a Fortune 100 company. So, I know what it means to manage and be accountable for what happens in a complex organization. But corporate culture matters. A corporate culture that fails to hold individuals accountable, or fails to invest in compliance — or worse, that thumbs its nose at compliance — leads to bad results.” This means that the DOJ will be assessing the entirety of corporate culture. As a compliance practitioner how do you demonstrate culture? Or to phrase the question using the Tom Fox mantra, how did you Document, Document, and Document your culture? Culture obviously starts at the top, but it must imbue and be embedded into an organization.
Equally important is compliance. Here Monaco said, “Let me also be clear: a company can fulfill its fiduciary duty to shareholders and maintain a commitment to compliance and lawfulness. In fact, companies serve their shareholders when they proactively put in place compliance functions and spend resources anticipating problems. They do so both by avoiding regulatory actions in the first place and receiving credit from the government. Conversely, we will ensure the absence of such programs inevitably proves a costly omission for companies who end up the focus of department investigations.” Note the significance of “company can fulfill its fiduciary duty to shareholders”.
This is a clear tip of the hat to Caremark and other legal requirements for a compliance program based upon civil statutes. This is not the DOJ saying we will punish a company for simply not having a compliance program. Yet make no mistake that if a company does not have a compliance program, not only will there be a very large chance of regulatory violation such as under the FCPA; if your organization does not have a compliance program, it will not receive credit when the penalty phase comes around. Monaco is pointing out as clearly as she can do so the potential legal costs not only from civil shareholder lawsuits but also from regulatory fines and penalties.
Another area which is new to the compliance function will be the DOJ’s review of all corporate malfeasance when assessing a company’s culture, commitment to compliance and possible fines and penalties. Here Monaco stated, “Today, the department is making clear that all prior misconduct needs to be evaluated when it comes to decisions about the proper resolution with a company, whether or not that misconduct is similar to the conduct at issue in a particular investigation. That record of misconduct speaks directly to a company’s overall commitment to compliance programs and the appropriate culture to disincentivize criminal activity.”
Typically, compliance dealt with anti-corruption compliance, trade compliance, anti-trust compliance and perhaps others. However now a CCO must be apprised of all corporate misconduct as it will be reviewed by the DOJ. For any multi-national organization, that alone will be daunting as how many compliance professionals have visibility into tax, Equal Employment Opportunity Commission (EEOC) claims, labor relations issues or the myriad of other legal issues that every corporate faces every day, literally across the globe? Yet Monaco said that prosecutors would look at just that, stating “A prosecutor in the FCPA unit needs to take a department-wide view of misconduct: Has this company run afoul of the Tax Division, the Environment and Natural Resources Division, the money laundering sections, the U.S. Attorney’s Offices, and so on? He or she also needs to weigh what has happened outside the department — whether this company was prosecuted by another country or state, or whether this company has a history of running afoul of regulators. Some prior instances of misconduct may ultimately prove to have less significance, but prosecutors need to start by assuming all prior misconduct is potentially relevant.” This is literally a sea change.
Finally, what might be the changes in how corporations are assessed under the FCPA Corporate Enforcement Policy, enacted by prior DAG Rod Rosenstein? Will there continue to be a presumption of declination if you (1) self-disclose; (2) extensively remediate; (3) thoroughly cooperate; and (4) disgorge any ill-gotten gains? If there is no presumption, will there be robust self-disclosure? There is nothing illegal about failing to self-disclose but if a whistleblower then steps forward or the DOJ then opens an investigation based upon other sources and it determines a violation has occurred the opportunity for a declination may well be out the window. Moreover, if there is no self-disclosure and the issue reappears or the remediation is not successful, the company now appears to have actual knowledge of a violation, once again potentially increasing the penalty.
As I wrote yesterday, there are many open questions from these changes. One thing is clear to me, the CCO role and job of the compliance function just got much more challenging.
Categories
FAFT and FinCEN Update
FATF identifies jurisdictions with AML, counter-proliferation deficiencies. The Kitchen takes a closer look at what’s cooking in the FinCEN kitchen.
In this episode of The Content Coalition, we interview Will Curran, Chief Event Einstein of Endless Events.
Will built an incredible agency that serves as the Einstein of events. They’re here to create the equation for your next event. Endless Events is an AV and event production company that’s about 10 years old, has helped hundreds of clients and thousands of attendees, and has a nearly perfect net promoter score from their clients.
Tune in as Will discusses how he uses automation and tracking to understand more about video podcast and talks about the importance of generating, nurturing, and closing leads that come from your video or audio podcast.
Get more great The Content Coalition episodes over on Repurpose House, or watch the interview on YouTube!
Will built an incredible agency that serves as the Einstein of events. They’re here to create the equation for your next event. Endless Events is an AV and event production company that’s about 10 years old, has helped hundreds of clients and thousands of attendees, and has a nearly perfect net promoter score from their clients.
Tune in as Will discusses how he uses automation and tracking to understand more about video podcast and talks about the importance of generating, nurturing, and closing leads that come from your video or audio podcast.
Get more great The Content Coalition episodes over on Repurpose House, or watch the interview on YouTube!
What You’ll Learn
- [01:42] How #EventIcons was created and became a video podcast
- [04:12] Will explains about how they do live interviews with their guest
- [05:26] The use of webinar in video podcasting and how they track their content
- [07:51] The story of how they met a client and how it became a lead gen
- [11:13] Will explains how he utilizes Hubspot and its uses
- [14:13] How to start a video or audio podcast
- [17:43] How you can use free tools and figure out ways to create your offer in improving your podcast
- [20:40] Will shares his favorite podcast
- [23:14] 1 actionable thing to do in the next 24 hours
Connect with Will
Human trafficking doesn’t always take the form we first imagine – it can be found at almost any level of an organization’s supply chain. In the Hidden Traffic podcast, host Gwen Hassan helps compliance professionals assess human trafficking risk and leverage their organization’s resources to root out this tragic problem.
Matt Friedman joins Hidden Traffic as the first guest. He is a global expert on modern slavery and human trafficking, and the founder and CEO of The Mekong Club, where he regularly advises heads of governments and intelligence agencies. Matt is considered by captains of industry to be the leading catalyst of the anti-slavery movement in Asia’s business sector. He shares how The Mekong Club helps companies protect themselves and avoid risk.
Corporate social responsibility (CSR) came about as a form of self-regulation for organizations to contribute positively to their surrounding communities, but the intended overall objective has not yet been achieved, Matt says. Nowadays, organizations often use CSR as a smokescreen to hide questionable and sometimes unethical practices.
Resources
Matt Friedman on LinkedIn
TheMekongClub.org
Categories
EU Whistleblower Directive-Part 2
Jonathan Armstrong is on assignment in Cornwall so for this episode Cordery Compliance co-founder Andre Bywater joins Tom Fox to discuss issues relating to the upcoming EU Whistleblower Directive, with a go live date of December 17. This is Part 2 of a special 2-part episode. Some of the questions we consider include:
- What about whistleblowing and data protection issues?
- Are individuals subject to whistleblowing allegations also protected?
- Subject Access Requests.
- False whistleblowing.
- Sanctions for non-compliance.
- Bounties for whistleblowing.
- When must the EU whistleblowing rules be implemented?
- Post-Brexit, how will the UK be implementing these rules?
- What are Andre’s three takeaways?
Resources
Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.
Categories
Monaco Speech: Part 4 – Some Questions
Deputy Attorney General (DAG) Lisa O. Monaco gave a Keynote Address at ABA’s 36th National Institute on White Collar Crime last week (Monaco Speech). Her remarks were noted by many commentators, including on two Compliance Into the Weeds podcasts where Matt Kelly and myself took two deep dives into her speech our podcast. Her remarks reframed a discussion about this Department of Justice’s (DOJ) priorities on white collar criminal enforcement, including under the Foreign Corrupt Practices (FCPA). Her remarks should be studied by every compliance professional as they portend a very large change in the way the DOJ and potentially other agencies enforce the FCPA. This has significant implications for every Chief Compliance Officer (CCO), compliance professional and corporate compliance programs.
Today, I am going to take up some questions that came up for me based upon her remarks. As compliance practitioners know, the first DAG in the Trump Administration announced a major change in FCPA enforcement in November 2017. It was called it the FCPA Corporate Enforcement Policy and it was incorporated into the United States Attorneys’ Manual. Although it was incorporated into the Manual, it was essentially a rejection of the Yates Memo and incorporating the FCPA Pilot Program from 2016 into a more formal structure.
The FCPA Corporate Enforcement Policy set a presumption of a declination for a company that met four requirements. One, voluntary self-disclosure, including disclosure of all relevant facts known to it at the time of the disclosure, including as to any individuals substantially involved in or responsible for the misconduct at issue. Two, timely and appropriate remediation. Third, full cooperation with the DOJ in the investigation. Fourth, no aggravating circumstances which could include “involvement by executive management of the company in the misconduct; a significant profit to the company from the misconduct; pervasiveness of the misconduct within the company; and criminal recidivism.”
My first series of questions relate to the Rosenstein policy. What is now required for a ‘presumption of a declination”? Will a company have to self-disclose not simply those individuals substantially involved or all employees, no matter how high or low in the employee chain? Must those disclosures be at the time of self-disclosure or as facts are developed in an investigation? Recall the Yates Memo mandated that if a company wanted any credit it had to disclose all employees involved in the misconduct. [So much so that the word ‘any’ was in bold, italics and underscored.] Will the DOJ revert back to that standard?
What of Deferred and Non-Deferred Prosecution Agreements (DPAs and NPAs)? Has the DOJ heard the criticism of these settlement mechanisms over the years? Matt Kelly and I catalogued them in the second Compliance into the Weeds podcast on Monaco’s speech. Or has the DOJ decided that there is some type of material defect in these tools which makes any settlement with a DPA or NPA simply ‘a cost of doing business’? Monaco raised these issues in the context of FCPA recidivist or those companies which have a broader history of corporate recalcitrant in complying with laws in general; i.e., tax, environmental, employment and every other law a corporation must deal with both in the US and internationally. Even though her remarks were directed to recidivists and other bad corporate actors, it would not be too far a stretch to see if the DOJ reconsidered such penalties for all those companies which find themselves in a FCPA imbroglio.
What might some changes look like? A couple of recent examples come from areas outside the FCPA context. Last week, the Federal Trade Commission (FTC) issued a new directive that any company which has one anti-competition violation under its belt will have to return to the FTC for pre-approval of any acquisition. That can be quite a business slow down if you are in a dynamic industry or profession. The other example comes from the world of US banking where the Federal Reserve put a growth cap on Wells Fargo for its behaviors. Once again something like that can be a very large business inhibitor.
The DOJ return to more robust monitorships could be another mechanism. While the monitors now usually concern themselves with the terms of the settlement agreement and whether the company under the settlement agreement is fulfilling its terms; the monitor could take a more active role in an organization, such as review any high-risk transaction or transaction but a certain dollar value. Such an intrusive monitorship would greatly slow down business in any organization. Yet FCPA recidivists do not seem to have gotten the message not to violate the FCPA. Indeed, even some under DPAs and NPAs are not fulfilling their agreed upon obligations. All of these factors could lead to some very different forms of settlement resolutions.
What about Monaco’s remarks around evaluation of all corporate conduct, not simply anti-bribery compliance? Her remarks bear citing in full on this point:
Going forward, prosecutors can and should consider the full range of prior misconduct, not just a narrower subset of similar misconduct — for instance, only the past FCPA investigations in an FCPA case, or only the tax offenses in a Tax Division matter. A prosecutor in the FCPA unit needs to take a department-wide view of misconduct: Has this company run afoul of the Tax Division, the Environment and Natural Resources Division, the money laundering sections, the U.S. Attorney’s Offices, and so on? He or she also needs to weigh what has happened outside the department — whether this company was prosecuted by another country or state, or whether this company has a history of running afoul of regulators. Some prior instances of misconduct may ultimately prove to have less significance, but prosecutors need to start by assuming all prior misconduct is potentially relevant.
Most compliance professionals work very diligently to create a culture around anti-corruption compliance. However now there must be compliance with a much broader set of laws; both in the US and internationally. How many compliance officers even know about these other areas? Further, if there is one resource in the organization who does keep track of such matters, it is usually in the legal department, who are loathe to share that information, even within an organization. How will a compliance professional be aware and then work to ensure compliance in these other areas?
As I said in the introduction, there are lots of open questions. Tomorrow I will sum up what it all may well mean for the compliance professional.
FSOC report on climate change as a risk to US financial stability. Tune in for more details.
Categories
Back Off Baxter
Welcome to the newest addition to the Compliance Podcast Network featuring the book F*CKING ARGENTINA, where we unpack some of the current exasperation of American life today.
Humor writer Greg Greenberg tells the tale of a ubiquitous dog walker meeting a father taking his daughter to school in the streets in New York. “There’s a reason why there are pooper scooper laws. I’m not asking for a massive crackdown, but the dog owners feel that the sidewalks are their territory. And I don’t think it’s always fair. And this story is a little bit of exasperation, the narrator having to deal with that in the streets.”
Share the laughter and exasperation in this new episode of F*CKING ARGENTINA with Tom Fox and Gregg Greenberg. ▶️ BACK OFF BAXTER
#BackOffBaxter
ABOUT THE BOOK
F*cking Argentina and 10 More Tales of Exasperation by Gregg Greenberg is a compilation of short stories that dive into the American phenomenon of being in a near-perpetual state of aggravation. Greenberg’s anthology brings together eleven original pieces of work, each with their own slice of independent and distinct plot lines but all converging on the universal theme of exasperation. They run the whole gamut of scenarios, from the titular story “F*cking Argentina” wherein the country is once again in bankruptcy and a polite game of tug o’ war plays out on a porch, to “A Journeyman Tennis Player’s Prayer” with a low ranking U.S. Open contender begging God for a comparable opponent. Both stories end with the superlative f-word, which showcases at some point in other stories, and a guaranteed chuckle from their readers. Buy the book here: http://fckingargentina.com/.
Do you have a podcast (or do you want to)? Join the only network dedicated to compliance, risk management, and business ethics, the Compliance Podcast Network. For more information, contact Tom Fox at tfox@tfoxlaw.com.
Categories
Monaco Speech: Part 3 – Culture
Deputy Attorney General (DAG) Lisa O. Monaco gave a Keynote Address at ABA’s 36th National Institute on White Collar Crime last week (Monaco Speech). Her remarks were noted by many commentators, including on two Compliance Into the Weeds podcasts where Matt Kelly and myself took two deep dives into her speech our podcast. Her remarks reframed a discussion about this Department of Justice’s (DOJ) priorities on white collar criminal enforcement, including under the Foreign Corrupt Practices (FCPA). Her remarks should be studied by every compliance professional as they portend a very large change in the way the DOJ and potentially other agencies enforce the FCPA. This has significant implications for every Chief Compliance Officer (CCO), compliance professional and corporate compliance programs.
Today, I am going to take up her remarks on corporate culture. They were a small but significant part of her remarks so I will quote them in full. She said,
Now, I recognize the resources and the effort it takes to manage a large organization and to put in place the right culture. The Department of Justice has over 115,000 employees across dozens of countries and an operating budget equivalent to that of a Fortune 100 company. So, I know what it means to manage and be accountable for what happens in a complex organization. But corporate culture matters. A corporate culture that fails to hold individuals accountable, or fails to invest in compliance — or worse, that thumbs its nose at compliance — leads to bad results.
Let me also be clear: a company can fulfill its fiduciary duty to shareholders and maintain a commitment to compliance and lawfulness. In fact, companies serve their shareholders when they proactively put in place compliance functions and spend resources anticipating problems. They do so both by avoiding regulatory actions in the first place and receiving credit from the government. Conversely, we will ensure the absence of such programs inevitably proves a costly omission for companies who end up the focus of department investigations.
Although we understand the costs that enforcement actions can place on shareholders and others, our responsibility is to incentivize responsible corporate citizenship, a culture of compliance and a sense of accountability. So, the department will not hesitate to take action when necessary to combat corporate wrongdoing. [Emphasis Supplied]
I asked Affiliated Monitors Inc., (AMI) founder Vin DiCianni for his thoughts around these remarks. He said, “Last week’s announcement by Deputy Attorney General Lisa Monaco and the Justice Department reignited the agency’s concentration of corporate and individual liability for white collar crimes. In doing so, she emphasized to businesses, their leadership and the attorneys who represent them on the importance of implementing and maintaining strong effective compliance programs and how DOJ will continue to look at these programs going forward.” In other words, the criticalness of culture.
A culture of compliance is the foundation of an organization’s compliance program. It is a measure of how well employees feel empowered to identify, mitigate, and escalate risk within their institution. An institution’s compliance culture is set by the Board and Executive Leadership team. Their messaging should be continuously reinforced in an institution’s risk appetite statement, policies, training and enterprise-wide communications. A strong compliance culture should be evident at all levels of the financial institution and across all three lines of defense.
Tina Rampino, Associate Managing Director at K2 Integrity, laid out some key questions to ask around culture. They included:
- What is the tone that is set from the most senior levels of the organization?
- Are employees motivated by doing any and all business no matter the risk?
- Are they empowered to act with integrity and choose the right business that aligns with their compliance culture?
She went on to relate, “Many institutions have built training and communications programs to help employees understand what the “right business means” – reinforcing an institution’s risk appetite statement, incorporating policies and procedures, and training on red flags and high-risk issues.” She concluded, “A culture of compliance should empower employees, not just in the second line of defense but in all areas of the institution – to think about the risks being presented through their customers, transactions, and products and services and how they can do their part in mitigating risk to the institution.”
We next turned to some of the key actions senior executives and leaders can take to not simply ‘talk-the-talk’ but also ‘walk-the-walk’ of compliance. Senior executives and leaders are responsible for setting the tone from the top which means setting expectations for the importance of compliance throughout the organization and by modeling behaviors for their employees. Rampino details the seven elements of a culture of compliance:
- Tone from the Top.
- Establishing and communicating enterprise-wide policies and programs.
- Defining clear roles and responsibilities across the three lines of defense.
- Ensuring adequate staffing and resources for functions responsible for compliance.
- Designing and implementing a comprehensive compliance training program.
- Establishing compliance incentives
- Creating efforts to embed and sustain a compliance culture.
Monaco had two additional remarks around corporate culture and a culture of compliance that bear repeating. She said, a record of corporate misconduct, even outside the FCPA, “speaks directly to a company’s overall commitment to compliance programs and the appropriate culture to disincentivize criminal activity.” In a remark that tied back to yesterday’s discussion of monitors she said, “Stepping back, any resolution with a company involves a significant amount of trust on the part of the government. Trust that a corporation will commit itself to improvement, change its corporate culture, and self-police its activities. But where the basis for that trust is limited or called into question, we have other options. Independent monitors have long been a tool to encourage and verify compliance.” This last sentence would speak directly to DiCianni’s thoughts that “Unlike the previous administration’s very limited use of monitors, DAG Monaco described the value that integrity monitors bring to oversight for both the department and those entities subject to such oversight.”
Monaco noted she has sat on corporate boards when in the private sector. This experience certainly informs her approach as the DAG. The DOJ will be taking a much closer and in-depth look at corporate culture and whether there is a culture of compliance in any company which finds itself in a FCPA investigation or enforcement action. CCOs and compliance functions need to be ready to have demonstrable and documented evidence of a culture of compliance.