Categories
Blog

Ten Top Lessons from Recent FCPA Settlements – Lesson No. 10, Getting to Self-Disclosure: Speak Up, Triage and Internal Investigation

Over this series, I have reviewed the messages communicated by the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) from three key Foreign Corrupt Practices Act (FCPA) enforcement actions regarding their priorities in investigations, what they want to see in remediations, and what they consider best practices compliance programs. These enforcement actions warrant a close study of the lessons learned. They should guide not simply your actions should you find yourself in an investigation but also how you should think about priorities. One thing is abundantly clear: It all begins with self-disclosure.

The three FCPA enforcement actions we have reviewed are ABB from December 2022, Albemarle from November 2023, and SAP from January 2024. I added a fourth, the Gunvor S.A. enforcement action, as a discussion point, as it was released while I was writing this series. I have also cited several speeches by DOJ officials, including those from Deputy Attorney General Lisa Monaco and Assistant Attorney General Kenneth Polite. They pointed out a clear path for the company, which finds itself in an investigation, using extensive remediation to avoid monitoring. They provided insight for the compliance professional into what the DOJ expects in a best practices compliance program on an ongoing basis.

Late last week, there were two speeches at the ABA White Collar Conference: one by DAG Lisa Monaco and a second by Acting Assistant Attorney General Nicole M. Argentieri, which re-emphasized the points I have articulated. Today, I want to use their speeches to add another factor to my Top Ten Lessons List: a Speak Up Culture, effective triage, and quick, efficient, and accurate internal investigation when information is brought forward.

DAG Monaco could not have been clearer when she said, “When a business discovers that its employees broke the law, the company is far better off reporting the violation than waiting for DOJ to discover it. Now, when the DOJ does discover the violation, the company can still reduce its exposure by proactively cooperating in our investigation. But I want to be clear: no matter how good a company’s cooperation, a resolution will always be more favourable with voluntary self-disclosure.” [emphasis supplied]

DAG Monaco noted that the DOJ has structured its “Voluntary Self Disclosure (VSD) programs to encourage companies to take responsibility for misconduct within their organizations. And we’ve conditioned benefits on the company’s willingness to step up and own up — requiring it to disgorge profits, upgrade compliance systems, and cooperate in investigations of culpable employees…We want to empower them to make the business case for investing in compliance. And when they do, they can point to our policies. Early reports on this work are promising. We directed all components and U.S. Attorneys to implement self-disclosure programs.”

The benefits of the VSD come from this self-disclosure. The DOJ’s announcement that it was launching a whistleblower program for payments to people who come forward with information about criminal activity emphasised this idea even more. While the SEC, CFTC, IRS, and other agencies have whistleblower reward programs, this is a powerful message from the DOJ that if your company has an issue, it is far better to self-disclose than investigate, remediate, and hope the DOJ (or any other agency) never finds out about the matter. Put another way, Argentieri spoke about “the benefits that await those that voluntarily disclose misconduct.”

All of this means you must be able to intake, evaluate, and investigate the information.

Culture of Speak Up

Your organization must have an effective and efficient means of allowing employees to raise their hands and speak up. That speak-up can be through an anonymous hotline, by going into their supervisor’s office to report something, or by coming to the compliance function. Or it could be another avenue of reporting. The point is that every company must be ready, willing, and able to hear and act on internal reports of wrongdoing.

Triage

Given the number of ways that information about violations or potential violations can be communicated to government regulators, having a robust triage system is a critical way to separate the wheat from the chaff and bring the correct number of resources to bear on a compliance problem. One important area is determining whether to bring in outside counsel to head up an investigation and the resources you may want or need to commit to a problem. You need to “kick the tyres” of any allegations or information so that you know the circumstances in front of you before you make decisions. You can achieve this through a robust triage process.

Internal Investigations

You can decide whether or not to investigate by consulting with other groups, such as the Compliance Committee of the Board of Directors or the Legal Department. The head of the business unit in which the claim arose may also be notified that an allegation has been made and that the Compliance Department will be handling the matter on a go-forward basis. Using a detailed written procedure, you can ensure complete transparency on all parties’ rights and obligations once an allegation is made. This gives compliance the flexibility and responsibility to deal with such matters, from which it can best assess and decide how to manage them.

We concluded this series where we began with the need for or benefits of self-disclosure. The benefits laid out by the DOJ are clear, tangible, and direct. If you self-disclose, provide extraordinary cooperation, extensively remediate, and disgorge any ill-gotten gains through profit disgorgement, there will be a presumption of declination. Even if you do not meet the self-disclosure threshold, you can still garner significant discounts under the DOJ’s Corporate Enforcement Policy through extraordinary cooperation and extensive remediation.

Categories
Blog

Phillips FCPA Enforcement Action: Lessons Learned – Part 3

We conclude our exploration of the Koninklijke Philips N.V. (Philips) Foreign Corrupt Practices Act (FCPA) enforcement action involving the Securities and Exchange Commission (SEC), for Phillips actions in China and its Chinese subsidiary, Phillips China. As set out in the SEC Order, Philips was order to “pay disgorgement of $41,126,170, prejudgment interest of $6,047,633, and a civil monetary penalty of $15,000,000” for a total fine and penalty of $62 million. Yesterday we considered the bribery schemes employed by Phillips China. After having reviewed the facts and Order we look at some lessons learned.

Distributors Under the FCPA

This is the third recent FCPA enforcement action involving distributors, following Oracle and Microsoft. Along with those cases, Phillips drives home the message that distributors are a risk under the FCPA. Oracle got into FCPA hot water regarding distributor discounts and marketing reimbursement. Microsoft came to OFAC grief as it did not know to whom its distributors were doing business as some distributors were selling to sanctioned entities. While distributors may not seem to be as high a risk commissioned sales agents, they do present a risk, which must be assessed and then managed with ongoing monitoring and improvements as appropriate. None of these steps were apparent from this FCPA enforcement action or found in the Order.

As noted yesterday, Philips in 2013 had agreed to “enhanced an anti-corruption training program that includes a certification process and a variety of training applications to ensure broad-based reach and effectiveness.” Whatever this training was, it does not seem to have reached China. Effective training is about communications, engagement and demonstrable implementation of the training messaging going forward. Once again Philips China did not seem as if that communications about not engaging in bribery and corruption was taken into its business operations.

Recidivist Behavior Under 2023 Corporate Enforcement Policy

As noted yesterday, in a May 10, 2023 Press Release,  Phillips announced that “The U.S. Department of Justice (DOJ) has closed its parallel inquiry into these matters” and the company intoned that it “fully cooperated with the SEC and DOJ.” Philips also reported that the FCPA matter had “previously been disclosed in Philips’ Annual Reports 2019 through 2022.”

There has been no statement by the Department of Justice (DOJ) regarding Philips. Further there has been no declination regarding Philips publicly announced by the DOJ. Given the strong statement about recidivists by Deputy Attorney General Lisa Monaco in announcing the Monaco Doctrine last September and the need for speed referenced by Kenneth Polite in announcing changes to the Corporate Enforcement Policy in January 2023; one might have expected some statement from the DOJ.

If the DOJ really wants companies to step forward and self-disclose, it would seem that Philips would be a good example to use. Apparently there was not self-disclosure, not extraordinary cooperation and no compliance with the 2013 SEC Order concluding the first Philips FCPA enforcement action. In other words, all the requirements for a company to obtain the significant credit under the 2023 Updated Corporate Enforcement Policy. If you add in Philip’s prior FCPA enforcement action into the mix, it would certainly appear that Phillips’ culture of compliance was lacking, at least along the lines of that aspect of the Monaco Doctrine.

Lessons Learned

With Phillips filing out the trio of recent distributor enforcement actions, it is clear that companies need to start paying more attention to the distributor sales model as a source of risk. Of course, robust due diligence screening is a must but it is only a starting point. Companies need to monitor the relationship after the contract is signed. The Philips FCPA enforcement action points toward the need for robust data analytics particularly around special price discounts with distributors creating excessive distributor margins which could be used to fund improper payments to employees of state-owned enterprises or governmental officials. A data analysis would quickly and efficiently show any special discount or discount beyond the standard range given to distributors. Moreover, regional discounts could be taken into account easily using the data analytics approach.

Additionally the maintenance of adequate books, records, and accounts concerning special price discounts to demonstrate that the discounts were supported by adequate documentation to ensure their business justification and management’s approval of them. This basic step also acts as a basic compliance internal control so that there can not only be oversight of the proposed distributors and any discounts but also creates a documented audit trail if a regulator ever comes knocking.

At this point there is perhaps some head-scratching about the final resolution, if any, regarding Philips given the state of the record as laid out by the Order. However it is clear there are significant lessons for the compliance professional from the Phillips enforcement action around distributors. I hope that at some point there is greater clarity under the 2023 Corporate Enforcement Policy update.

Categories
FCPA Compliance Report

Jon May On Defending Individuals in FCPA Cases

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom Fox interview well-known curmudgeon and iconoclast Jon May. May, who is not a compliance officer, talks about his approach to the topic, which has caught Tom’s attention. The conversation traverses May’s professional background, discussing Miami’s wild west environment in the 1980s and corruption within the police department. The podcast takes a deep dive into corporate strategy, DOJ’s enforcement policies, and the changes in whistleblower laws. The author provides an exclusive hotline number for listeners to call him and wraps up by describing where to purchase his book! Take advantage of this engaging podcast with the brilliant Jon May, hosted by Tom Fox.

Key Highlights:

· Negotiating with Government in Corporate Criminal Conduct

· Navigating US Sentencing Guidelines for Defense Lawyers

· Pleading Guilty and Self-Disclosure for White-Collar Crimes

· Changing view of whistleblowers and self-disclosure regulations

· Balancing Crime Fighting and Civil Liberties

 Notable Quotes

“It is the company’s recommendation that they obtain counsel before they are interviewed by the company or the company’s outside counsel.”

“I have, as you know, always been very critical of the government’s care and stick approach to convincing companies to self-disclose.”

“But showing the prosecutor that there’s a very different side requires a great deal of work.”

“You might not get 3 points. You might only get 2 points. But the amount of time you can save by litigating various aspects of sentencing could be years and years.”

Resources

Jon May

On Creative Criminal Defense Consultants

Who Says You Can’t: Strategy and Tactics for Becoming a More Creative Criminal Defense Lawyer

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
FCPA Compliance Report

Ryan Patrick on the Role of a US Attorney Under the Monaco Memo, CEP & ECCP

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. Looking for a podcast that will give you insights into the Department of Justice’s corporate enforcement policy and the implications for corporations facing investigations? Look no further than FCPA Compliance Report! In this episode, Tom Fox sits down with Ryan Patrick, a former US district attorney for the southern district of Texas. They discuss the importance of staying up-to-date with DOJ memos and speeches, the difficulty for corporations in deciding whether or not to self-disclose, and the implications of outside counsel being deputized. Ryan emphasizes the importance for companies to work with lawyers who know judges and have pre-existing relationships with local prosecutors, including US attorneys and line prosecutors. They discuss the Southern District of Texas and its role in border-related issues, as well as the Patrick’s time as a US Attorney for the Southern District of Texas. This podcast is a must-listen for anyone looking to gain a better understanding of corporate enforcement and compliance policies. Don’t miss out on the conversation between Tom Fox and Ryan Patrick!

 Key Highlights

·      Discussing U.S District Attorney’s work challenges

·      Evolution of Corporate Enforcement Policy by DOJ

·      Challenges in Communication with Corporations for Attorneys

·      Challenges of Self-Disclosure for Businesses

·      Navigating Legal Issues with Local Counsel

·      Challenges to Attorney-Client Privilege in Corporate Cases

·      Border Security and Cryptography Cases in Texas

·      US Attorney General Advisory Committee in Presidential Administration

·      Role of Southern District of Texas in law enforcement and corporate enforcement

·      Inside a Federal Prosecutor’s Role

 Notable Quotes

·      “It seems to me that this broaden beyond simply anti-corruption in FCPA and whether it be fraud, whether it be antitrust, whether it be environmental, whether it be a wide variety of other types of issues that an AUSA and a local district attorney US district attorney’s office would prosecute.”

·      “Asking the US attorney’s offices now to step into this space where really thinking from the idea of self-disclosure and from monitoring or audio auditing, so to speak, someone’s compliance program.”

·      “One of the not perhaps most difficult, but hardest conversations a corporation has is whether or not to self-disclose under the FCPA.”

·      “Bring it to me. I will consider it because it’s not 1 size fits all.

Resources

Ryan Patrick on LinkedIn

Ryan Patrick on Haynes and Boone

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

The Week That Was in Compliance – Clawbacks

We are in the midst of a multipart review of last week’s speeches from the Department of Justice (DOJ) at the recently concluded ABA’s 38th Annual National Institute on White Collar Crime, held in Miami. Compliance professionals, white collar defense lawyers and indeed corporate executives will be talking about the past week in Miami for many moons to come. The speeches were made by Deputy Attorney General Lisa Monaco (2023 Monaco Speech) and Assistant Attorney General Kenneth A. Polite (Polite Speech) and they previewed a number of initiatives by the DOJ which every compliance professional will need to study in some detail. These new initiatives included:

The Criminal Division’s Pilot Program Regarding Compensation Incentives and Clawbacks

Evaluation of Corporate Compliance Programs (ECCP)

Revised Memorandum on Selection of Monitors in Criminal Division Matters

Over this series, I will be taking a deep dive into these speeches and new Evaluation of Corporate Compliance Program, Monitor Selection and Pilot Program on Incentives and Clawbacks. Today we take a deep dive into those portions of the Monaco and Polite Speeches which dealt with clawbacks or in the terminology of the ECCP-consequence management.

Monaco Speech

DAG Monaco discussed the development of the clawback policy to promote “innovative approaches to compensation” which would “shift the burden of corporate malfeasance away from uninvolved shareholders onto those more directly responsible.” She believes “Companies should ensure that executives and employees are personally invested in promoting compliance” as “nothing grabs attention or demands personal investment like having skin in the game, through direct and tangible financial incentives.” This led the Criminal Division to “develop guidance, guidance on how to reward corporations with compliance-promoting compensation programs.”

The clawback initiative has two parts. Monaco said, “First, every corporate resolution involving the Criminal Division will now include a requirement that the resolving company develop compliance-promoting criteria within its compensation and bonus system. Second is the creation of a 3-year pilot program under which the “Criminal Division will provide fine reductions to companies who seek to claw back compensation from corporate wrongdoers.””

Finally, the DOJ has added some real benefits for companies which follow these prescripts. First is that any company which resolves a Foreign Corrupt Practices Act (FCPA) violation will “pay the applicable fine, minus a reserved credit equaling the amount of compensation the company is attempting to claw back from culpable executives and employees.” Additionally, “If the company succeeds and recoups compensation from a responsible employee, the company gets to keep that clawback money — and also doesn’t have to pay the amount it recovered.” Finally, if the company’s efforts at clawbacks are not successful or completed during the pendency of the investigation up to the settlement “the pilot program will also ensure that those who pursue clawbacks in good faith but are unsuccessful are still eligible to receive a fine reduction.” All of these efforts are designed to “shift the burden of corporate wrongdoing away from shareholders, who frequently play no role in the misconduct, onto those directly responsible.” Monaco concluded, “We intend this program to encourage companies who do not already factor compliance into compensation to retool their programs and get ahead of the curve.”

Polite Speech

 As expected, Polite provided more detail on the new clawback initiative. He said, “As to clawbacks: for companies that fully cooperate with our investigation and timely and appropriately remediate the misconduct, they may receive an additional fine reduction if the company has implemented a program to recoup compensation and uses that program. We expect companies that use these programs to address not only employees who engaged in wrongdoing in connection with the conduct under investigation, but also those who had supervisory authority over the employees or business area engaged in the misconduct, and knew of, or were willfully blind to, the misconduct.” (emphasis mine)

Expanding on the benefits for an organization, he stated, “If the company meets these factors and – in good faith – has initiated the process to recover such compensation at the time of resolution, our prosecutors will accord an additional fine reduction equal to the amount of any compensation that is recouped within the resolution term.” Finally, “if a company’s good faith effort is unsuccessful by the time the resolution term ends, our prosecutors will have discretion to accord a fine reduction of up to 25% of the amount of compensation that has been sought.”

Polite did leave room for companies to weigh a variety of factors in bringing a clawback claim. He noted, “We are not trying to incentivize waste. To the contrary, companies should make an assessment about the potential cost to shareholders and prospect of success of clawback litigation, given any applicable laws, and weigh it against the value of recoupment – and proceed in accordance with their stated corporate policies on executive compensation. This Pilot Program will be in effect for three years, allowing us to gather data and assess its effectiveness and also aid other components and offices in considering this important issue.”

As a recovering trial lawyer, I know that any litigation is always fraught with unknowns, both known and unknown. Given the imbroglio involving the DOJ and Cognizant Technologies Solutions over the DOJ prosecution of former executives, the road to any successful clawback will be fraught with peril. Additionally, it is not clear how far companies or the DOJ will push for clawbacks from “those who had supervisory authority over the employees or business area engaged in the misconduct.” If scope creep comes in it could be a wide group.

Join me tomorrow as I begin an exploration of the updated Evaluation of Corporate Compliance Programs.

Categories
FCPA Compliance Report

Eric Young on the Evolution of the CCO

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this special episode, I am joined by Eric Young from Guidepost Solutions. Young has worked at prestigious institutions like JPMorgan, General Electric, S&P Global Ratings, and BNP Paribas. He shares his expertise to empower employees looking to move ahead with processes, find solutions, and navigate compliance issues.

Tom and Eric talk about the highlights of the Monaco Memo, updates on the Corporate Enforcement Policy, a case study from ABB to showcase the role of the CCO, and how firms should interpret Department of Justice speeches. He further dives into the corporate culture, accountability, and role of the CCO within an organization. Finally, Eric sheds light on a case from McDonald’s involving the former CEO and their decision to claw back compensation. The discussion concluded with acknowledging the Delaware court’s holding that elevates the CCO’s corporate duties.

Key Topics:

[00:04:24] Process Improvement to Avoid Violations and Effect Positive Change in Company Culture

[00:09:19] The Effects of the Monaco Memorandum on Corporate Compliance Practice

[00:14:35] ABB’s Impressive Performance During an Investigation and Remediation Period

[00:18:42] The C-suite’s Responsibility in Organizations

[00:23:21] The Impact of Experiences on Assessing Business Decisions

[00:28:05] The SEC Inquiry on McDonald’s precipitated by Steve Easterbrook’s Removal

[00:32:24] The Significance of Delaware Courts in Regards to Corporate Law

[00:37:13] The Functions of Corporate Boards During Times of Crisis.

Tune in and listen to Eric as he educates us about the need to report extraordinary circumstances to the Department of Justice

 Resources:

Connect with Tom Fox

●      LinkedIn

Connect with Eric Young

●      Guidepost Solutions

●      LinkedIn

Categories
Compliance Kitchen

Compliance Kitchen – The Changes in the DOJ Corporate Enforcement Policy

The Compliance Kitchen returns with a wrap-up of the week’s top trade and economic sanction issues. In today’s episode, Silvia Surman visits the DOJ revised its Corporate Enforcement Policy and the Kitchen looks at the highlights.

Categories
Blog

The World Has Changed: McDonald’s and the Oversight Duty of Officers-Part 4

Over the past year, the role of the Chief Compliance Officer (CCO) has shifted in some very dramatic ways. The shifts have been from disparate groups and for a variety of reasons. Yet when put together, one can see a clear and bright line expanding and elevating the role of the CCO in the corporate world. From the announcement of the requirement for CCO Certification last year up to the announcement of the Delaware Court of Chancery’s decision in the case of In re McDonald’s Corporation Stockholder Derivative Litigation, it is now clear that the CCO has as wide a remit and responsibility as any corporate officer, other than the Chief Executive Officer (CEO) of a company.

I think the following announcements, changes in DOJ and SEC focus on Foreign Corrupt Practices Act (FCPA) enforcement and now a court case out of Delaware will change the role of the CCO forever.

CCO Certification

This shift began with the speech by Kenneth Polite, Assistant Attorney General for the Criminal Division speech on May 17, 2022, at Compliance Week 2022; announcing the new requirement for CCO Certification of compliance programs for companies going through a Deferred Prosecution Agreement (DPA). This CCO Certification required the Glencore CCO to certify Glencore compliance program “is reasonably designed to detect and prevent violations of the FCPA and other anti-corruption laws” at the conclusion of the DPA.  Who is the only other person required to make a similar certification at the conclusion of a DPA? The CEO of the company.

This means the CCO (and CEO) are certifying the entire compliance program meets the standards of not simply best practices but also all the enhanced requirements set out in Attachment C of any DPA. While many have focused on the question of whether this would bring criminal liability to a long-gone (or even current) CCO; this question now seems to miss the mark. Recall what Polite said when announcing the new requirement “It is the type of resource that compliance officials, including myself, have wanted for some time, because it makes it clear that you should and must have appropriate stature in corporate decision-making. It is intended to empower our compliance professionals to have the data, access, and voice within the organization to ensure you, and us, that your company has an ethical and compliance focused environment.”

Monaco Memo and Changes in the Corporate Enforcement Policy

The 2022 Monaco Memo and 2023 announced changes in the DOJ’s Corporate Enforcement Policy (CEP) are bookends of a series of changes which began as far back as October 2021 when Deputy Attorney General Lisa Monaco first announced the revisions which would eventually be incorporated into the Monaco Memo and CEP. In many ways the Monaco Memo laid out the sticks while the CEP provided the carrots for current FCPA and other white-collar enforcements.

The Monaco Memo directed prosecutors to evaluate a corporation’s compliance program as a factor in determining the appropriate terms for a corporate resolution; as prosecutors should now assess the adequacy and effectiveness of the corporation’s compliance program at two points in time: (1) the time of the offense; and (2) the time of a charging decision.  Kenneth Polite further defined the effectiveness of a compliance program at the time of the offense as “At the time of the misconduct and the disclosure, the company had an effective compliance program and system of internal accounting controls that allowed the identification of the misconduct and led to the company’s self-disclosure.” This is the first time the DOJ has said that it is the detection of wrongdoing which defines the effectiveness of a compliance program. This means a company’s investment in a compliance program, CCO and corporate compliance team are all elevated in importance. This prong does not simply get you a discount, but it can put you on the road to the default position of the DOJ for a FCPA violation, a declination.

Moreover, when you couple the ABB FCPA resolution to the Monaco Memo, you see the carrots which appeared in the new CEP. ABB was the first, three-time FCPA recidivist yet was able to get an excellent resolution with the government and a fine of only $315 million despite clear aggravating factors including corruption up to and in the corporate office. From the ABB resolution, you begin to see how the role of the CCO increases dramatically.

Duty of Oversight

These trends were brought together in the Delaware Court of Chancery’s decision in the case of McDonald’s Corporation and its former Executive Vice President and Global Chief People Officer of McDonald’s Corporation, David Fairhurst in the case In re McDonald’s Corporation Stockholder Derivative Litigation, where for the first time, a Delaware court formally recognized the oversight duties of officers of Delaware corporations.

As I have previously noted, one of the most interesting parts of the court’s opinion is that it draws from the US Sentencing Guidelines and their creation of the Chief Compliance Officer position as both reasons for the decision and as a guide to how the CCO position will be impacted by this ruling. The judge pointed to the US Sentencing Guidelines as a key basis for the creation of the original Caremark Doctrine. The court stated that a prime reason for “recognizing the board’s duty of oversight was the importance of having compliance systems in place so the corporation could receive credit under the federal Organizational Sentencing Guidelines.” However, the Guidelines did not stop at the board level. The US Sentencing Guidelines mandated the creation of the CCO position.

The court noted that the CCO has a broad scope within an organization. The court stated “Although the CEO and Chief Compliance Officer likely will have company-wide oversight portfolios, other officers generally have a more constrained area of authority.” The responsibilities of the CCO are wide and sometimes varied. Here the court stated, ““[s]pecific individual(s) within the organization shall be delegated day-to-day operational responsibility for the compliance and ethics program. Individual(s) with operational responsibility shall report periodically to high-level personnel and, as appropriate, to the governing authority, or an appropriate subgroup of the governing authority, on the effectiveness of the compliance and ethics program.” But the Delaware court also provided CCOs with some additional ammunition in their quest for true influence in a corporation by stating that “to carry out such operational responsibility, such individual(s) shall be given adequate resources, appropriate authority, and direct access to the governing authority or an appropriate subgroup of the governing authority.”

What Does It Mean?

This is the part where it gets interesting. Under the CCO Certification and the Delaware court’s ruling, it is the CCO who is 1B to the CEO’s 1A. The first step every company must make it to put the CCO in position to report up directly to the Board of Directors. It also means that the days of a CCO reporting to a Chief Legal Officer (CLO) or General Counsel (GC) are certainly numbered. The Delaware Court drove this point home by specifically naming  a CLO/GC as a person “responsible for legal oversight and for making a good faith effort to establish reasonable information systems to cover that area.” In other words, not responsible for the company wide remit such as the CCO.

The next area would come from the Hallmarks of an Effective Compliance Program as laid out in the FCPA Resource Guide, 2nd edition. In that document it states “In appraising a compliance program, DOJ and SEC also consider whether a company has assigned responsibility for the oversight and implementation of a company’s compliance program to one or more specific senior executives within an organization. Those individuals must have appropriate authority within the organization, adequate autonomy from management, and sufficient resources to ensure that the company’s compliance program is implemented effectively.” That means financial resources and head count.

I would add, a level of professionalism and expertise in compliance means more than simply ‘being a lawyer’. Under Chapter 9, Section 47 of the US Attorney’s Manual, the DOJ is mandated to evaluate “The quality and experience of the personnel involved in compliance, such that they can understand and identify the transactions and activities that pose a potential risk.”  Finally, the DOJ will also evaluate other factors such as CCO compensataion as commiserate with the position of being second in importance to the CEO.

The Delaware Court decision creating the Duty of Oversight was not designed to increase the scope, reach and importance of a CCO but the more I look at the case I believe that will be its most lasting legacy. When you look back over the past 12 months, you see that the CCO has more stature and responsibility than it has ever had before.

With a converse nod to Uncle Ben from Spiderman, with great responsibility must come great power.

Categories
FCPA Compliance Report

James Koukios on Changes to Corporate Enforcement Policy

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this special episode, I am joined by Morrison and Foerster partner James Koukios to discuss the recent Kenneth Polite speech announcing changes to the Department of Justice Corporate Enforcement Policy.

In this episode, we consider the following:

  • What is the CEP;
  • This is a follow on from the Monaco Memo;
  • Why this change is significant for recidivists;
  • How this change redefines an effective compliance program;
  • The new CEP offers real, tangible, and significant benefits for compliance programs; and
  • What it all means going forward.

Resources

Kenneth Polite Speech

Updated CEP

Categories
From the Editor's Desk

January and February 2023 in Compliance Week

Welcome to From the Editor’s Desk, a podcast where co-hosts Tom Fox and Kyle Brasseur, EIC at Compliance Week, unpack some of the top stories which have appeared in Compliance Week over the past month, look at top compliance stories upcoming for the next month, talk some sports and generally try to solve the world’s problems.

In this month’s episode, we look back at top stories in CW from January around the changes to the DOJ Corporate Enforcement Policy, the Ireland DPC fine against Meta, and the always-interesting Inside the Mind of the CCO series. We previewed some of the stories CW will look at in February, including several articles about data privacy in the US and Europe.

We conclude with a look at some top sports stories, including the NFL playoffs and the Carlos Correa contract situation.

Resources

Kyle Brasseur on LinkedIn

Compliance Week