Bryan Sillaman, Head of the Paris office of Hughes Hubbard & Reed LLP, returns to the show to share the breadth and scope of some of the regulatory frameworks already in place, what the green taxonomy is all about and how it relates to an overall ESG program.
▶️ Exploring ESG from the European Perspective with Bryan Sillaman.
Key points discussed in the episode:
(00:30) Bryan Sillaman shares his current practice and interesting evolution from a white-collar defense lawyer to an ESG aficionado.
(01:28) The key differences in the regulatory approach to ESG between the EU and US.
(02:34) The robust and rigorous exercise at a scientific and technical level to define sustainable activity versus not generating different opinions & viewpoints. Bryan expects this lengthy process in the EU in 2021 to become a lot more in 2022.
(03:49): The EU has been ahead a bit on the front where the United States is in terms of the ESG regulatory approach. Sillaman shares that this is part of what’s driven by the regulatory framework, but even more so, as companies face pressure from their investors, employees, unions, NGOs and various stakeholders.
(05:04): Companies claim to be involved in sustainable activities but not really involved. And it comes back to the concern of greenwashing and establishing the taxonomy set out to define at a technical and scientific level what is sustainable and what is not.
(08:07) The sustainable financial disclosure regulation and its operation into an overall ESG framework. It requires asset managers as financial market participants to first disclose how much of their activities are aligned with the taxonomy.
(09:19) The Corporate Sustainability Reporting Directive and how it fits in.
(10:50) With directives defined, Bryan shares where he sees EU reporting standards for ESG headed and envisioned as the technical criteria will evolve over time.
(12:57) ESG has become a really top-of-mind issue for many companies and institutions. Sillaman shares that this is part of what’s driven by the regulatory framework, but even more so, as companies face pressure from their investors, employees, unions, NGOs and various stakeholders.
(14:13) Interesting trends for 2022 following the regulatory Bryan cites interesting cases and lawsuits brought by NGOs to pursue reductions in carbon emissions and other damages against companies.
(17:30) Several countries pass enhanced disclosure and due diligence requirements on the supply chain, and companies are operating in their jurisdiction focus on human rights issues.
(19:20) The S or social aspect part of ESG gets more attention, perhaps not as much as the environmental or E piece that focuses on gender issues
(20:36) A company that wants to start an ESG Program should first figure out who the key stakeholders are. It covers a broad set of issues that naturally implicates a lot of different stakeholders within the company.
Bryan J. Sillaman is Managing Partner of the firm’s Paris office. During his time at Hughes Hubbard, Bryan has counseled clients across a range of governance and compliance issues, including the development of policies and procedures, due diligence relating to third-parties and joint venture partners, and internal reviews and audits of their global operations. Bryan has spent significant time advising clients in connection with independent corporate monitorships and has traveled extensively in connection with his activities, including to Angola, Brazil, China, Indonesia, Malaysia, the Middle East, Nigeria, Russia, Thailand and Venezuela.
Prior to joining Hughes Hubbard, Bryan was an attorney in the Division of Enforcement of the US Securities and Exchange Commission (SEC) where he earned a Division Director Award.
Connect: bryan.sillaman@hugheshubbard.com
—————————————————————————-
Do you have a podcast (or do you want to)? Join the only network dedicated to compliance, risk management, and business ethics, the Compliance Podcast Network. For more information, contact Tom Fox at tfox@tfoxlaw.com.
Tag: compliance
This week, we are exploring the topic of Innovation in Compliance, through a week of considering some of the newest business strategies which can be applied by the compliance profession to corporate compliance programs. My inspiration comes from MIT Sloan Management Review Winter Edition. In Setting the Rules of the Road, authors Ulrich Pidun, Martin Reeves, and Niklas Knust posited that putting the right rules in place to orchestrate a platform that creates value for all stakeholders is critical to help in an overall approach to manage risk. I have used their article as a starting point to look at the enhancement of compliance ecosystems. Yesterday we reviewed what is a compliance ecosystem and a framework for considering it. Today we conclude this topic by employing the elements of a framework to deploy four foundational recommendations which can guide Chief Compliance Officers (CCOs) in developing and leading a governance model for a compliance ecosystem.
- Align your ecosystem’s governance model with its strategic priorities.
As with all compliance programs, the strategic priorities of your compliance ecosystem will vary by risks, risk management protocol and compliance program maturity. The authors point out that your compliance ecosystem growth, “can be fostered by lowering entry barriers, easing the controls on conduct, and/or offering a more generous distribution of [compliance] value.” Yet the “governance model can help orchestrators maintain the quality of an ecosystem’s offerings.”
If your overall strategic focus is on improving alignment among the stakeholders of a compliance ecosystem, “the different dimensions of governance can help.” This can include “leveraging several governance dimensions: a common mission, strict technical guidelines and processes for conduct, and administrative decision rights that are assigned to specific users.” The authors conclude, “Nuanced choices regarding the dimensions of governance can help orchestrators simultaneously achieve conflicting objectives,” specifying that there can be low barrier access to the compliance ecosystem “while at the same time ensuring a high level of quality and consistency by centralizing decision rights and using extensive quality checks before approving newly developed apps for the platform.”
- Use your governance model to stand apart.
Compliance ecosystem governance serves as a source of competitive advantage. As a CCO, you can develop different governance profiles to differentiate your compliance ecosystem. If your compliance ecosystem is relatively new, you can “adopt an open governance model to counter the network effects enjoyed by incumbents.” The authors caution that it may be an iterative process as your first attempt might not be embraced fully by all stakeholders.
Moreover, while competing ecosystems initially experiment with diverse governance models and use them for competitive differentiation, over time the more successful models eradicate the weaker ones. CCOs learn which governance work best for their organization but then such models may begin to converge. The authors observed, “If one ecosystem gains a competitive advantage by adapting its governance model, others may be forced to do the same to keep up.”
- Use governance to ensure social acceptance.
Interestingly, what the authors observed in their study of business ecosystem governance was that good governance could lead to more social acceptance. Typically, in the compliance realm, it is the reverse; that is social acceptance by employees and other stakeholders leads to good governance. This dichotomy is worth exploring for the CCO.
Perhaps, not to surprisingly, the compliance ecosystem approach has not yet been fully embraced by the Department of Justice (DOJ) or Securities and Exchange Commission (SEC) most probably because it is still so cutting edge. However, as with all thing’s compliance, the key when the regulators come knocking is that you have Documented, Documented, and Documented your efforts in this area. But even beyond the regulatory review and enforcement arena, a lack of trust between the compliance function and stakeholders can lead to a compliance ecosystem failure.
Moreover, good governance is a prerequisite for building social capital and securing the social legitimacy required by a compliance ecosystem. The authors state, “the governance model must be designed to engender and maintain social acceptance, as well as legal compliance, over the long term and in the face of changing demands. Superior governance, understood in this way, must be consistent and fair.” This sounds precisely like what the DOJ mandated in the Update to the Evaluation of Corporate Compliance Programs as CCOs and the compliance function is now the guardian of institutional justice and institutional fairness. The authors take it a step further arguing, “Consistency means that the mechanisms of governance are transparent and easy to understand, comprehensive, internally consistent, and stable over time.” Finally, the authors believe, “Fairness means that governance complies with corporate policies and legal requirements, avoids biases and creates trust among employees and other stakeholders.”
- Adapt your governance model over time.
The authors state, “Adaptability is a key strength of a successful ecosystem. Typically, this adaptability stems from a modular setup that features a stable core (or platform) and interfaces, with highly variable components that can be easily added or subtracted. This enables ecosystems to evolve along with changes in the competitive environment, the needs of orchestrators and participants, social mores, and technology. This same kind of adaptability must also be reflected in the governance model of an ecosystem.” I quote this statement in its entirety because it is a longer way of saying that continuous monitoring leads to continuous improvement. Your compliance program must evolve as do each of the components within it. This would also include the governance of your compliance ecosystem.
As compliance ecosystems become more widespread and evolve, the quality of their governance is an increasingly important success factor. The authors drive home the point that all compliance practitioners understand, “there is no single best way to design your governance model: It will be contingent on the strategic priorities, competitive dynamics, societal demands, and life-cycle stage of the ecosystem.” In other words, assess your own risks in creating your compliance ecosystem and then manage your risks through it.
A CCO should not treat governance as “an afterthought but should instead think through and actively design the governance model.” You need to understand the benefits and risks of aligning “governance and strategy, and resolve strategic trade-offs by balancing the different dimensions of governance.” You ought to put yourself into the shoes of ecosystem stakeholders and employees to understand the impact of your governance decisions on their incentives to participate and contribute. You will have to adapt your governance model over time to react to changes in user preferences, technology, competition, and strategy. Finally, remember “Good governance is an essential key to the success of both ecosystem orchestrators and their partners.”
Please join us tomorrow where we will look at moving beyond trust in your compliance regime.
I just delivered to LexisNexis the edits for the next edition of The Compliance Handbook, the single definitive one author volume on the design, creation, implementation and enhancement of a best practices compliance program. It will appear later in 2022. One thing that struck me in updating this seminal work is the innovation that has occurred and continues to drive the compliance profession. In addition to the evolution of the Department of Justice (DOJ) in its thinking about what constitutes a best practices compliance, the tools and strategies used by compliance professionals continues to evolve through innovation. I decided it was time to have another Innovation in Compliance Week to look at some of the newest business strategies which can be applied by the compliance profession to corporate compliance programs. My inspiration comes from MIT Sloan Management Review Winter Edition. Today, I want to consider platforms for compliance ecosystems.
In Setting the Rules of the Road, authors Ulrich Pidun, Martin Reeves, and Niklas Knust posited that putting the right rules in place to orchestrate a platform that creates value for all stakeholders is critical to help in an overall approach to manage risk. I have used their article as a starting point to look at the enhancement of compliance ecosystems.
What is a Compliance Ecosystem?
If you have ever sat in the Chief Compliance Officer (CCO) chair you know that your life is constantly juggling multiple balls in the air at once. Perhaps my favorite metaphor is fixing or even swapping out jet engines while flying at 400 MHP at 35,000 ft. Moreover, in the corporate world think about all the other disciplines compliance touches or should touch. For instance, how many touch points are the in the Human Resources (HR) sphere around compliance? I submit there are client touchpoints at each step the HR lifecycle of employment for any person in any organization. The same is true for the entire sales cycle and the procurement cycle. Compliance should work in each of those ecosystems to operationalize compliance more fully by adding value through increased business efficiencies, not bureaucratic burdens.
There is another way that this ecosystem approach can make your compliance program more effective. Think about the third parties your company has on both the sales and supply chain side. If you could work to create a closer ecosystem with those stakeholders from the compliance perspective, it would not only make the business relationship stronger but also make the entire business process more efficient.
Compliance has undergone a paradigm shift as a result of technological and digital innovation. CCOs who cannot interpret the data from their own systems will likely find themselves consigned to the dustbin of corporate luddites. Compliance will be moving into a new era of collaboration and connection to more fully operationalize compliance to make all business stakeholders more efficient and, at the end of the day, more profitable.
The authors found that many ecosystem failures stem from their governance models; that is, “the explicit and/or implicit structures, rules, and practices that frame and direct the behavior and interplay of ecosystem” stakeholders. The authors noted a variety of reasons for these failures including conflicts among ecosystem partners, backlash from internal stakeholders or government regulators are other indicators of governance flaws that can bring down an ecosystem. The key for CCOs in trying to establish compliance ecosystems is to “understand the components of a comprehensive governance model and glean insights from ecosystem successes and failures can make more informed and explicit governance decisions.” As the authors note, in doing so, CCOs can “improve the odds that their” compliance ecosystems will survive and prosper over the long term.
Compliance Ecosystem Framework
Good governance supports a compliance ecosystem’s ability to create value, manage risk, and optimize both efficiency and return among its stakeholders. To lead in support of these ends and capture a competitive advantage, CCOs must systematically think through and actively design what the authors denote as five elements of an ecosystem governance model. I have adapted their framework for a corporate compliance program.
Mission. There must be engagement so there is a strong sense of shared mission to keep compliance ecosystem partners moving forward. CCOs should identify a clear and distinctive compliance purpose early in the ecosystem “development and anchor it in a well-articulated set of values can motivate and align partners, particularly when this involves solving a significant problem or making an important contribution to society.” This can also “encourage desirable behaviors without undue reliance on complex rules and written standards.”
Access. CCOs should begin with stakeholders who agree to certain standards and behaviors regarding the compliance ecosystem. “The rules governing access also can help determine partner commitment by requiring an investment or offering an incentive for joining the ecosystem and/or defining the level of exclusivity that partners must provide to the ecosystem.” This investment can be with people or time but investment + engagement means increased buy in.
Participation. “The degree to which partners are invited to contribute to the formulation of ecosystem governance and strategy over time. It also includes the rules for conflict resolution among ecosystem stakeholders.” Some type of Fair Process Doctrine is critical here as “stakeholders need a clear view into the rules and strategy of a [compliance] ecosystem to actively participate in it and determine their own strategies”. Through stakeholder engagement and participation “governance and strategy can bolster their commitment and willingness to invest resources in an ecosystem.”
Conduct. This component of the framework is more technical as your compliance ecosystem should have a strong tech element. This allows CCOs to “directly influence the behavior of participants in their ecosystem using input control, process control, and output control. Input control, which is often automated using application programming interfaces (APIs) or integrated development environments, specifies the requirements for the partners’ contributions to the ecosystem, including standards and instruments of quality control and the approval of new contributions.”
Sharing. The final building block of ecosystem governance defines the data and property rights of stakeholders. The authors note, “data and property rights regulate ownership and use of the data and intellectual property that are contributed to — or created within — the [compliance] ecosystem.” This can work to allow a wide variety of outcomes across disparate business lines or units, geo-regions or service/product offerings.
Join us tomorrow where I will employ these elements to counsel four foundational recommendations that can guide CCOs in developing and leading a compliance ecosystem.
Super Sunday is here. The NFL finally gets the game in the spotlight after weeks of brutal PR. Who ya got? “Who Dey” or Hollywood? Tom and Jay are back look at some of the week’s top compliance and ethics stories this week in the Super Sunday edition.
Stories
1. Do compliance professionals need a union? Dick Cassin in the FCPA Blog.
2. Jailed employees under the FCPA. Bill Jacobsen explores in the FCPA Blog.
3. New workplace normal for policies and training. Ingrid Freeden in Risk and Compliance Matters.
4. New SOE risk management framework. Alexandra Gillies and Thomas Shipley in the FCPA Blog.
5. 3 questions from KPMG and Carillion tribunal. Neil Hodge in Compliance Week. (sub req’d)
6. SFO investigation protocol announced. Mengqi Sun in the WSJ Risk and Compliance Journal.
7. Companies yet again ask EU for rules around ESG. Lawrence Heim in practicalESG.
8. CCOs say self-reporting a hard sell. Evren Esen in CCI.
9. What comes next for ABC and the Olympics? Andy Spalding in GAB.
10. The Spotify imbroglio. Matt Kelly with a 2-parter in Radical Compliance, Part 1 and Part 2.
Podcasts and More
11. In February on The Compliance Life, I visit with Ellen Smith, a former Director of Trade Compliance who recently started her own consulting firm. In Part 1, she discussed her academic background and early professional career. InPart 2, Ellen moves in-house.
12. Tom and Richard Lummis begin their annual review of Best Picturing winning movies on 12 O’Clock High, a podcast on business leadership. In Part 1 they review Schindler’s List for leadership and ethical lessons. Upcoming episodes will look at Gladiator, A Man for All Seasons and Platoon.
13. CCI releases new e-book from Tom “FCPA 2021 Year in Review”. Available free from CCI.
14. Trial of the Century-the Enron Trial. This week, Tom premiered a 5-part podcast series on the Enron Trial with Loren Steffy, who covered the trial for the Houston Chronicle. In Part 1, run up to the trial. In Part 2, the trial begins. In Part 3, the star witnesses and key testimony. In Part 4, the Verdict comes in. In Part 5, what did it all mean. It is be available on the Compliance Podcast Network, Megaphone, iTunes, Spotify and all other top podcast platforms.
15. In a special 2-part series on the Sunday Book Review, Tom looks at the Notre Dame Deloitte Center for Ethical Leadership’s top books on ethical leadership from 2021. Part 1 and Part 2.
Tom Fox is the Voice of Compliance and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.
Categories
Practicing Compliance
As usual during the Oscar season, Richard Lummis, my co-host on the podcast series 12 O’Clock High, a podcast on business leadership, and I do a special 4-part podcast series on Best Picture winning Oscar movies. We mine them for leadership lessons for the compliance and business leader in the 2020’s. It is also a great way to watch some fabulous old movies or even some which are not so old. Some movies are very intuitive on leadership lessons. Movies like Patton, Lawrence of Arabia or The Bridge on the River Kwai are clearly about leadership as well as multiple other themes.
This Oscar season we have a lineup of Schindler’s List, Gladiator, A Man for All Seasons and Platoon. The series premiers on Thursday, February 10, and runs for four consecutive weeks. I hope you will check it out. It is great to sit down with a movie, that you may not have seen in years and watch it with an eye towards leadership lessons. Equally enjoyable is reading the commentary on the movie, both film critique and more business and leadership focused commentary.
Next week’s offering will be Gladiator and one of the leadership lessons I garnered from the movie is the need to not only design your compliance strategy but practice it. Practicing is not often talked about in compliance. There is plenty of ink and commentary on designing a compliance program but almost none on practicing it after you design, create and implement it into a best practices compliance program.
One person who does talk about practicing compliance is Jonathan Marks. In a blog post entitled Crisis Management – Lights, Camera, Action! he wrote, “Even the best-prepared organizations will experience a crisis—and there’s rarely a perfect response. The ability to avoid disaster and avoid mismanagement of the situation—will largely be determined by the effectiveness of the organization’s crisis prevention efforts, crisis response plan, proper training of the crisis team, and leadership to manage the crisis effectively.” What is the solution to this imbroglio? Marks answers, “Practice, practice, practice…regularly conduct disaster rehearsal exercises or crisis management simulations that are impactful and help reveal blind spots that can be remediated and ultimately prepare you and your team for not if, but when something ugly happens.”
But you do not have to wait for a crisis to practice. You can do it on a regular basis and on a variety of areas in your compliance program. An obvious place to practice is around your internal reporting system. Can an internationally based employee reach the hotline to report a claim? Have you ever tested that proposition? Does your hotline work in each country where you have employees? In the local language of the employees?
However, being able to pick up the phone and make a hotline compliant is only the starting point. Do you have a triage protocol? Have you tested it? If you are a Chief Compliance Officer (CCO) have you sat down with your compliance team and run through some examples of reports that might come in to see where your team would send them and what advice they would provide at that point? Now think about the cost of performing such a ‘practice’ session. That is right it would be zero dollars. Always remember as a CCO or compliance professional you are only limited by your imagination and in this case, you can imagine many scenarios and use that imagination to practice your compliance team.
What about practicing formal internal and external audits? To do so you can employ a practice audit. In the practice audit, the team will go through the factors which will be reviewed in a formal audit at your organization. The practice audit is a mechanism by which a compliance team can go into a location or business unit and not only try to determine what might need remediation but, equally importantly, help the employees move towards greater compliance. The team members who perform these practice audits need not always be compliance personnel. This allows you to train as you practice. These practice audits help to uncover gaps that need closing before any of the regulatory mandated audits by external audit teams. Obviously, the entire experience can be a powerful training tool as well as a practice exercise.
In the movie Gladiator, the character Maximus survives several gladiatorial bouts in the Coliseum by practicing. While not often considered in compliance, think about practicing your compliance program to see if it works, determine what can be improved but also train as you are practicing. As I noted above, the cost be can very low even if you bring a seasoned compliance professional to lead the practice session.
Finally, I hope you will check out the podcast series Lummis and I have put together for this year’s Oscar season. We had a ton of fun re-watching the movies, researching the lessons and then recording the podcasts. I know you will both get a lot of leadership and ethical lessons out of these podcasts but also find them quite enjoyable. Happy Oscar Season.
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week, Matt and Tom take up two recent academic papers which every compliance practitioner should study as they provide insight about how communications can impact both fraud prevention and compliance. Some of the issues we consider
- Berger and Lee on state FCA claims cutting overall accounting fraud.
- Jinjie Lin on SEC tweeting and reduction of SEC violations.
- What do these communication strategies portend?
- How can they be used by the compliance professional?
- Why whistleblowing does more than simply prevent fraud, waste and abuse. Itimproves the bottom line.
- Investment in communications strategies pays off.
Resources
Matt in Radical Compliance
Thoughtful evaluation – that’s what Trysha Daskam says about what sets apart Silver Regulatory Associates from other investment firms.
Thoughtful evaluation – that’s what Trysha Daskam says about what sets apart Silver Regulatory Associates from other investment firms.
With her strong foundation in compliance and regulatory expertise, Trysha unpacks the fundamentals, trends, and projections of ESG through the lens of private fund managers.
▶️ Unfolding ESG for Private Investments with Trysha Daskam.
Key points discussed in the episode:
(00:34) Trysha Daskam gives a rundown of her professional background as the managing director and head of ESG strategy in Silver Regulatory Associates.
(01:16) The three distinct services that Silver Regulatory Associates provides and the type of clients they’ve been working with since 2018.
(02:09) The unique ways Silver Regulatory Associates helps firms “shine” in the regulated space. Daskam explains how their firm evaluates managerial decisions through the lens of the investment strategy, putting themselves in their clients’ shoes.
(03:42): ESG programs must be treated with the same cautiousness and prudence as other policies. There should be an emphasis on training members to regulate and execute the program efficiently and properly.
(05:37): Having an ESG program is more than just an idea. Daskam describes how she guides investment firms into putting their strategies to fruition with the correct procedures, monitoring practices, and tools.
(07:28) Different industries are starting to realize the importance of ESG rolling out climate–centered projects and transparent DENI statistics. Financial services are pressured to come into the picture. Daskam predicts 2022 as a hallmark year for regulatory momentum among fund managers.
(09:31) The three key areas of focus for private investment managers in 2022.
(12:44) Greenwashing has become the core of regulatory movements. The U.S. Securities and Exchange Commission sees it as “a major risk in the current marketplace.” The urgent call for established standards to prevent misleading investors with deceptive language continues to intensify.
(14:31) Daskam forecasts a standardization of ESG reporting in the DENI and the FCC in 2022 as two prominent organizations have utilized diversity, equity, and inclusion questionnaires.
(15:54) Fierce competition in the investment space regarding managers putting extra effort in ESG programs and joining meaningful organizations to import outwardly on their climate impact.
(18:08) Comparable data is difficult to find in ESG market participants. But standardization progress is projected for 2022 as the International Finance Reporting Standards Board developed the International Sustainability Standards Board.
(22:38) A more sophisticated marketplace among investment firms is taking place as more players enter to take a slice of the pie.
(25:13) The investment space going into the future.
Trysha Daskam is a seasoned sustainability practitioner with an academic background unique to the industry and manages ESG strategy for investment firms, including the development and implementation of ESG policies, procedures, and internal reporting processes and conducting and overseeing ESG due diligence. Expert in policy writing and implementing regulatory controls, Trysha specializes in interpreting the impact of global regulation on a firm’s ESG program.
Connect: tdaskam@silverreg.com
—————————————————————————-
Do you have a podcast (or do you want to)? Join the only network dedicated to compliance, risk management, and business ethics, the Compliance Podcast Network. For more information, contact Tom Fox at tfox@tfoxlaw.com.
Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.
In today’s episode, Lisa talks to Amy Landry, who is one of the original GWICs, and a part of the podcast community since Day 1. Amy is an External Oversight and Risk Analyst for Vaya Health, and has experience in ethics, compliance and privacy. She is also someone who has a non-linear career.
Amy spent a lot of her career working with E&C vendors, and when her job was impacted during COVID, she decided that she wanted to move to the in-house side. She shares how she made that decision, and what steps she took to grow her knowledge base.
Amy is also known for how she has built a great network, and she has a great network and she talks about how she built and grew it by starting a blog when she was looking for her in-house role and about her experience looking for a job during the pandemic.
We also discuss the intersection of DEI and ethics and compliance, and Amy provides some of the insight she gained as part of the University of South Florida DEI certification program.
The Great Women in Compliance Podcast is on the Compliance Podcast Network with a selection of other Compliance related offerings to listen in to. If you are enjoying this episode, please rate it on your preferred podcast player to help other likeminded Ethics and Compliance professionals find it. You can also find the GWIC podcast on Corporate Compliance Insights where Lisa and Mary have a landing page with additional information about them and the story of the podcast. Corporate Compliance Insights is a much appreciated sponsor and supporter of GWIC, including affiliate organization CCI Press publishing the related book; “Sending the Elevator Back Down, What We’ve Learned from Great Women in Compliance” (CCI Press, 2020).
You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.
Join the Great Women in Compliance community on LinkedIn here.
Categories
Compliance Lessons from a Fraudulent Unicorn
With a name like HeadSpin Inc., you would probably expect nothing less than what has transpired over the past few months with the former Silicon Valley darling and unicorn. According to a Securities and Exchange Commission (SEC) Press Release, in August 2021, the SEC sued Manish Lachwani, the company’s former Chief Executive Officer (CEO), stating he “engaged in a fraudulent scheme to propel HeadSpin’s valuation to over $1 billion by falsely inflating the company’s key financial metrics and doctoring its internal sales records.” Lachwani, “controlled all important aspects of HeadSpin’s financials and sales operations, significantly inflated the value of numerous customer deals and fraudulently treated potential deal amounts that he had discussed with customers as if they were guaranteed future payments.” He created fake invoices and altered genuine invoices to make it appear as though customers had been billed higher amounts.
Lesson No. 1 – (with a nod to Elizabeth Holmes) Don’t Be a Fraudulent Unicorn
All of this was done so Lachwani could garner additional investor monies through Series B and Series C funding rounds which would eventually drive the company’s value over the $1 billion mark so it could obtain magical unicorn status. Lachwani is alleged to have enriched himself by selling $2.5 million of his HeadSpin shares in a fundraising round during which he made misrepresentations to an existing HeadSpin investor. All of this brought the attention of the SEC.
Lesson No. 2 – The Most Important Internal Control is Segregation of Duties
How could Lachwani get away with such shenanigans in an entity allegedly worth over $1 billion? In addition to lying, cheating, creating fraudulent invoices and other forms of creative financing, he abrogated one of the most basic internal controls in compliance (and finance) – segregation of duties (SODs). According to the SEC Complaint (Lachwani Complaint), “Lachwani was able to carry out his fraudulent scheme for years because he controlled and managed all the key aspects of HeadSpin’s financials and sales operations, and he kept HeadSpin employees in those different departments isolated from each other. For instance, virtually all the information provided to HeadSpin’s bookkeeper, including the supporting documentation for claimed revenue amounts, flowed through Lachwani.”
The Lachwani Complaint specifically noted, “Lachwani dictated the inflated revenue numbers each quarter to HeadSpin’s bookkeeper, who recorded those numbers in the company’s financial statements. He frequently sent the numbers without supporting documentation (like contracts and invoices) notwithstanding the bookkeeper’s regular requests for such backup, and he sometimes sent her fake or altered invoices that he had created, including the three fictional invoices related to Customer 2 and a doctored invoice related to Customer 1.”
Lesson No. 3 – Returning the Money to Those Harmed is Very Significant
All of this played out last week when Lachwani’s former employer HeadSpin settled a SEC enforcement action via a Complaint (HeadSpin Compliant). What relief did the SEC receive? (It is awaiting Court approval.) The SEC asked for “an order permanently enjoining Defendant from directly or indirectly violating Section 10(b) of the Exchange Act”. There was no request for monetary fine, penalty or profit disgorgement. How did HeadSpin achieve this notable goal? Through its remediation efforts.
The two critical remedial steps were to get rid of the corrupt (now former) CEO Lachwani and to repay investors from the Series B and Series C funding rounds. The HeadSpin Complaint stated, “HeadSpin revised its valuation from approximately $1.1 billion down to approximately $300 million. The company also returned approximately 70% of principal to investors in the Series B and C funding rounds through a recapitalization process. The company further offered to return the remaining funds in the form of promissory notes with one percent interest. Approximately 31 investors chose to retain their HeadSpin stock instead of exchanging for promissory notes.”
This is obviously a step more than profit disgorgement. Here the money was returned to those who invested based upon the fraudulent misrepresentations. Additionally, HeadSpin offered to return money to additional investors beyond the Series B and Series C investors.
Lesson No. 4 – Structural Remedial Measures are Critical
Another set of remedial steps were generally described in the SEC Press Release announcing the HeadSpin resolution. The Press Release note, “HeadSpin’s remedial actions also included hiring new senior management, expanding its board, and instituting processes and procedures designed to ensure transparency and accuracy of deal reporting and associated revenues.” This was phrased slightly differently by HeadSpin, who said in their Press Release, “Upon learning of the alleged actions approximately two years ago, the Company immediately replaced its CEO, strengthened its leadership team, appointed an external auditor and implemented numerous financial and internal controls and corporate governance practices.”
What remediation did HeadSpin engage in which persuaded the SEC not to ask for financial penalties? There are several key actions every compliance professional should study.
- The Board convened a special committee of independent directors to lead an investigation.
- The Board (through its investigation) identified the CEO as the person responsible for the illegal conduct and terminated his employment.
- Additionally, the Board removed key senior management, here the Chief Operating Officer (COO), General Counsel (GC) and Controller who, although not responsible for or a part of the illegal conduct, failed to carry out their responsibilities to prevent such wrongdoing.
- After this clean sweep, the Board brought in a new management team and retained subject-matter experts to correct prior deficiencies.
- The Board added new board members with appropriate subject-matter expertise.
- HeadSpin implemented new internal controls and policies and procedures.
Lesson No. 5 – Creative Lawyerin’ in Remediation Can Pay Big Results
There is one more strand that should be considered from the HeadSpin matter. After the Lisa Monaco speech in October, SEC Chair Gary Gensler announced her remarks are “broadly consistent” with his own view of how to deal with corporate offenders. The HeadSpin enforcement action may offer guidance of how the SEC may implement Gensler’s remarks, through providing creative remedial measures, such as repaying those injured directly. The bottom line is that creative lawyerin’ in the form of aggressive remediation, may get you significant cooperation credit leading to a no fine or penalty resolution.
In this episode of the FCPA Compliance Report, I am joined by fan favorite Mike DeBernardis, partner at Hughes Hubbard. In this episode we look at compliance and temporal timeline developments from Q4 2021. Highlights of this podcast include:
- A deep dive into the Lisa Monaco speech, how it impacted the compliance temporal timeline whether it was a change or recalibration.
- Anti-Trust developments.
- The Biden Administration Strategy on Countering Corruption?
- Compliance in 2022 and moving forward.
Resources
Mike DeBernardis on HughesHubbard website.
