Categories
Blog

The Boeing Saga: Compliance, Accountability, and the Path Forward

When it comes to corporate accountability, few cases are as significant as the ongoing litigation involving Boeing. Since the 737 MAX safety scandal erupted in 2021, the company has been embroiled in a complex legal journey. In July, the Department of Justice (DOJ) filed a proposed Plea Agreement with Boeing in the District Court in Dallas, Texas, under Judge Reed O’Connor. This filing stems from the original Deferred Prosecution Agreement (DPA) in 2021, and it underscores some critical issues that every compliance professional should be acutely aware of.

Boeing has agreed to plead guilty to one count of conspiracy to commit fraud against the Federal Aviation Administration (FAA) and the airplane evaluation group. This plea involves Boeing paying a $243 million fine, predetermined in the 2021 DPA. However, the Plea Agreement does not conclude the matter; it introduces several critical facets that warrant detailed exploration.

A poignant and complex aspect of this case is the involvement of the families of victims from the Lion Air Flight 610 and Ethiopian Airlines Flight 302 crashes. Under their statutory rights, these families participate in the proceedings and seek restitution for their profound losses. The court will determine whether any restitution should be awarded, a process fraught with emotional and legal challenges. The families argue that the proposed penalties are insufficient and that Boeing should explicitly acknowledge its responsibility for the tragic events.

Central to this plea agreement is the appointment of a Compliance Monitor tasked with overseeing Boeing’s adherence to compliance and safety protocols over the next three years. This monitor will be selected through a process involving the DOJ and Boeing, with a noteworthy exclusion: the district court will have no oversight of the monitor’s activities. This exclusion raises significant concerns about transparency and accountability, echoing past controversies in similar cases, such as the environmental crime case involving Carnival Cruise Lines.

The Compliance Monitor’s role in this case is unusually expansive. Beyond traditional compliance responsibilities—such as policies, procedures, internal controls, and training—the monitor will address anti-fraud measures, safety, and quality assurance/control (QA/QC) issues. This broader remit is essential, given the systemic failures at Boeing that contributed to the 737 MAX disasters.

The DOJ’s findings highlight disturbing lapses in Boeing’s safety and quality records. Employees reported feeling pressured to prioritize productivity and financial performance over safety and quality, a cultural flaw at the heart of the compliance breaches. This pressure led to out-of-sequence work, poor record-keeping, and inadequate safety audits, all indicative of a deeper systemic problem.

Addressing these issues requires a comprehensive culture-focused approach. The Compliance monitor must enforce existing standards and foster a culture of integrity and transparency within Boeing. This involves ensuring that employees can report concerns without fear of retaliation and that safety protocols are rigorously followed and documented.

The families of the crash victims are not mere bystanders in this process. They have voiced strong Objections to the Plea Agreement, particularly its perceived leniency and the lack of direct accountability for senior executives. They argue that the agreement implicitly exonerates those responsible for the safety lapses, a concern that resonates with many compliance professionals who advocate for robust accountability at all levels of an organization.

The district court’s exclusion from supervising the compliance monitor is unprecedented and troubling. In previous cases, judicial oversight has been crucial in ensuring that monitorships lead to genuine remediation. The current arrangement’s lack of transparency—where the monitor’s identity and activities are kept under seal—further exacerbates these concerns. Transparency is a cornerstone of effective compliance and accountability, and its absence could undermine the entire process.

For Boeing to restore its reputation and regain public trust, it must go beyond the minimum requirements of the plea agreement. This involves a commitment to comprehensive remediation, encompassing cultural change, structural reforms, and rigorous safety and compliance standards enforcement.

The Compliance Monitor’s broader remit is a step in the right direction, but it must be accompanied by genuine transparency and accountability. This includes involving the victims’ families meaningfully through regular updates and consultations and ensuring their concerns are addressed substantively.

The Boeing case is a stark reminder of the critical importance of compliance, transparency, and accountability in the corporate world. It highlights the devastating consequences of systemic failures and the urgent need for robust oversight mechanisms. As compliance professionals, we must advocate for comprehensive and transparent processes that ensure compliance with legal standards and foster a culture of integrity and responsibility.

Ultimately, true remediation and accountability are in the best interests of all stakeholders—from the victims’ families seeking justice to the company itself, striving to rebuild its reputation and restore public trust. Boeing’s path forward is clear: It must commit to rigorous compliance, transparent practices, and a culture prioritizing safety and integrity above all else. Only then can it hope to move beyond the shadows of the 737 MAX scandal and emerge again as a leader in the aviation industry.

Categories
Blog

Cookies, Chocolates and IP: The Stericycle FCPA Enforcement Action – Part III

Last week, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) announced a Foreign Corrupt Practices Act (FCPA) enforcement action, involving the waste management company, Stericycle, Inc. (Stericycle). According to the Information and Deferred Prosecution Agreement (DPA), Stericycle entered into a three-year DPA. The company was charged with two counts of conspiracy to violate (1) the anti-bribery provision of the FCPA, and (2) the FCPA’s books and records provision. Under the DPA, Stericycle agreed to a criminal penalty of $52.5 million of which the DOJ agreed to credit up to one-third of the criminal penalty against fines the company pays to authorities in Brazil in related proceedings. According to the SEC Cease and Desist Order (Order), Stericycle violated the anti-bribery, books and records, and internal accounting controls provisions of the FCPA and agreed to pay approximately $28.2 million in disgorgement and prejudgment interest. The SEC Order also provided for an offset of up to approximately $4.2 million of any disgorgement paid to Brazilian authorities. In today’s post we consider the fallout to the company, the comeback made during the pendency of the investigation and the monitor.
The Fallout
The fallout for Stericycle could not have been more dramatic or more disastrous. The company had to basically shut down a large part of its Latin American business. According to the DPA, Stericycle divested itself from its subsidiaries in Mexico and Argentina and taking steps to address its risks in Brazil. Consider that for a moment, the corruption is so endemic within your business unit, that you actually cannot remediate, you must divest yourself of it. According to Stericycle’s own estimates it would lose millions of dollars in business if it was required to leave these countries and the amounts of monies generated through bribery and corruption was equally high, according to the DPA.
The Comeback
The Stericycle enforcement action once again demonstrates how the FCPA Corporate Enforcement Policy can benefit even the most corrupt organization and allow a significant reduction of the overall fine and penalty under the US Sentencing Guidelines. According to the DPA, Stericycle received a 25% discount off the bottom of the applicable Sentencing Guidelines fine range for its cooperation during the pendency of the investigation and the extensive remediation. The former conduct was identified as “proactively disclosing certain evidence of which the United States was previously unaware; providing information obtained through its internal investigation, which allowed the government to preserve and obtain evidence as part of its own independent investigation; making detailed factual presentations to the Fraud Section; voluntarily facilitating interviews in the United States of foreign-based employees; and collecting and producing voluminous relevant documents to the Fraud Section, including documents located outside the United States, accompanied by translations of documents.”
The extensive remediation was even more revealing as the DPA stated that although the company had not self-disclosed, it began its internal investigation prior to being contacted by the DOJ. The company amped up its game regarding corporate governance by “appointing numerous new individuals to senior management and Board of Directors positions and establishing a Safety, Operations, and Environmental Committee to enhance Board oversight.” It enhanced its “compliance organization by hiring additional compliance personnel, including an experienced new Chief Ethics and Compliance Officer who reports directly to Stericycle’s Chief Executive Officer and Chair of the Audit Committee of the Board of Directors”. It updated the backbone of its compliance program; by updating its code of conduct, policies, procedures and internal controls.” It enhanced (or perhaps even created) its internal reporting, investigations and risk assessment processes and improved its compliance training and communications. Discipline was levied against certain employees, “including terminating certain employees including senior managers” and the aforementioned divestitures.
I have previously estimated Stericycle saved between $25 million to $30 million from their final criminal fine. That is certainly a significant amount and one every Chief Compliance Officer (CCO) needs to have ready to submit to your CEO to demonstrate the power of committing time and resources to both internal investigations and remediation during the pendency of the investigation.
 The Monitor
The is first FCPA enforcement action to show the full impact of the change in DOJ enforcement priorities after the Lisa Monaco speech of October 2021; in a variety of ways. The first is the imposition of a monitor. It was required under both the DPA and the Order. Interestingly, even though the company was long aware of its compliance and ethical failures and even though it had been investigating this matter since at least 2016; the company could not seem to get its collective act together enough to fully implement and test the new compliance regime set out in the DPA. The DPA stated, “the Company has enhanced and has committed to continuing to enhance its compliance program and internal controls, including ensuring that its compliance program satisfies the minimum elements set forth in Attachment C to this Agreement (Corporate Compliance Program) but, despite its extensive remedial measures described above, the Company to date has not fully implemented or tested its enhanced compliance program, and thus the imposition of an independent compliance monitor for a term of two years, as described more fully below and in Attachment D, is necessary to prevent the recurrence of misconduct.” [Emphasis supplied] Clearly there was something missing from the company’s overall approach over these past six years.
According to the Order, the Monitor is mandated to review and evaluate the effectiveness of the Company’s policies, procedures, practices, internal accounting controls, recordkeeping, SOX controls, and financial reporting processes tying them to the FCPA and other applicable anti-corruption laws, and “make recommendations reasonably designed to improve the effectiveness of the Company’s Policies and Procedures and FCPA corporate compliance program (the “Mandate”). This Mandate shall include an assessment of the Board of Directors’ and Executive Leadership Team’s [ELT] commitment to, and effective implementation of, the Policies and Procedures and FCPA corporate compliance program.” Note this exacting requirement on the Board and ELT. Obviously, the SEC found their conduct wanting and needed to specifically call it out. It could also be a nod of the hat to the Delaware Supreme Court and its expansion of the Caremark Doctrine. Of additional interest was that the Monitor “should use a risk-based approach” and not necessarily “conduct a comprehensive review of all business lines, all business activities, and all markets.” Even with this anti-boil the ocean language, it is quite a bit of work for the company and the monitor.
Join us tomorrow where we look some lessons learned.