Tag: DOJ

Categories
31 Days to More Effective Compliance Programs

Day 31 – Using a Root Cause Analysis for Remediation

The 2020 Update re-emphasized the need to perform a root cause analysis and, equally importantly, use it to remediate your compliance program. It stated, “a hallmark of a compliance program that works effectively in practice is the extent to which a company can conduct a thoughtful root cause analysis of misconduct and timely and appropriately remediate to address the root causes.”
It went on to state what additional steps the company has taken “that demonstrate recognition of the seriousness of the misconduct, acceptance of responsibility for it, and the implementation of measures to reduce the risk of repetition of such misconduct, including measures to identify future risk”).”

The key is that after you have identified the causes of problems, consider the solutions that can be implemented by developing a logical approach using data already in the organization. Identify current and future needs for organizational improvement. Your solution should be a repeatable, step-by-step process in which one method can confirm the results of another. Focusing on the corrective measures of root causes is more effective than simply treating the symptoms of a problem or event, and you will have a much more robust solution in place. This is because the solution(s) are more effective when accomplished through a systematic process with conclusions backed up by evidence.

When you step back and consider what the DOJ was trying to accomplish with its 2020 Update, it becomes clear what the DOJ expects from the compliance professional. Consider the structure of your compliance program and how it inter-relates to your company’s risk profile. When you have a compliance failure, use the root cause analysis to think about how each of the structural elements of your compliance program could impact how you manage and deal with that risk.

Three key takeaways:

  1. The key is objectivity and independence.
  2. The critical element is how you used the information you developed in the root cause analysis.
  3. The key is that after you have identified the causes of problems, consider the solutions that can be implemented by developing a logical approach using data already in the organization.
Categories
Daily Compliance News

January 31, 2023 – The Company That Bribed the World Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

  • Stormy Daniels hush money case goes to NY grand jury. (NYT)
  • Too embarrassed to drive a Tesla. (BBC)
  • J&J’s attempt to escape talc powder liability fails. (Reuters)
  • Saman Ashani was sentenced in the US. (FT)
Categories
FCPA Compliance Report

James Koukios on Changes to Corporate Enforcement Policy

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this special episode, I am joined by Morrison and Foerster partner James Koukios to discuss the recent Kenneth Polite speech announcing changes to the Department of Justice Corporate Enforcement Policy.

In this episode, we consider the following:

  • What is the CEP;
  • This is a follow on from the Monaco Memo;
  • Why this change is significant for recidivists;
  • How this change redefines an effective compliance program;
  • The new CEP offers real, tangible, and significant benefits for compliance programs; and
  • What it all means going forward.

Resources

Kenneth Polite Speech

Updated CEP

Categories
Compliance Into the Weeds

Update to the Corporate Enforcement Policy

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more. In this episode, Matt and I deep dive into the recent Kenneth Polite speech announcing changes to the Corporate Enforcement Policy.

Some of the highlights include:

·      What are the policy reasons for the change?

·      Real credit is now being given for effective compliance programs.

·      What about self-disclosure?

·      What is the new definition of an effective compliance program?

·      Is the DOJ trying to avoid 5th Amendment concerns? Will it work?

·      New percentage discounts and what they mean?

·      Why does Matt have more questions?

 Resources

Tom cited in CCI

Matt Kelly in Radical Compliance

Categories
Everything Compliance - Shout Outs and Rants

Everything Compliance – Episode 110: Shout Outs and Rants

Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows. Everything Compliance has been honored by W3 as the top talk show in podcasting. In this episode, we have the quintet of Jay Rosen, Jonathan Armstrong, Jonathan Marks, Tom Fox, and Matt Kelly with our fan-fav Shout Outs and Rants section.

1. Matt Kelly rants about the Department of Justice CCO certification requirement for Danske Bank.

2. Jonathan Marks rants about the recent FAA failure, which crippled the US airline industry.

3. Tom Fox has his first dual shout-out. His first shout-out is to US District Judge Middleton for sanctioning Donald Trump and his lawyer, jointly and severally for $938,000 and the recently deceased musician David Crosby.

4. Jonathan Armstrong rants about the Tory proposed law against publicizing small boats that would make showing or even talking about the Bayeux Tapestry illegal.

5. Jay Rosen shouts out to the NFL for the playoffs and for getting us the best four teams in the final four.

The members of Everything Compliance are:

  • Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
  • Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu
  • Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
  • Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com
  • Jonathan Marks is Partner, Firm Practice Leader – Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at marks@bakertilly.com

The host and producer, ranter (and sometimes panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.

Categories
Compliance Kitchen

Compliance Kitchen on OFAC and DOJ Developments

The Compliance Kitchen returns with a wrap-up of the week’s top trade and economic sanction issues. In today’s episode, Silvia Surman looks at OFAC issues Russia-related sanctions licenses and allows for limited marine activities on SDN vessels; DOJ obtains a guilty plea for EAR violations due to unlicensed exports of chemicals to a Chinese SOE listed on the Entity List.

Categories
31 Days to More Effective Compliance Programs

Day 14 – Risk Assessments

One cannot say enough about risk assessments in the context of anti-corruption programs. This is because every corporate compliance program should be based upon a risk assessment to understand your organization’s business from the commercial perspective, how your organization has identified, assessed, and defined its risk profile, and, finally, the degree to which the program devotes appropriate scrutiny and resources to this range of risks. Yet the 2020 Update added a new emphasis that Risk Assessments should not be done not less than annually but, in reality, should be done each time your risk change. Over the past couple of years, every company’s risks changed from Work From Home to Return to the Office to Hybrid Work environments. Have you assessed these new paradigms for risks from the compliance perspective?

As far back as 1999, in the Metcalf & Eddy enforcement action, the DOJ has said that risk assessments that measure the likelihood and severity of possible FCPA violations should direct your resources to manage these risks. The 2012 FCPA Guidance succinctly stated, “Assessment of risk is fundamental to developing a strong compliance program and is another factor DOJ and SEC evaluate when assessing a company’s compliance program.
There are a number of ways you can slice and dice your basic inquiry. As with almost all FCPA compliance, your protocol must be well thought out. If you use one, some, or all of the above as your basic inquiries for your risk analysis, it should be acceptable for your starting point. 

Three key takeaways:

  1. Since at least 1999, the DOJ has pointed to risk assessment as the start of an effective compliance program.
  2. The DOJ will now consider your risk assessment methodology for identifying risks and gathering evidence.
  3. You should base your compliance program on your risk assessment.
Categories
Blog

Incentives in Compliance: Part 2 – Clawbacks

Just as the Department of Justice (DOJ) has long focused on financial incentives in a best practices compliance program, it has equally focused on punishing those officers and employees who fail to do business ethically and in compliance. The 2020 FCPA Resource Guide, 2nd edition, stated, “A compliance program should apply from the board room to the supply room—no one should be beyond its reach. DOJ and SEC will thus consider whether, when enforcing a compliance program, a company has appropriate and clear disciplinary procedures, whether those procedures are applied reliably and promptly, and whether they are commensurate with the violation. Many companies have found that publicizing disciplinary actions internally, where appropriate under local law, can have an important deterrent effect, demonstrating that unethical and unlawful actions have swift and sure consequences.”

The Monaco Memo drove this point home with the statement, “Corporations can best deter misconduct if they make clear that all individuals who engage in or contribute to criminal misconduct will be held personally accountable. In assessing a compliance program, prosecutors should consider whether the corporation’s compensation agreements, arrangements, and packages (the “compensation systems”) incorporate elements ­ such as compensation clawback provisions – that enable penalties to be levied against current or former employees, executives, or directors whose direct or supervisory actions or omissions contributed to criminal conduct. Since misconduct is often discovered after it has occurred, prosecutors should examine whether compensation systems are crafted in a way that allows for retroactive discipline, including through the use of clawback measures, partial escrowing of compensation, or equivalent arrangements.”

Prior to the Monaco Memo, clawbacks had not been generally seen as a necessary part of a compliance program. However now it is clearly mandated by the DOJ. Moreover, having such a penalty in place is also seen as a part of a good corporate culture which not only penalizes those who engage in unethical behavior in violation of a company’s policies and procedures but will “promote compliant behavior and emphasize the corporation’s commitment to its compliance programs and its culture.”

This will mandate the DOJ investigating whether a corporation has included clawback provisions in its compensation agreements and whether “following the corporation’s discovery of misconduct, a corporation has, to the extent possible, taken affirmative steps to execute on such agreements and clawback compensation previously paid to current or former executives whose actions or omissions resulted in, or contributed to, the criminal conduct at issue.”

The issue for many compliance professionals is where to look for guidance in how to construct such clawback provisions. Fortunately, the Securities and Exchange Commission (SEC) has provided guidance in another area that the compliance professional can look to for guidance. In a final rule, published in 2022 and entitled “Listing Standards for Recovery of Erroneously Awarded Compensation”, the SEC directed “the national securities exchanges and associations that list securities to establish listing standards that require each issuer to develop and implement a policy providing for the recovery, in the event of a required accounting restatement, of incentive-based compensation received by current or former executive officers where that compensation is based on the erroneously reported financial information.” While this final rule related to Both Big-R and little-r restatements, the final rule does provide guidance in the anti-corruption compliance area.

According to a client alert, entitled “SEC Issues Long-Awaited Rule on Clawback of Executive Compensation”,  by law firm Vinson & Elkins LLP, the final rule “requires companies to claw back incentive compensation erroneously received by current and former executives during the three-year period preceding the required restatement date.” An interesting caveat is that under this final rule, “the term “received” generally means that the applicable financial reporting measure connected to incentive compensation has been satisfied and such incentive compensation has been earned, even if such incentive compensation has not yet actually been paid.”

This means “an annual bonus award is deemed received in the fiscal year that the executive earns the award based on achievement of the underlying performance measure(s), even if the award is not actually paid until March of the following fiscal year.” Interestingly, the final rule “applies to incentive compensation received by executive officers on or after the effective date of the listing standards, incentive compensation granted prior to the effective date would still be subject to the Rule if it is not received prior to the effective date.” Finally, this means that the “recoverable amount (on a pre-tax basis) is the difference between the incentive-based compensation received by the executives and the amount that would have been received based on the required restatement.”

While the Monaco Memo directed, “to develop further guidance by the end of the year on how to reward corporations that develop and apply compensation clawback policies, including how to shift the burden of corporate financial penalties away from shareholders- who in many cases do not have a role in misconduct–onto those more directly responsible.” This clause is an effort by the DOJ to keep companies from shielding recalcitrant executives from the consequences of their own illegal and unethical conduct. Here compliance professionals can also draw assistance from the SEC final rule for guidance which bans companies from obtaining indemnity insurance to protect executives from clawbacks. The final rule stated, “The Commission proposed that listed issuers would be prohibited from indemnifying any executive officer or former executive officer against the loss of erroneously awarded compensation.” The reason is that if your clawback provision can be overcome by indemnification, it would “fundamentally undermine the purpose of the statute and effectively nullify the mandatory nature of the compensation recovery.”

Of course, all of this should be written down and reflected in the corporation’s compliance policies and procedures. The Monaco Memo stated, “a corporation’s policies and practices regarding compensation and determine whether they are followed in practice.” This is also consistent with the SEC final rule which said that a company should develop and implement a policy requiring recovery of erroneously awarded incentive-based compensation, stating, “in the event that the issuer is required to prepare an accounting restatement due to material noncompliance with any financial reporting requirement, the issuer will recover from any of its current or former executive officers who received incentive-based compensation during the preceding three-year period based on the erroneous data, any such compensation in excess of what would have been paid under the accounting restatement.”

But the Monaco Memo made clear it is not simply having a written policy and procedure in place. There must be corporate action, if warranted, under the clawback policy and procedure. The DOJ will evaluate a company’s actions, “following the corporation’s discovery of misconduct, a corporation has, to the extent possible, taken affirmative steps to execute on such agreements and clawback compensation previously paid to current or former executives whose actions or omissions resulted in, or contributed to, the criminal conduct at issue.”

Categories
Blog

Incentives in Compliance: Part 1 – Financial Incentives

One of the areas that many companies have not paid as much attention to in their compliance programs is compensation and incentives. However, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have long made clear that they view monetary structure for compensation, rewarding those employees who do business in compliance with their employer’s compliance program, as one of the ways to reinforce the compliance program and the message of compliance.

This was made clear once again in the Monaco Memo which stated, “Corporations can help to deter criminal activity if they reward compliant behavior and penalize individuals who engage in misconduct. Compensation systems that clearly and effectively impose financial penalties for misconduct can incentivize compliant conduct, deter risky behavior, and instill a corporate culture in which employees follow the law and avoid legal “gray areas.””

Moreover, the Monaco Memo tied compensation to a company’s culture of compliance. It stated, “Similarly, corporations can promote an ethical corporate culture by rewarding those executives and employees who promote compliance within the organization. Prosecutors should therefore also consider whether a corporation’s compensation systems provide affirmative incentives for compliance-promoting behavior. Affirmative incentives include, for example, the use of compliance metrics and benchmarks in compensation calculations and the use of performance reviews that measure and reward compliance-promoting behavior, both as to the employee and any subordinates whom they supervise. When effectively implemented, such provisions incentivize executives and employees to engage in and promote compliant behavior and emphasize the corporation’s commitment to its compliance programs and its culture.”

Yet compensation incentives have long been seen as a key element of any best practices compliance program. As far back as 2004, then SEC Director of Enforcement Stephen M. Cutler noted that integrity, ethics and compliance needed to be part of promotion, compensation and evaluation processes: “At the end of the day, the most effective way to communicate that “doing the right thing” is a priority, is to reward it.”

The 2020 FCPA Guidance, 2nd edition, stated the “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance program, and rewards for ethics and compliance leadership.” The Monaco Memo takes it a step further by asking more broadly has your company, “incentivized employee behavior as part of its efforts to create a culture of ethics and compliance within its organization.”

The 2020 Update, in the section entitled “Incentives and Disciplinary Measures”, provided some key questions for a company to ask about its incentive system:

Incentive System—Has the company considered the implications of its incentives and rewards on compliance? How does the company incentivize compliance and ethical behavior? Have there been specific examples of actions taken (e.g., promotions or awards denied) as a result of compliance and ethics considerations? Who determines the compensation, including bonuses, as well as discipline and promotion of compliance personnel?

The first question posed in the 2020 Update requires you to start with the basic question of what does your employee compensation consist of? Is it a straight salary? Is it variable? If so, what does the variable component consist of? Is it a discretionary bonus based upon the overall success of the entire business enterprise or some small subset, such as a business unit or geographic region? Is it solely personal? Or is it some combination of all of the above?

Under the second question, you need to demonstrate that you have thought through this issue. The DOJ does not mandate one solution or formula, only that it be well considered. And, of course, the approach you come up with must be documented. A good starting place is Marc Roberge’s 2015 Harvard Business Review (HBR) article, entitled “The Right Way to Use Compensation, that discusses the design and redesign of an employee’s compensation system to help drive certain behaviors. The article’s subtitle, “To shift strategy, change how you pay your team”, echoed Cutler’s message from 2004. The article lays out a framework for a Chief Compliance Officer (CCO) or compliance practitioner to operationalize compensation as a mechanism in a best practices compliance program.

As your compliance program matures and your strategy shifts, “it’s critical that the employees who bring in the revenue—the sales force—understand and behave in ways that support the new strategy. The sales compensation system can help ventures achieve that compliance.” The prescription for you as the compliance practitioner is to revise the incentive system to focus employees on the goals of your compliance program. This may mean that you need to change the incentives as the compliance programs matures; from installing the building blocks of compliance to integrating anti-corruption compliance within the DNA of your company.

There are three key questions you should ask yourself in modifying your compensation structure. First, is the change simple? Second, is the changed aligned with your company values? Third, is the effect on behavior immediate due to the change?

Simplicity. Keep the compensation plan simple when designing your program. The simplest way to incentivize employees is to create metrics that they readily understand and are achievable in the context of the compliance program.

Alignment. You need to state the most important compliance goal your entity needs to achieve. From there you should determine how your compensation program can be aligned with that goal. The beauty of this alignment is that it works with your sales force throughout the entire sales cycle, whether employee-based or through third parties such as agents, representatives, channel ops partners or distributors.

Immediacy. It is important that such structures be put in place “immediately” but in a way that incentivizes employees. As a part of immediacy, there must be sufficient communication with your employees. In the world of employee compensation incentives, there should be transparency as to the expectations.

Under the third question from the 2020 Update, you need to have documented examples where additional compensation or promotions were made to employees who did business ethically and in alignment with the corporate compliance program. The fourth question goes in a different direction by asking who in the organization is evaluating and then setting the compensation of the CCO and compliance personnel?

Obviously, the power of a compensation plan is to motivate employees to not only sell more but to act in ways that support your company’s business model and overall culture and values. For the compliance practitioner, one of the biggest reasons is to first change a company’s culture to make compliance more important, and then integrate it into the DNA of your organization. But you must be able to evolve in your thinking and professionalism to recognize the opportunities to change and then adapt your incentive program to make the doing of compliance part of your company’s everyday business process. The Monaco Memo makes it clear that the bottom line is the “use of financial incentives to align the interests of the C-suite with the interests of the compliance department can greatly amplify a corporation’s overall level of compliance.”

Categories
Daily Compliance News

January 9, 2023 – The Don’t Pee in a Plane Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Some of the stories include:

  • DOJ sets up a website for those defrauded by FTX. (Reuters)
  • Vietnam removes two Deputy PMs for corruption. (Aljazeera)
  • Indian bank exec urinates on a fellow plane passenger. (NYT)
  • Will remoted work continue in 2023? (Bloomberg)