Tag: DPA

Categories
Blog

The Boeing Monitorship: Memo to Attorney General Garland and Kelly Ortberg

To: Attorney General Merrick Garland and Boeing CEO Robert ‘Kelly’ Ortberg

From: Tom Fox

Re: The Boeing Monitorship

===============================================================

Gentlemen

I have written blog posts and articles about the proposed Plea Agreement negotiated between Boeing and the Department of Justice (DOJ). As the leaders of both organizations, I wanted to address you both directly.

To General Garland, this is the most important monitorship in the history of the DOJ.

To CEO, Ortberg-Boeing has to turn around its culture completely.

To both of you, business as usual will not suffice.

The DOJ must start with full transparency in the process, for sunshine in the light of day is always the best disinfectant. There must be full transparency in the selection process and the oversight of the Monitorship itself, with a party outside the DOJ and Boeing overseeing this process. In other words, it cannot simply be a process where the DOJ decides who will be the monitor, tells the court its selection, and then the DOJ goes off to oversee the process and, in three years, tells us whether Boeing has met the terms of the Monitorship.

First, completing the Plea Agreement by fulfilling the terms laid out must be a condition of the Probation, which the Court must approve. Second, this process must be overseen by the District Court. The Monitor should report to the Court or a court-appointed Special Master to determine whether Boeing has met the requirement to “create and foster a culture of ethics and compliance with the law in its day-to-day operations.” Both parties must realize that Boeing’s culture is broken and must be fixed. This is beyond policies and procedures and a best practices compliance program. This is fixing Boeing’s DNA.

The DOJ recognized that it is more than compliance at Boeing, which is broken; it starts with culture and moves to safety, QA/QC, and even down to record and document keeping. It is far beyond the current mandate of the Plea Agreement, which states that the Monitor should test “the effectiveness of the Company’s compliance program and internal controls, record-keeping, policies, and procedures as they relate to the Company’s current and ongoing compliance with U.S. fraud laws.”

At least this is a decent start, but there are so many other areas that Boeing, the DOJ, and the Monitor must fix. I urged the DOJ to ‘Think Big’ about this monitorship. It concerns not only fraud and record keeping but also culture, safety, QA/QC, compliance, Speak Up and Listen Up, Supply Chain, fraud, Export Control, Sanctions, and a wide variety of other areas not addressed in the Plea Agreement.

Put all of that responsibility on the Monitor but make sure the Monitor has the resources to oversee this work for all of the stakeholders involved: Boeing, its shareholders, the victims’ families, employees, third parties, the U.S. government, Boeing’s customers and the U.S. and global flying public. It all starts at the top of the organization. The Monitor must not simply assess the Board of Directors and senior management’s commitment to and effective implementation of the corporate compliance program “as necessary to address and reduce the risk of any recurrence of the Company’s misconduct”; both the Board and senior management must lead this effort by example.

Finally, the DOJ must get this right. Everyone knows the DOJ’s failures from the 2008 financial crisis to prosecute any bank meaningfully. The phrase ‘too big to fail’ has entered the Lexicon as a byword for corporate malfeasance that gets off with ZERO consequences. This matter is much more important than those banks. It concerns the U.S.’s flagship airline manufacturer and whether it can be turned around through government oversight. If the DOJ does not get this Monitorship right, it will demonstrate once and for a time the failure of this program as a tool to fix a broken business that violates the law multiple times.

But this is not all on the backs of the DOJ or the Monitor. Boeing has an equally key role in this Monitorship. That is why the role of the new CEO is so important. Kelly Ortberg must fully embrace this monitorship and all it will entail to the company as the last and best way to turn it around. He comes from but is outside the organization, so he is not tainted with the company’s prior cultural miasma. Further, he comes from a former supplier to Boeing, Rockwell International. This means he knows the business, and he knows Boeing.

His main focus will be to turn around the company’s manufacturing side and create a culture where employees have enough trust in their employer to raise their hands and speak up when they see something wrong. They also know that the company will not harass or terminate them for doing so. In short, he must set the correct cultural tone and go into the weeds to fix how the company builds planes.

This focus requires Ortberg to fully embrace the Monitorship and a Monitor selected with full transparency and oversight by the Court. Ortberg should welcome the opportunity to turn Boeing around literally with all the help he can garner, not do as his predecessors did with so much opaqueness, where they clearly did not accept their responsibility to fix the company’s broken culture.

Finally, Ortberg must reach out to the victims’ families of the two 737 MAX crashes and listen to their concerns. The victims’ families’ interests are aligned with Boeing on one key point: They do not want any family to go through what they had to go through. Ortberg’s meeting with and listening to the victims’ families can go a long way toward their healing.

Boeing is a key component in U.S. national security. Boeing provides advanced missile defense systems, including the Ground-based Midcourse Defense (GMD) system, which protects the United States from ballistic missile attacks. The company also offers solutions for tracking and monitoring space objects, which is vital for maintaining the safety and security of space operations. Boeing is also involved in the Internal Space Station (ISS), orbital test vehicles, and deep space exploration.

In short, no single institution is as important to the U.S. in manufacturing as Boeing. Nearly 200 million Americans who fly in Boeing planes depend on Boeing to get it right. The U.S. (and the world) economy needs the drive that Boeing provides. The U.S. national security depends on a well-functioning Boeing to lead the technological drive to protect the U.S. for the rest of the 21st century and beyond. Boeing needs to continue its work as one of the leading companies in space exploration. Lastly, and indeed not least, the families of the victims of the two 737 MAX crashes should receive some justice for all they have been through and then seeing Boeing not live up to its agreement in the original DPA or worse for there to be more failures under this Plea Agreement.

So one final plea to General Garland and CEO Ortberg-Get it Right This Time

Categories
Everything Compliance

Everything Compliance: Episode 137, The Boeing Pleads Guilty Edition

Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows.

In this episode, we welcome Karen Moore as a permanent panelist.

We have one topic for this episode, the Boeing guilty plea, which we slice and dice from a variety of perspectives. Karen is joined by Jonathan Marks, Jonathan Armstrong, and Matt Kelly as panelists, all hosted by Tom Fox.

  1. Karen Moore considers that there are multiple stakeholders involved with Boeing and will they be covered in the resolution? She shouts out to the UK for their seamless transition of power after the July 4 election and to the Men’s Football team for making the UEFA Cup Final.
  2. Matt Kelly asks multiple questions about the form of the guilty plea and what it may mean for compliance professionals going forward. He rants about Tractor Supply which ditched its DEI and sustainability efforts based on one Twitter campaign.
  3. Jonathan Armstrong takes a look at the Boeing plea deal from his uniquely British perspective, with 3 takeaways. He shouts out to the new British Prime Minister, Sir Keir Starmer.
  4. Jonathan Marks considers corporate governance and internal control failures. He rants about Board members who do not understand Board governance.
  5. Tom Fox shouts out to Pittsburgh rookie Paul Skenes for his great first season and being named the Starting Pitcher for the All-Star Game.

The members of the Everything Compliance are:

The host, producer, rantor (and sometimes panelist) of Everything Compliance is Tom Fox, the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the award-winning Compliance Podcast Network.

Categories
Blog

Boeing: Accept the Omnibus Monitor Approach

I recently wrote a series of blog posts and articles on why the Department of Justice (DOJ) should think big and go big with a completely new approach to the monitorship for Boeing under its agreement to take a guilty plea. Now, I want to turn to Boeing and appeal to the company directly, not to fight the biggest monitorship ever, but to embrace and use this opportunity to rebuild the company, in all aspects, literally from the ground up. Boeing is broken, and now it is facing a guilty charge. Boeing must not fight the monitorship or its scope in any way, shape, or form.

The interests involved with Boeing are too great, and too much is at stake for Boeing. This is not a situation where a company can focus on its shareholders. The framework from Business Roundtable’s Statement on the Purpose of a Corporation seems particularly useful here as there are multiple interests at stake with Boeing. Shareholders are interested in a viable, ongoing, profitable corporation, but if Boeing takes the steps outlined in this piece, the profits will be forthcoming and substantive. There are Boeing’s customers, Boeing’s suppliers, Boeing’s employees, and those localities where Boeing has factories, partners, and third-party relationships.

Start with the customers of Boeing. While there are direct relationships with airline carriers, I argue that the customers of Boeing should extend to those of us in the flying public. Nearly 200 million Americans flew domestically in 2023, and probably 90% flew on a Boeing jet. What about suppliers and localities doing business with and for Boeing? In 2023, Boeing is estimated to have generated over $77bn in revenue for America alone. The employees of Boeing are the biggest group of supporters of the company and the most significant source of information about what is wrong with the company and how to fix it. Yet this is an entirely untapped resource for Boeing as it has become clear as whistleblower after whistleblower has come publicly forward after literally beating their heads internally trying to raise their hands and speak up.

A standard monitorship involves the appointment of an independent monitor who oversees the company’s compliance with legal and regulatory requirements. This oversight ensures that the company adheres to the terms of its settlement and implements necessary reforms. The monitor acts as an impartial third party, reporting to the DOJ on the company’s progress and adherence to ethical standards.

But here, I have proposed a much bigger monitorship that Boeing should fully embrace. I have urged the DOJ to appoint an Omnibus Monitor to oversee multiple monitors in specific subject matter areas. This would be far too big for any law firm or consulting company. The Omnibus Monitor would be in charge of a wide variety of corporate disciplines that Boeing must get right out of the terrible corporate fix they find themselves in. What are some of the areas that should have their monitorship under an Omnibus Monitor? Safety is at the core, but so is culture, compliance, Speak Up and Listen Up, supply chain, fraud, export control, and sanctions. The DOJ needs to work with the Federal Aviation Authority (FAA) to oversee all aircraft manufacturing issues to meet the FAA regulatory requirements.

One of the most significant benefits of this Omnibus Monitor approach would be restoring trust and credibility for Boeing. The 737 Max incidents have deeply tarnished Boeing’s reputation among regulators, the public, investors, and other stakeholders. Accepting this Omnibus Monitor would demonstrate a commitment to transparency and accountability, demonstrating that Boeing is willing to undergo rigorous scrutiny to regain its standing.

Transparency is a cornerstone of trust. By allowing this Omnibus Monitor to evaluate and report on its practices, Boeing can show that it has nothing to hide and is dedicated to making genuine improvements. This openness can help rebuild confidence among customers, suppliers, and the aviation community.

As I noted, this Omnibus Monitor would have multiple monitors under it. A critical area where Boeing must improve is its internal culture. A monitor can play a pivotal role in this transformation of culture. The monitor can help Boeing develop a robust compliance program that prioritizes safety and ethical conduct by providing unbiased assessments and recommendations. An external perspective is invaluable in identifying blind spots and areas of resistance within the organization. Boeing has demonstrated that it cannot recognize and address deeply ingrained cultural issues. A monitor can provide the objectivity and expertise needed to drive meaningful change, ensuring safety and compliance are ingrained in every aspect of Boeing’s operations.

It is time for Boeing to step up and repair its relationships with regulators, from the FAA to the DOJ and all those regulatory bodies. Once again, Boeing has a terrible relationship with the regulators, and an Omnibus Monitor demonstrates a willingness to cooperate fully with the DOJ and other regulatory authorities. This goodwill can benefit the current settlement and any future interactions with regulators. By embracing this Omnibus Monitor approach, Boeing can show that it is taking its obligations seriously and is committed to rectifying past mistakes. This proactive approach can lead to more favorable settlement terms and potentially reduce the severity of any future penalties.

Implementing lasting reforms across the entire organization requires more than internal efforts; it requires sustained oversight and accountability. This Omnibus Monitor approach provides a structured framework for Boeing to follow, ensuring that reforms are implemented and maintained over time. The monitor’s periodic evaluations and reports create a continuous feedback loop, allowing Boeing to make necessary adjustments and improvements. This structured oversight will hopefully prevent the recurrence of past issues and promote a culture of constant improvement. It ensures that Boeing’s commitment to safety and compliance does not wane once the immediate scrutiny is lifted.

Shareholders and investors are all a part of this discussion as well. Investor confidence is crucial for any publicly traded company. The 737 Max crisis has shaken investor faith in Boeing. Embracing a monitorship can help reassure investors that Boeing is committed to addressing the root causes of its problems and is on a path to recovery. Investors seek stability and transparency. By accepting this Omnibus Monitor approach, Boeing can ensure that it is taking concrete steps to mitigate risks and enhance its governance practices. This reassurance can stabilize stock prices and restore investor confidence, which is essential for the company’s long-term financial health.

Boeing is not just any company; the US is the leader in the aerospace industry. It is one of the two biggest airplane manufacturers in the world. Its actions set precedents and influence industry standards literally on a worldwide basis. By willingly accepting this Omnibus Monitor approach, Boeing can set a positive example in the industry. Boeing can demonstrate that even the largest and most established companies are not above accountability and can benefit from external oversight. This leadership can have a ripple effect, encouraging other companies to prioritize safety, compliance, and ethical conduct. It can contribute to raising the overall standards of the aerospace industry, benefiting the entire ecosystem, including passengers, regulators, and competitors.

In conclusion, while the prospect of this Omnibus Monitor approach might initially appear daunting, it is, in fact, a powerful tool for Boeing to embrace. The benefits of restoring trust, enhancing compliance and safety culture, demonstrating good faith to regulators, facilitating lasting reforms, reassuring investors, and setting a positive industry example far outweigh the perceived burdens.

Boeing’s journey toward redemption and sustainable success hinges on its willingness to accept responsibility and make genuine improvements. By embracing this Omnibus Monitor approach as part of its settlement with the DOJ, Boeing can take a significant step forward in rebuilding its reputation and ensuring a safer, more ethical future for itself and the aerospace industry.

Embracing this oversight is not a sign of weakness but a testament to Boeing’s commitment to excellence and accountability. It is a strategic move that can pave the way for a brighter and more responsible future, reaffirming Boeing’s position as a leader in the aerospace industry.

Categories
Blog

To the DOJ: Think Big and Go Big on the Boeing Monitorship

Perhaps the most significant blog post in the compliance arena was penned by Matt Ellis over 10 years ago when he challenged Walmart to “Go Big” on compliance. (They did.) We are now at another inflection point in compliance but in a very different set of circumstances from Walmart’s breach of the Foreign Corrupt Practices Act (FCPA). It involves the Department of Justice  (DOJ) and its decision on what to do about Boeing Company under the current Deferred Prosecution Agreement (DPA) from the 737 MAX crashes. Today I want to challenge the DOJ to Think Big and Go Big in its approach to dealing with Boeing going forward.

The issue the DOJ is grappling with is whether and how to get Boeing to fix the festering set of problems which led to the 737 MAX disasters and cultural toxicity have continued unabated since the DPA was agreed to by Boeing back in 2021. In May of this year, the DOJ notified Boeing that it was in breach of this DPA for failing “to design, implement, and enforce a compliance and ethics program to prevent and detect violations of the U.S. fraud laws throughout its operations.” Now the DOJ is determining the steps to take.

The families of the victims of the 737 MAX crashes have been the loudest about the need to punish Boeing executives with criminal charges. They met with the DOJ and asked about criminal charges and a massive penalty. Now the DOJ has responded. According to the Wall Street Journal (WSJ), “Under the guilty-plea agreement outlined Sunday to families of the crash victims, Boeing would have to agree to hire an outside consultant to monitor its compliance with safety regulations. It also would pay an additional corporate penalty of about $243 million.”

It is the ‘outside consultant’ where the DOJ needs to ‘Go Big.’ How? By creating the most comprehensive monitoring plan ever used. Why? Because there has never been a corporate case more important to the United States than getting Boeing back on track. This is not a FCPA case where a company has admitted to bribery and corruption, even across the globe. This is not 2008 when banks were ‘too big to fail’. This is something completely different. This is the only major US aircraft manufacturer and one of the two biggest in the world. This is a company that provides products for nearly half of all American as Airlines for Americaestimates that 49% of all Americans flew commercially in 2023. Boeing is estimated to have generated over $77bn in revenue for America alone in 2023.

But Boeing’s importance to America is not simply about economics. Boeing is a key component in US national security. Boeing provides advanced missile defense systems, including the Ground-based Midcourse Defense (GMD) system, which protects the United States from ballistic missile attacks. The company also offers solutions for tracking and monitoring space objects, which is vital for maintaining the safety and security of space operations. Boeing is also a part of the Internal Space Station (ISS), orbital test vehicles and deep space exploration.

In short, there is probably no other single institution as important to the US in manufacturing as Boeing. Nearly 200 million American who fly in Boeing planes are depending on Boeing to get it right. The US (and world) economy need the drive that Boeing provides. The US national security depends on a well-functioning Boeing to lead the technological drive to protect the US for the rest of the 21st century and beyond. Boeing needs to continue its work for our drive as humans into what Gene Roddenberry called ‘space – the final frontier’ as one of the leading companies on space exploration. Finally, and certainly not least, the families of the victims of the two 737 MAX crashes should receive some justice for all they have been through and then seeing Boeing not live up to its agreement in the original DPA.

Most importantly, we all have an interest in Boeing getting its remediation right. Boeing must turn around from a culture where employees are afraid to step forward, there is acceptable slipshod work and work practices, where employees who do report problems are actively harassed, where employees lie and mislead federal regulators over basic safety issues and where the almighty dollar is put so far above safety that literally hundreds of lives are lost. All of this means a monitorship where there are multiple areas monitored, overseen and thoroughly remediated so that they pass the strongest form of testing and controls at the end of a lengthy period (at least 3 years). The Court also needs to stay actively involved in the monitorship, not simply reviewing annual or even greater reporting but testing any claims by Boeing through rigorous data analytics. Boeing has clearly demonstrated it is not capable of turning itself around and a new and daring approach is needed for the company.

I believe the DOJ should appoint an Omnibus Monitor who would oversee multiple monitors in specific subject matter areas. This would be far too big for any one law firm or a single consulting company. The Omnibus Monitor would be in charge of a wide variety of corporate disciplines that Boeing must get right to get out of the terrible corporate fix they find themselves in. What are some of the areas that should have their own monitorship under an Omnibus Monitor? Obviously, safety is at the core but also culture, compliance, Speak Up and Listen Up, Supply Chain, fraud, Export Control, Sanctions. On the overall aircraft manufacturing issues, the DOJ needs to work with the Federal Aviation Authority (FAA) to oversee all of this to meet the FAA regulatory requirements.

This would be by far the biggest monitorship ever because it is by far the most important monitorship ever. Just as Ellis challenged Walmart to ‘go big’ on compliance, I want the DOJ to Think Big and Go Big with an Omnibus Monitor for Boeing. Literally all of America and the world is depending on it.

Categories
Compliance Into the Weeds

Compliance into the Weeds: Navigating DOJ’s Boeing Dilemma Under DPA Violations

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject.

Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom Fox and Matt Kelly take a deep dive into the complexities surrounding the Department of Justice’s potential decision to criminally prosecute Boeing under its Deferred Prosecution Agreement (DPA) related to the 737 MAX crashes.

They explore the various facets of corporate justice, including retribution, remediation, and societal interests, as well as the challenges in balancing justice for the victims and the broader implications for public safety and corporate culture.

The discussion also covers the FAA’s role, the potential for new operational limits on Boeing, the impact and structure of compliance monitorships, and what compliance officers can learn from this high-stakes scenario.

Key Highlights:

  • DOJ and Boeing: The 737 MAX Dilemma
  • Corporate Justice: Individuals vs. Corporations
  • Balancing Justice and Corporate Interests
  • Deferred Prosecution Agreements: Compliance Challenges
  • Financial Penalties vs. Operational Limits
  • The Potential of Monitorships
  • FAA’s Role and Challenges
  • Compliance Lessons and Future Considerations

Resources:

Matt on Radical Compliance

 Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

The DOJ Boeing Conundrum

The Department of Justice (DOJ) is currently in a conundrum over its Deferred Prosecution Agreement (DPA) for the Boeing 737 Max crashes. Understanding the implications of the DOJ’s upcoming decision on whether to prosecute Boeing under the existing criminal law is crucial. This decision carries significant weight and presents a multifaceted challenge for Boeing and the broader corporate compliance and governance landscape.

The criminal justice system’s fundamental purpose encompasses several key aspects: retribution, justice for victims, and the rehabilitation of offenders. While straightforward when applied to individuals, these principles become more complex in the context of corporate entities. For the families of the 346 victims of the 737 Max crashes, justice might mean seeing Boeing held criminally accountable, literally with senior executives or even Board members facing criminal charges. This desire for justice is understandable and necessary for those who have suffered immeasurable loss.

However, the broader societal interest in maintaining a safe and reliable aviation industry adds complexity. Ensuring that Boeing undergoes a cultural shift towards prioritizing safety over profit is crucial to preventing future tragedies. This balance between justice for the families of the crash victims and ongoing public safety is at the heart of the DOJ’s dilemma.

At the core of this issue is Boeing’s corporate culture. The company’s aggressive pursuit of profit and rapid production schedules has led to significant safety oversights. Incidents such as the recent mid-flight door detachment from a Boeing airliner and allegations of using falsified or contaminated titanium underscore ongoing safety concerns. Addressing these issues necessitates a fundamental shift in Boeing’s approach to safety and governance.

Compliance officers face the daunting task of ensuring that DPAs are effectively implemented. Boeing’s situation raises critical questions about the enforcement of DPAs, the criteria for determining violations, and the appropriate remedies when violations occur. The rarity of formal DPA violations adds to the uncertainty and complexity.

The DOJ’s decision on Boeing involves balancing multiple interests: the victims’ families, Boeing’s employees, the air-traveling public, and the broader economic and national economic and national security implications of Boeing’s operations. As the “People’s Law Firm,” the DOJ must navigate these diverse and often conflicting interests to reach a peaceful resolution.

A key consideration is whether financial penalties alone can drive meaningful corporate reform. Historical evidence suggests that financial penalties, while necessary, may not suffice to instill lasting cultural change. More stringent measures, such as operational limits and enhanced monitoring, may be required.

The concept of a monitorship is particularly relevant. A monitor could provide ongoing oversight and guidance, ensuring Boeing meets stringent compliance standards. Transparency in monitoring, including public disclosure of monitor reports, could enhance accountability and public trust.

The Federal Aviation Administration (FAA) also plays a crucial role. However, the FAA’s past performance overseeing Boeing raises questions about its ability to enforce safety standards effectively. Ensuring that the FAA undergoes its cultural transformation and maintains rigorous oversight is essential for any comprehensive solution.

Boeing’s status as a major aircraft manufacturer has significant implications for national security and the economy, which makes its case unique. Compliance professionals in other industries must recognize that the consequences of non-compliance can vary significantly based on a company’s strategic importance. While some companies might face severe penalties or even closure, critical industries like aviation may require more nuanced solutions to balance justice and operational continuity.

Compliance officers should closely monitor the DOJ’s handling of Boeing’s DPA. The potential introduction of CEO and Chief Compliance Officer (CCO) certifications for compliance program effectiveness in future DPAs is a significant development. These certifications could greatly impact how compliance programs are designed and evaluated, making it crucial for compliance officers to stay informed and prepared.

The Boeing case underscores the complexities of enforcing corporate compliance in industries with significant public safety implications. The DOJ’s decision will likely set important precedents for future DPAs and compliance practices. As we await the DOJ’s final decision, it’s clear that achieving justice and ensuring safety requires a multifaceted approach, balancing financial penalties, operational oversight, and cultural transformation.

For compliance professionals, the key takeaway from this case is the importance of robust compliance programs and the necessity of adapting to new regulatory expectations. The introduction of CCO certifications, the potential for increased transparency in monitorships, and the evolving nature of DPA enforcement are all critical factors to consider in developing and maintaining effective compliance strategies. Compliance officers must remain vigilant and adaptable, drawing lessons from high-profile cases like Boeing’s to enhance compliance programs and contribute to a safer and more accountable corporate landscape.

Categories
Blog

The SAP FCPA Enforcement Action-Part 3: The Comeback

This week we are taking a deep dive into the SAP Foreign Corrupt Practices Act (FCPA) enforcement action. In it, SAP agreed to pay the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) approximately $222 million in penalties and disgorgement. SAP also entered into a three-year Deferred Prosecution Agreement (DPA) with the DOJ. Given the multi-year (2014-2022) length of the various bribery and corruption schemes and worldwide geographic scope, the amounts paid in bribes and benefits garnered by SAP from their corruption; one might charitably wonder how SAP was able to reap such a positive outcome of only a fine and penalty totaling $222 million. We will explore that question today.

Extensive Cooperation

The starting point for this analysis is the DOJ DPA. The first key point to note is there was no self-disclosure by SAP. As the DPA noted, SAP only began to cooperate after investigative reports were made public in 2017 in South Africa about SAP’s bribery and corruption program. However from this point forward SAP moved to extensively cooperate. The DAP noted SAP “immediately beginning to cooperate after South African investigative reports made public allegations of the South Africa-related misconduct in 2017 and providing regular, prompt, and detailed updates to the Fraud Section and the Office regarding factual information obtained through its own internal investigation, which allowed the government to preserve and obtain evidence as part of its independent investigation…”

This cooperation included producing relevant documents and other information to the Fraud Section “from multiple foreign countries expeditiously, while navigating foreign data privacy and related laws;” SAP “voluntarily making Company officers and employees available for interviews;”  and took “significant affirmative steps to facilitate interviews while addressing witness security concerns”; interestingly SAP was required to resolve potential deconfliction issues between the its own internal investigation and the investigation being conducted by the DOJ. The company promptly collected, analyzed, and organized “voluminous information, including complex financial information.” It translated “voluminous foreign language documents to facilitate and expedite review by the Fraud Section and the Office.” Most interestingly, the DPA repored that SAP imaged “the phones of relevant custodians at the beginning of the Company’s internal investigation, thus preserving relevant and highly probative business communications sent on mobile messaging applications.”

The Remediation

The DPA reported extensive remediation by SAP as well and the information provided in the DPA is instructive for every compliance professional. The DPA noted that SAP engaged in the following remedial steps.

  1. Conducted a root cause analysis of the underlying conduct then remediating those root causes through enhancement of its compliance program;
  2. Conducted a gap analysis of internal controls, remediating those found lacking;
  3. Undertook a “comprehensive risk assessment focusing on high-risk areas and controls around payment processes and enhancing its regular compliance risk assessment process”;
  4. SAP documented its use of a “comprehensive operational and compliance data” into its risk assessments;
  5. SAP eliminating “its third-party sales commission model globally, and prohibiting all sales commissions for public sector contracts in high-risk markets”;
  6. “Significantly increasing the budget, resources, and expertise devoted to compliance;”
  7. Restructuring its Offices of Ethics and Compliance to ensure adequate stature, independence, autonomy, and access to executive leadership;
  8. Enhanced its code of conduct and policies and procedures regarding gifts, hospitality, and the use of third parties;
  9. Enhancing its reporting, investigations and consequence management processes;
  10. Adjusting compensation incentives to align with compliance objectives and reduce corruption risk;
  11. Enhanced and expanding compliance monitoring and audit programs, planning, and resources, including developing a well-resourced team devoted to audits of third-party partners and suppliers;
  12. Expanded its data analytics capabilities to cover over 150 countries, including all high-risk countries globally; and
  13. Disciplined “any and all” employees involved in the misconduct.

Obviously, SAP engaged in a wide range of remedial actions. It all started with a root cause analysis. Root Cause analysis was enshrined in the FCPA Resource Guide, 2nd edition as one of the Hallmarks of an Effective Compliance Program. It stated, “The truest measure of an effective compliance program is how it responds to misconduct. Accordingly, for a compliance program to be truly effective, it should have a well-functioning and appropriately funded mechanism for the timely and thorough investigations of any allegations or suspicions of misconduct by the company, its employees, or agents. An effective investigation’s structure will also have an established means of documenting the company’s response, including any disciplinary or remediation measures taken.”

In addition to having a mechanism for responding to the specific incident of misconduct, the company’s compliance program should also integrate lessons learned from any misconduct into the company’s policies, training, and controls on a go-forward basis. To do so, a company will need to analyze the root causes of the misconduct to timely and appropriately remediate those causes to prevent future compliance breaches. This SAP did during its remediation phase.

Equally of interest are the references to data analytics and data driven compliance. SAP not only did so around its third-party program but also expanded its data analytics capabilities to cover over 150 countries, including all high-risk countries globally. The SEC Order also noted that SAP had implemented data analytics to identify and review high- risk transactions and third-party controls. The SAP DPA follows the Albemarle FCPA settlement by noting that data analytics is now used by SAP to measure the compliance program’s effectiveness. This language follows a long line of DOJ pronouncements, starting with the 2020 Update to the Evaluation of Corporate Compliance Programs, about the corporate compliance functions access to all company data; this is the second time it has been called out in a settlement agreement in this manner. Additionally, it appears that by using data analytics, SAP was able to satisfy the DOJ requirement for implementing controls and then effectively testing them throughout the pendency of the DOJ investigation; thereby avoiding a monitor.

Next was the holdback/clawback actions engaged in by SAP. The DPA noted, SAP withheld bonuses totaling $109,141 during the course of its internal investigation from employees who engaged in suspected wrongdoing in connection with the conduct under investigation, or who both (a) had supervisory authority over the employee(s) or business area engaged in the misconduct and (b) knew of, or were willfully blind to, the misconduct, and further engaged in substantial litigation to defend its withholding from those employees, which qualified SAP for an additional fine reduction in the amount of the withheld bonuses under the DOJ’s Compensation Incentives and Clawbacks Pilot Program.

Finally, the DOJ related that SAP had enhanced and has committed to continuing to enhance its compliance program and internal controls, including ensuring that its compliance program satisfied the minimum elements set forth in Attachment C to DPA. Based upon all these factors, including SAP’s remediation and the state of its compliance program, and the Company’s agreement to report to the Fraud Section and the Office as set forth in Attachment D to this Agreement, the DOJ “determined that an independent compliance monitor was unnecessary.”

All-in-all a great result by and for SAP for which the company and its compliance team should take great credit in going forward.

Resources

SEC Order

DOJ DPA

Join us tomorrow where we consider fine and penalties.

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance – Episode 2

What happens when two top compliance commentators get together? They talk compliance of course. Join Kristy Grant-Hart and Tom Fox for their new podcast, 2 Gurus Talk Compliance! But it is not simply Kristy and Tom talking compliance. In this podcast series Kristy and Tom review  other top commentators in compliance as well. In this podcast, we will consider all things compliance, corporate ethics, ESG, governance, and whatever else is on our minds and the minds of other experts in the field. Kristy and Tom explore all of these topics with expertise and wit.

2 Gurus Talk Compliance will include a deep dive into the latest headlines, as well as ask hard hitting questions and provide valuable insights on the current happenings of the world. Don’t miss out this week, as Tom and Kristy look at how the new DOJ pilot program and update to the evaluation of corporate compliance program guidance will affect dailiness operations.

 Highlights Include

·      Moral hazard for DOJ/Compliance

·      Global Corporate Governance Trends for 2023

·      Assessment of Monaco/Polite Speeches and new ECCP

·      Compliance in the Metaverse

·      Five hard leadership bills to swallow.

·      Former Blue Bell CEO Pleads Guilty

·      $9 Million Cow Manure Ponzi Scheme

·      Lessons Learned from Ericsson’s DPA Breach

·      Serious Fraud Office Abandons Prosecution

·      2023 Evaluation of Corporate Compliance Programs

 Notable Quotes

1.      “The effect on the economy is much more severe than I would have ever thought. The market tanked, basically, for 3 days. And of course, the market runs on perceptions. Pretty much like bank runs run on per perceptions.”

2.     “We had some assets disappear over the weekend. We’ve had the federal government come in at backstop that amount, full amount, not just limited to the 250000 per person or entity that the FDIC ensures I think banking regulations will probably change forever because of this event.”

3.      “A couple of weeks ago, we had 2 major speeches by deputy attorney general Lisa Monaco and Kenneth Polite, at the ABA white collar conference that were followed by the release of an updated 2023 version of the Evaluation of Corporate Compliance Programs, a new policy regarding monitors as well, and the announcement of a pilot program.”

Resources 

  1. Moral hazard for DOJ/Compliance 
  2. Global Corporate Governance Trends for 2023 
  3. Assessment of Monaco/Polite Speeches and new ECCP
  4. Compliance in the Metaverse
  5. Five hard leadership bills to swallow
  6. Former Blue Bell CEO Pleads Guilty to Misdemeanor Over Listeria Outbreak
  7. Central Valley Man Pleads Guilty to Nearly $9 Million Cow Manure Ponzi Scheme
  8. Lessons Learned from Ericsson’s DPA Breach: An Internal Investigation Nightmare
  9. U.K. Serious Fraud Office Abandons Prosecution of Former G4S Executives
  10. DOJ Announces Major Changes To Corporate Compliance Program Evaluation

Connect with Kristy Grant-Hart on LinkedIn

Spark Consulting

Connect with Tom Fox on Linkedin

Categories
Daily Compliance News

February 13, 2023 – The Corruption Kills Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

  • Deutsche Bank finds it acted in bad faith. (FT)
  • Judge denies right to reopen Boeing DPA. (WSJ)
  • Meta and Gibson, Dunn harshly criticized for litigation tactics. (Reuters)
  • Corruption abetted Turkey’s earthquake. (Foreign Policy)
Categories
Life with GDPR

The ABB Enforcement Action from a UK Perspective

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the recent ABB Foreign Corrupt Practices Act resolution. Jonathan considers the ABB enforcement action from the UK perspective and opines how a UK judge might consider the company’s recidivism differently than the DOJ did.

Some of the highlights include:

1.     What were the facts?

2.     How would UK court’s view recidivist behavior under the UK Bribery Act?

3.     Where was the SFO?

4.     What is the status of the investigation in Germany?

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.