Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Compliance for business – Pre-acquisition Due Diligence in Mergers and Acquisitions

A company that does not perform adequate due diligence before a merger or acquisition may face legal and business risks. Perhaps most commonly, inadequate due diligence can allow a course of bribery to continue – with all the attendant harms to a business’s profitability and reputation and potential civil and criminal liability. While most compliance practitioners have been long aware of the requirement in the post-acquisition context, the FCPA Resource Guide, 2nd edition, focused many compliance practitioners on the need to engage in robust pre-acquisition due diligence.

The 2020 Update made the need for a robust compliance presence in the pre-acquisition phase even more apparent. It stated, “A well-designed compliance program should include comprehensive due diligence of any acquisition targets, as well as a process for timely and orderly integration of the acquired entity into existing compliance program structures and internal controls. Pre-M&A due diligence, where possible, enables the acquiring company to evaluate each target’s value and negotiate for the costs of any corruption or misconduct to be borne by the target. Flawed or incomplete pre- or post-acquisition due diligence and integration can allow misconduct to continue at the target company, causing harm to a business’s profitability and reputation and risking civil and criminal liability.”

Multiple red flags could be raised in this process, which might warrant further investigation. They include if the target has ineffective compliance program elements in their compliance program or if there were frequent breaches of policies and procedures. A target that is in financial difficulty would bear closer scrutiny. Structurally, this could present issues if the company did not have a formal ethics and compliance committee at the senior management or Board of Directors’ level. From the CCO perspective, if the position did not have Board or CEO access or had no regular reports, it could present an issue for compliance. Conversely, if there were frequent requests to waive policies, management override of compliance controls, or no consistent consequence management for violations, it could present clear red flags for further investigation.

Three key takeaways: 

  1. Your pre-acquisition due diligence results will inform your post-acquisition integration and remediation going forward.
  2. Periodically review your M&A due diligence protocol.
  3. If red flags appear in pre-acquisition due diligence, they should be cleared.
Categories
Blog

Glencore Resolution: Part IV – The Resolution

Last week, the Attorney General and a host of other Department of Justice (DOJ) officials announced the settlement of a massive Foreign Corrupt Practices Act (FCPA) and market manipulation case against Glencore plc (Glencore). Over this blog series, I have been reviewing the matter and mining it for lessons learned for the compliance community. Today, in Part IV, we take a dive into the settlement itself.
According to the DOJ Press Release, Glencore pled guilty to one count of conspiracy to violate the FCPA, agreed to a criminal fine of $428,521,173, and acknowledged criminal forfeiture liability in the amount of $272,185,792. Glencore also had charges brought against it by the UK Serious Fraud Office (SFO) and reached separate parallel resolutions with the Brazilian Ministério Público Federal (MPF). The DOJ agreed to credit the company over $256 million in payments that it makes to the CFTC, to the Court in the UK as well as to authorities in Switzerland, in the event that the company reaches a resolution with Swiss authorities within one year.
In a Market Manipulation case, separate and apart from the FCPA enforcement action, Glencore admitted to a muti-year scheme to manipulate fuel oil prices at two of the busiest commercial shipping ports in the United States. Under the terms of the Commodities Future Trading Commission (CFTC) resolution, the company will pay a criminal fine of $341,221,682 and criminal forfeiture of $144,417,203. Under the terms of the Plea Agreement, the DOJ will credit over $242 million in payments that the company makes to the CFTC.
In other words, there was some serious misconduct going on here, for multiple years, in multiple countries with multiple schemes. Yet Glencore received a reduction of 15% based upon the FCPA Corporate Enforcement Policy and a 2-point reduction in the overall penalty calculation under the US Sentencing Guidelines. Both of these discounts led to a not-insignificant reduction from the overall penalty assessed.
First let us take up the areas that did not avail itself of under the FCPA Corporate Enforcement Policy. Glencore did not receive voluntary disclosure credit because it failed to self-disclose its legal violations to the DOJ. Although Glencore received partial cooperation credit, it did not receive full credit because it did not always “demonstrate a full commitment” to cooperation, was slow in providing documents and other evidence and was slow in its remediation. Additionally, it did not timely and appropriately remediate with respect to disciplining certain employees involved in the misconduct.
Moreover, Glencore did not have adequate internal controls in place at the time of the underlying incidents took place. Since that time, Glencore has taken remedial measures, certain of the compliance enhancements are new and have not been fully implemented or tested to demonstrate that they would prevent and detect similar misconduct in the future, mandating the imposition of an independent compliance monitor for a term of three years.
Even with these failures, Glencore received a substantial reduction of what it could have been required to pay. Based upon the calculations in the Plea Agreement, I estimate the total discount was in the range of $100 million.
Glencore agreed to continue to cooperate with the DOJ in ongoing investigations and prosecutions relating to the underlying misconduct, to modify its compliance program where necessary. The DOJ cited several additional factors crediting Glencore’s compliance remediation efforts, including (a) Glencore’s implementation of a centralized compliance function, hiring of a Chief Compliance Officer (CCO), and significantly increasing the compliance staff; (b) enhancing its business partner management, reducing the number of third-party representatives, adopting payment controls and post-engagement monitoring controls; and (c) investing in increased compliance headcount and data analytics.
Glencore itself, in a Press Release issued the day of the announced settlements, touted new additions to its compliance program. The company said that it has “bolstered its compliance structures and controls through a comprehensive programme built around risk assessment, policies, procedures, standards and guidelines based on international best practice, associated training and awareness initiatives as well as monitoring systems.” These initiatives included:

  • Strengthening the Group’s Code of Conduct and launching a comprehensive global awareness and training campaign designed to embed Glencore’s Values throughout its business, set expectations and ensure accountability for all employees;
  • Establishing a centralized, independent and empowered compliance function and, in 2020, appointing a new dedicated Head of Compliance;
  • Making a significant investment in compliance systems and resources, as well as experienced personnel;
  • Significantly enhancing and expanding the Group’s ethics and compliance training programs;
  • Instituting a comprehensive business partner management programme, including significantly reducing the Company’s use of third-party business generating intermediaries and employing end-to-end controls to oversee their engagement;
  • Implementing extensive monitoring and testing mechanisms, including through the use of data analytics, to assess whether our controls are entrenched and effective across the Group and ensure continuous improvement; and
  • Engaging leading external advisors to review Glencore’s systems and verify that controls are working as intended.

It appears quite a bit of work went into not simply cleaning up Glencore but in improving its overall culture. Of course, there is quite a bit of work do and that will no doubt turn in large part on the effectiveness of the monitor. More on that and final thoughts in our next post.