In today’s edition of Daily Compliance News:
Today we conclude our series on a Federal Anti-Kickback enforcement action which was announced last week, involving the Oregon based medical device manufacturer Biotronik Inc. (Biotronik). Today, I want to consider the corruption schemes and the lessons learned for the compliance professional. As stated in the Settlement Agreement, Biotronik “knowingly caused the submission of false claims for payment to federal healthcare programs by providing remuneration to physicians to induce them to use Biotronik’s CRM devices in violation of the Anti-Kickback Statute, 42 U.S.C. § 1320a-7b(b).”
I. The Bribery Schemes
a. Abuse of Training Programs
The Settlement Agreement alleges “Biotronik knowingly paid excessive payments to physicians with a purpose of inducing and rewarding their use of Biotronik’s pacemakers, defibrillators, and other cardiac devices. One of ways the company did so was through “its new employee training program (“Training Program”) by knowingly paying some of its physician customers (“Training Physicians”) to provide excessive employee trainings.” Under this scheme, the Training Physicians were to be paid a fixed fee of approximately $400.00 each time a Biotronik employee trainee received training during one of the Training Physician’s CRM implant procedures. For instance, under the Training Program implant procedure, the “Training Physician was supposed to educate the employee trainee on Biotronik’s devices and teach how to assist a physician during an implant procedure.”
However, it was the sales team which set up these training programs. Biotronik’s compliance and training functions warned that “Biotronik’s salespeople had too much influence in the selection of Training Physicians, that the Training program and resulting payments were being over- utilized, and that the goal of educating Biotronik employees could be achieved without paying Training Physicians.” However, “Biotronik permitted trainees to attend an excessive number of training procedures for which Training Physicians received payment from Biotronik without first conducting an adequate assessment of the trainee’s need for additional training.”
To further line the pockets of the Training Physicians, “salespeople, including managers, intentionally prevented otherwise qualified trainees from successfully completing the Training Program, not because they needed additional training, but rather as a means of ensuring that the trainee could attend more trainings, thereby purportedly justifying additional payments to Training Physicians.” Biotronik also knowingly paid Training Physicians for some trainings that either never occurred or was of little or no value to trainees. This included paying one “Training Physician for certain trainings for which there was no trainee physically present to observe the implant procedure.”
b. Lavish Entertainment
The Settlement Agreement also alleged that “Biotronik knowingly paid for lavish meals, entertainment, and travel for certain physicians who are known to Biotronik and the United States (hereinafter the “Subject Physicians”) with a purpose of inducing and rewarding their use of Biotronik’s pacemakers, defibrillators, and other cardiac devices.” The company “did not require sign in sheets for lavish meals with physicians and did not use adequate methods to verify the number or identity of attendees or to confirm whether the meals were for a legitimate business purpose.”
This led to some Biotronik employees falsifying “receipts and participant lists, making it possible to exceed the company’s compliance spending limit per attendee.” These meals and outings often included little or no legitimate business discussion. There was also the amount of the entertainment expense, which included “winery tours, annual office holiday parties, and lavish meals with certain Subject Physicians and their guests at high-end restaurants.” Yet another example of spending far too much on entertainment was “one Subject Physician’s international business class airfare and honoraria in the thousands of dollars for a short, 30-minute talk at an international conference.”
II. Biotronik Remediation
No doubt one of the reasons Biotronik did receive the settlement amount was that, at some point, it recognized the issues and instituted remediation. With the training programs “beginning in 2017, Biotronik added new compliance measures and oversight of the Training Program, limited the number of Training Program events, and reduced payments made in connection with such Training Program events.” In April 2021, Biotronik hired a new Vice President of Compliance and was able to get the lavish entertainment under control by adding “new compliance measures related to the provision of meals and travel to healthcare providers which provided additional employee training, imposed new restrictions, and improved oversight to identify and prevent meal and travel policy violations.”
III. Lessons Learned
There are multiple lessons here for the compliance professional outside the laws under which Biotronik ran afoul. Perhaps the clearest and foremost is that compliance not only needs visibility into areas of risk about also some modicum of control. In the area of Physician Training, the Settlement Agreement specifically noted that the Biotronik compliance function “warned that Biotronik’s salespeople had too much influence in the selection of Training Physicians, that the Training program and resulting payments were being over-utilized, and that the goal of educating Biotronik employees could be achieved without paying Training Physicians.” Here a control should have been put in place which required compliance approval before payments and reimbursements were made for the training. This is similar to a compliance oversight and control of expenses paid or reimbursed to foreign government officials in a Foreign Corrupt Practices Act (FCPA) compliance program.
Interestingly, the Department of Justice (DOJ) also discussed a more nuanced approach to determining if the Physician’s Training is both initially warranted and then continues to be warranted. This is ongoing monitoring. Obviously for Biotronik, one of their risks was when the company paid for training provided by doctors who could also prescribe the company’s products and services. The risk to the company is similar to the risk of an internationally focused company doing business with foreign governments or state-owned enterprises, under the FCPA. If you are paying out monies for training and that puts you in a high-risk category, you need to make sure those receiving the training are required to receive it or even need it.
Under the lavish spending on entertainment and travel, the same type of analysis can apply. The key is both “reasonable spending and business purpose.” The amount spent must be reasonable for the time, locale and participants. There should also be an articulated business purpose for the dinner or other event.
Under the FCPA, there is no threshold that a Company can establish a value for business entertainment. However, I believe there are clear guidelines which should be incorporated into your business expenditure policy, which should include the following:
The incorporation of these concepts into a compliance policy is a good first step towards preventing potential violations from arising, but it must be emphasized that they are only a first step. There must be procedures to implement these policies. At a minimum, you must require a business justification from the business representative requesting to provide the gift or business entertainment. Next it should be reviewed and approved by a front-line compliance professional. Then, depending on the amount and nature of the request, it may need Chief Compliance Officer (CCO) approval. Finally, if there is a Compliance Committee it should go to that Committee for a final check to make sure everything is in order.
These guidelines must be coupled with active training of all personnel, not only on a company’s compliance policy, but also on the corporate and individual consequences for violation of the policy. Lastly, it is imperative that all such business entertainment be properly recorded, as required by the books and records component of the FCPA.
And, as always, do not forget the gut check test.
Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. In this episode, we dive deeply into the recent story of an in-house attorney who was disbarred for fraudulent activities in creating fraudulent claims and settlements. Highlights include:
· Background facts.
· Conflicts of Interests.
· What were the internal control failures?
· Were they material?
· Lessons for the compliance professional.
Resources
Matt in Radical Compliance
In today’s edition of Daily Compliance News:
· Twitter-Musk trial set for October. (WSJ)
· Italian prosecutor drops ENI acquittal appeal. (MarketWatch)
· Layoffs hit crypto compliance personnel. (WSJ)
· DOJ puts Amazon and civil litigants in ‘Time Out’. (WaPo)
In a stunning announcement, the SEC announced an enforcement action against the international auditing firm EY. The enforcement action could not have been more directly in the ethical wheelhouse, with significant compliance implications. In its Press Release the SEC stated, it had “charged Ernst & Young LLP (EY) for cheating by its audit professionals on exams required to obtain and maintain Certified Public Accountant (CPA) licenses, and for withholding evidence of this misconduct from the SEC’s Enforcement Division during the Division’s investigation of the matter.”
Gurbir S. Grewal, Director of the SEC’s Enforcement Division, said in the Press Release, “This action involves breaches of trust by gatekeepers within the gatekeeper entrusted to audit many of our Nation’s public companies. It’s simply outrageous that the very professionals responsible for catching cheating by clients cheated on ethics exams of all things. And it’s equally shocking that Ernst & Young hindered our investigation of this misconduct. This action should serve as a clear message that the SEC will not tolerate integrity failures by independent auditors who choose the easier wrong over the harder right.
In an agreed Order, EY admitted that “over multiple years, a significant number of EY audit professionals cheated on the ethics component of CPA exams and various continuing professional education courses required to maintain CPA licenses, including ones designed to ensure that accountants can properly evaluate whether clients’ financial statements comply with Generally Accepted Accounting Principles.” But EY’s conduct did not stop there as the accounting firm also admitted “during the Enforcement Division’s investigation of potential cheating at the firm, EY made a submission conveying to the Division that EY did not have current issues with cheating when, in fact, the firm had been informed of potential cheating on a CPA ethics exam. EY also admits that it did not correct its submission even after it launched an internal investigation into cheating on CPA ethics and other exams and confirmed there had been cheating, and even after its senior lawyers discussed the matter with members of the firm’s senior management. And as the Order finds, EY did not cooperate in the SEC’s investigation regarding its materially misleading submission.” For all of these actions, EY was fined $100 million.
Why does all this sound so familiar? It is because KPMG was caught engaging in similar conduct back in 2091. I wrote at the time, “How bad was KPMG’s conduct? … the conduct outlined in the Order is so egregious, detailing a culture which is completely unmoored from any ethical foundation, that any company using KPMG as an auditor must ask some very serious questions about not only the quality of the services they have received but also the very foundation of those services.” KPMG was fined $50 million.
Yet the EY fine was double the KPMG fine. Why? One clue comes from the Order which stated, “This case involves Ernst & Young’s failures to act with the integrity required of a public company auditor. Over multiple years, a significant number of EY audit professionals cheated on the ethics component of the Certified Public Accountant (CPA) exam, as well as on a variety of other examinations required to maintain their CPA licenses. As this was ongoing, EY withheld this misconduct from SEC staff conducting an investigation of potential cheating at the firm. EY audit professionals’ repeated cheating on exams and the firm’s misrepresentations to the SEC violated ethics and integrity standards and discredited the accounting profession.” In other words, as bad as cheating on exams is, withholding information from the SEC, while it is conducting an investigation on that issues is equally if not worse conduct.
Regarding this additional misconduct, the Order stated, “EY withheld this misconduct from the SEC during an investigation about cheating at the firm. In June 2019, the SEC’s Division of Enforcement sent EY a formal request for information about complaints the firm had received regarding cheating on training exams. On the same day EY received this request, the firm received a tip that an audit professional had shared an answer key to a CPA ethics exam. EY did not disclose this information to the SEC. To the contrary, its submission indicated that the firm did not have any current issues with cheating. In light of the tip it had received, EY’s June 20 submission was materially misleading. But EY never corrected its submission. Even after the firm began an internal investigation, confirmed there had been cheating, and the matter was discussed among senior lawyers at the firm and with members of the firm’s senior management, EY still did not correct its misleading submission.”
The SEC’s ire was reflected in the remedy which mandated not one but three oversight roles on an ongoing basis. The EY oversight requires EY to evaluate the sufficiency and adequacy of its quality controls, policies, and procedures relevant to ethics and integrity and to responding to Information Request to determine whether they are designed and implemented in a manner that provides reasonable assurance of compliance with all professional standards, including those relating to ethics and integrity applicable to accountants and attorneys, in the following areas:
Even more damning is the requirement for two external monitors (called Independent Consultants). The first is review EY Policies and Procedures and issue a detailed written report: (i) summarizing its work; (ii) making recommendations, as the Policies and Procedures IC deems appropriate, reasonably designed to ensure that EY’s Policies and Procedures are adequate and sufficient to provide reasonable assurance of compliance with all professional standards. The second Independent Consultant is to review EY’s conduct relating to the Commission staff’s June 2019 Information Request, including whether any member of EY’s executive team, General Counsel’s Office, compliance staff, or other EY employees contributed to the firm’s failure to correct its misleading submission. They are to recommend discipline. Does that sound like the SEC trust EY to follow through with its obligations about now?
EY, like KPMG before it, acted as gatekeepers in the eyes of the law and the SEC. To see this level of fraud and then hiding of it is extremely disconcerting. Perhaps it is no wonder EY is about to split into two different entities: auditing and consulting. I wonder how many EY audits will be reviewed through the eyes of this Order.
In today’s edition of Daily Compliance News:
In the Episode, I am joined by John Warren Vice President and General Counsel at the Association of Certified Fraud Examiners. We discuss the 2022 ACFE Report to the Nations, which is the most comprehensive report on the global scourge of fraud. It is a fascinating look of how fraud occurs, where is occurs and the steps you can take to prevent it.
Some of the highlights include:
You can download a copy of the ACFE 2022 Report to the Nations by clicking here.
