Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Compliance for Business Ventures – Know Your Customer

Do FCPA considerations come into play for customers? How should you think about your obligations under the FCPA for a group not traditionally associated with FCPA liability or even FCPA risk? These questions and perhaps others are raised by the FCPA investigation into certain transactions in Venezuela by Derwick Associates (Derwick) and a U.S. company ProEnergy Services (ProEnergy). ProEnergy supplied turbines that Derwick resold to the Venezuelan government and then installed in that country. This investigation demonstrates why businesses need to be more concerned with not only who they do business with but how their customers might be doing business. In banking and financial services parlance, you now need to ramp up your organization’s Know Your Customer (KYC) information to continue throughout a seller-purchaser relationship, in the context of the FCPA.

There does not have to be a direct bribe or other corrupt payment made by a U.S. company to have liability under the FCPA. FCPA enforcement is littered with companies that have paid bribes through third-parties. However, as the Fifth Circuit said in US v. Kay, “[W]e hold that Congress intended for the FCPA to apply broadly to payments intended to assist the payor, either directly or indirectly,” [emphasis mine]. While at first blush, ProEnergy may appear to be at the edge of potential FCPA liability; if it knew, had reason to know, or should have taken steps to know about some nefarious conduct by its customer, it does not take too many steps to get to some FCPA exposure. The FinCEN rules on customer due diligence for financial institutions are a good starting point for other commercial entities to base their compliance program for customers around.

Three key takeaways:

  1. Non-banking and non-financial service entities need to consider their KYC obligations in the context of FCPA risk.
  2. FinCEN rules on customer due diligence are a good starting point for the non-financial institution.
  3. Ongoing monitoring should be used and the information incorporated into your customer risk profile going forward.
Categories
Compliance Into the Weeds

DFS Fines Coinbase

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more. In this episode, Matt and I take a look at the recent NY state Department of Financial Services sanction involving the crypto trading platform Coinbase, which just agreed to pay $50 million to the DFS and to spend another $50 million over the next two years to improve its compliance program.

Some of the highlights include:

·      What was the fine and associated spending for?

·      What did the Coinbase compliance program fail on?

·      How did Coinbase’s explosive growth fuel a culture of non-compliance?

·      How did Coinbase fall further and further behind?

·      Why and how did the Coinbase solution worsen the problem?

·      Why does a company need to start with a solid foundation of clearly defined procedures?

·      What is the role of effective and efficient technology?

·      What are the lessons learned?

 Resources

Matt Kelly in Radical Compliance