Categories
Great Women in Compliance

Great Women in Compliance – The Compliance Playbook: Best Practices for M&A Success

Hear from M&A veterans @Allison Riter of nVent and @Barbara Petitti of Alstom on the importance of having a Compliance Playbook to ensure the success of compliance program integration. From having a seat at the due diligence table to conducting a risk assessment to deciding the best model for #ComplianceProgram integration, this roundtable will discuss these topics and much more.

Listen in here to learn practical tips, red flags, insights, and how to deal with culture clashes from those who have been on the M&A journey.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 6 – M&A Safe Harbor Policy

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6-8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

This episode delves into the Department of Justice’s mergers and acquisitions (M&A) Safe Harbor Policy, as Deputy Attorney General Lisa Monaco explained. This policy encourages companies to voluntarily self-disclose criminal conduct discovered during acquisition. If a company promptly discloses such misconduct, cooperates with the ensuing investigation, and engages in appropriate remediation, restitution, and disgorgement, it can receive a presumption of a criminal declination. Key deadlines include disclosing misconduct within six months of the closing date and fully remediating within one year. The DOJ aims to incentivize acquiring companies to perform robust pre- and post-acquisition due diligence and self-disclosure to mitigate risks and de-risk transactions effectively.

Key highlights:

  • New DOJ Mergers and Acquisitions Safe Harbor Policy
  • Key Requirements and Deadlines
  • Historical Context and Clarifications

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
Great Women in Compliance

Great Women in Compliance – Reflections and Resilience Through a Compliance Career with Karen Bertha

Welcome to the Great Women in Compliance podcast with Hemma Lomax and Lisa Fine, sponsored by Corporate Compliance Insights.   In today’s episode, Lisa speaks with Karen Bertha, who has built world-class programs throughout her career, most recently at V2X.   She has significant acquisition and post-acquisition due diligence expertise, including at V2X.  After that acquisition, she was at a crossroads and needed time to take stock and pause.

Karen reflects on her work with due diligence, including how and when compliance should be involved in due diligence.  They also discuss strategies for post-integration, even if compliance is brought at some point later.  Karen has worked in highly regulated industries, such as government contracting, and those not in highly regulated industries. She shares her experiences and lessons learned.

Karen left V2X after the acquisition when she needed time for herself and other parts of her life.  She talks about how the “power of the pause” has been helpful to her.  She talks about reflecting on her work in the Ethics & Compliance profession, increasing her learning, specifically in compliance-adjacent fields like Human Resources and audit, with time to focus.  She also shares what she has enjoyed during this time, which we at #GWIC hope can inspire those thinking about your next steps or between roles.

Join the Great Women in Compliance community on LinkedIn here.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Lessons on Post – Acquisition Integration and Investigation in M&A from John Deere

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

The rules for compliance programs on post-acquisition integration and investigation are set out in the DOJ M&A Safe Harbor Policy. Learn and implement them.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Lessons on Pre-Acquisition Due Diligence in M&A from John Deere

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Inadequate pre-acquisition due diligence can put your company in serious legal, compliance, and reputational jeopardy.

Categories
Blog

Deere FCPA Enforcement Action: Lessons on Post-Acquisition Integration and Investigation in M&A

We recently had a Foreign Corrupt Practices Act (FCPA) enforcement action that reminded me that everything old is new again in anti-corruption compliance. The Securities and Exchange Commission (SEC) FCPA enforcement action involving Deere has bribery schemes that were torn literally from the first decade of the 21st century as they involved gifts, travel, and entertainment. In other words, it was about a low set of hanging fruit that any compliance officer would see. Today, I want to conclude my multipart look at the case and see what lessons the enforcement action can provide to the 2024 compliance professional.

Deere offers valuable insights for compliance professionals tasked with ensuring that corruption risks are identified, mitigated, and resolved during the post-acquisition phase of M&A. This post will explore the key lessons from the Deere FCPA enforcement action, focusing on post-acquisition integration and investigation. As organizations expand through acquisitions, especially in foreign markets, the compliance team is critical in safeguarding the company from inheriting liabilities that could have been avoided with effective post-acquisition measures.

Deere, a multinational corporation known for its agricultural machinery, faced FCPA enforcement following its acquisition of a foreign company, the Wirtgen Group, which operates in regions with high corruption risks, specifically in Thailand. The Wirtgen Group-Thailand had engaged in corrupt practices, including the bribery of foreign officials to win contracts. After the acquisition, these activities continued for a period, undetected by Deere’s compliance team, which had not yet fully integrated the acquired company into its compliance program.

This case is a cautionary tale for compliance professionals on the importance of swift and effective post-acquisition integration and investigation processes. The lesson here is clear: post-acquisition efforts cannot be an afterthought. They must be a central part of the compliance strategy from day one.

Establish a Post-Acquisition Integration Plan from the Start

One key takeaway from the Deere FCPA enforcement action is the need for a well-defined post-acquisition integration plan with a robust compliance component. All too often, post-acquisition focuses on operational integration, with compliance being pushed down the priority list. However, Deere’s case demonstrates that failing to integrate compliance programs immediately can result in ongoing illegal activities that expose the acquiring company to FCPA violations.

Compliance professionals must ensure that the integration plan includes the following.

Immediate roll-out of the parent company’s compliance policies and procedures to the acquired entity.

  • Compliance training for all acquired company employees, focusing on FCPA and anti-corruption standards.
  • Review and revise the acquired entity’s third-party relationships to ensure compliance with the company’s standards and the FCPA.
  • Enhanced monitoring of high-risk activities, particularly interactions with foreign officials or government contracts.

Had Deere implemented these steps immediately post-acquisition, it could have identified and halted the corrupt practices sooner, avoiding the costly consequences of prolonged illegal activities.

Prioritize Post-Acquisition Investigations

Post-acquisition investigations are crucial in identifying undisclosed or ongoing corrupt activities within the acquired entity. The Deere case highlights how important it is for compliance professionals to conduct thorough investigations after the acquisition to ensure that any risks missed during the pre-acquisition phase are uncovered.

Key components of a post-acquisition investigation include:**

  • Forensic reviews of financial transactions, particularly payments to third parties, to detect any suspicious or abnormal patterns that could indicate bribery or corruption.
  • Employee interviews at various levels of the acquired entity to gather information about day-to-day operations, compliance culture, and potential risks.
  • Contracts and business deals are reviewed to ensure no irregularities or unethical practices, particularly in jurisdictions with high corruption risks.
  • 3rd-party audits of key suppliers, agents, and intermediaries who may have been involved in transactions with government entities or foreign officials.

In Deere’s case, a thorough post-acquisition investigation could have identified the ongoing corrupt practices early, allowing the company to take corrective action before it became the subject of an FCPA enforcement action.

Leverage Internal and External Resources for Compliance Integration

Deere’s failure to quickly integrate its compliance program into the acquired entity highlights the need for compliance professionals to leverage internal and external resources to accelerate the integration process. Post-acquisition compliance integration is often resource-intensive, especially when acquiring companies with operations in high-risk regions.

Key steps include the following.

  • Internal audit teams will be utilized to conduct a deep-dive assessment of the acquired entity’s financial and operational controls, focusing on FCPA compliance.
  • Engaging external forensic auditors and FCPA specialists to assist with investigations in high-risk jurisdictions where corruption is more likely to occur.
  • Establishing cross-functional teams that include representatives from compliance, legal, finance, and operations to ensure that compliance integration is holistic and touches every aspect of the acquired business.

Deere could have benefited from engaging external experts to help accelerate the compliance integration process and identify areas of concern within the newly acquired entity. By failing to do so, the company allowed corrupt practices to continue, resulting in significant FCPA penalties.

Monitor and Reassess Compliance Risks Regularly

Post-acquisition compliance efforts don’t end with the initial integration. Continuous monitoring and reassessment of compliance risks are essential to ensure that the acquired entity remains aligned with the parent company’s standards and the requirements of the FCPA. This is particularly important in industries and regions where corruption is more prevalent.

Continuous monitoring should include the following.

  • Regular audits of financial transactions and third-party payments.
  • Ongoing risk assessments that factor in changes in business operations, market conditions, and regulatory environments.
  • Compliance reporting mechanisms, such as whistleblower hotlines, allow employees of the acquired entity to report any concerns anonymously.
  • Periodic reviews of the acquired entity’s compliance culture are needed to ensure that employees adhere to the company’s anti-corruption policies.

In Deere’s case, ongoing monitoring could have helped identify and mitigate corruption risks earlier in the post-acquisition phase. The absence of regular monitoring and reassessments allowed corrupt practices to continue unchecked for an extended period.

Act Swiftly on Red Flags if They Appear

The most critical lesson from the Deere case is quickly identifying red flags. In this case, the acquired entity had numerous warning signs, including operations in high-risk regions, dealings with government officials, and lacking robust internal controls. However, these red flags should have been addressed promptly, allowing illegal activities to persist.

When red flags are identified, take some of the following steps.

  • Launch a formal investigation immediately to determine the scope of the issue.
  • Take corrective action, including terminating contracts with third parties involved in corrupt practices or dismissing employees who engage in illegal activities.
  • Notify regulatory authorities if there is a risk of FCPA violations and work proactively to resolve the issue before enforcement actions are taken.

Had Deere acted swiftly on the red flags within the acquired entity, the company might have been able to avoid the FCPA enforcement action and the associated penalties.

The Deere FCPA enforcement action provides a sobering reminder that compliance efforts cannot end with signing an acquisition deal. For compliance professionals, the real work begins in the post-acquisition phase. By prioritizing compliance integration, conducting thorough post-acquisition investigations, leveraging internal and external resources, continuously monitoring compliance risks, and swiftly acting on red flags, companies can avoid the pitfalls that Deere faced.

In today’s global business environment, with companies expanding through M&A in high-risk jurisdictions, compliance professionals must take a proactive and vigilant approach to post-acquisition compliance. The lessons from Deere remind us that the cost of failure is high, but with the right strategies in place, the risks can be managed effectively.

As a compliance professional, your role is to ensure post-acquisition compliance becomes integral to your company’s M&A strategy, protecting your organization from FCPA risks and safeguarding its reputation in the global marketplace.

Categories
Blog

Deere FCPA Enforcement Action: Lessons on Pre-Acquisition Due Diligence in M&A

We recently had a Foreign Corrupt Practices Act (FCPA) enforcement action that reminded me that everything old is new again in anti-corruption compliance. The Securities and Exchange Commission (SEC) FCPA enforcement action involving Deere has bribery schemes that were torn literally from the first decade of the 21st century as they involved gifts, travel, and entertainment. In other words, it was about a low set of hanging fruit that any compliance officer would see. Today, I continue a multipart look at the case and see what lessons the enforcement action can provide to the 2024 compliance professional.

John Deere, a global leader in agricultural machinery manufacturing, became the focus of an FCPA enforcement action due to its acquisition of a foreign entity with significant operations in countries with high corruption risks. The acquired company had little in the way of a formal compliance program and had been engaging in questionable business practices, including bribing foreign officials to secure contracts.

Post-acquisition, these corrupt practices continued for a period, undetected by Deere’s compliance team. When the issues finally surfaced, the result was a significant FCPA investigation, costly penalties, and a tarnished reputation.

The core issue in this case? Inadequate pre-acquisition due diligence.

One of the central themes from the Deere case is the critical need for rigorous pre-acquisition due diligence in M&A. As a compliance professional, it’s your role to ensure that your organization is not inheriting illegal practices or corruption risks when acquiring a new entity. The risks of overlooking this step can be immense—both in terms of regulatory enforcement and damage to your organization’s reputation.

Let’s examine the key lessons from the Deere case and explore how compliance professionals can apply them to their M&A strategies.

  1. Conduct a Thorough Corruption Risk Assessment

The Deere case underscores the importance of assessing a target company’s corruption risk profile. This means understanding the countries where the target operates and the inherent risks associated with those jurisdictions. Countries with a high Corruption Perceptions Index (CPI) score are more likely to expose your organization to FCPA risks.

Before any acquisition, a detailed analysis of the target’s business activities in these regions must be conducted. Ask yourself:

  • How much business is done with government entities?
  • Are third-party intermediaries involved in securing contracts?
  • What are the target company’s existing compliance policies?

In Deere’s case, the acquired company operated in high-risk jurisdictions without adequate controls. A robust pre-acquisition risk assessment could have flagged this issue, allowing Deere to either walk away from the deal or insist on corrective actions before proceeding.

  1. Evaluate the Target’s Compliance Program and Culture

Another key lesson from the Deere enforcement is the need to evaluate a company’s business operations, corporate culture, and compliance program—or lack thereof. A target company may have all the right words on paper, but those policies are meaningless if the culture does not support ethical business practices.

In the Deere case, the acquired company had minimal compliance structures. This should have raised immediate red flags for Deere’s compliance team, but the issue needed to be addressed or given more weight during the due diligence process.

As a compliance professional, you must:

  • Review existing policies and procedures to assess their adequacy.
  • Interview key personnel to understand how those policies are implemented and followed.
  • Examine the company’s culture to see if ethical business practices are truly embedded in day-to-day operations.

A proactive approach would have helped Deere spot these weaknesses before the acquisition, allowing them to implement a more effective compliance integration strategy.

  1. Look for Red Flags in the Target’s Financial and Operational Data

Financial data can often reveal hidden compliance risks. In the Deere case, irregularities in how contracts were won, especially in high-risk countries, should have raised concerns. Yet, these issues were only caught after the acquisition.

During pre-acquisition due diligence, compliance teams should partner with the finance and audit departments to:

  • Review contracts and agreements with a special focus on deals involving government entities or third parties.
  • Analyze payment patterns for signs of improper payments, such as unusually high commissions or payments to offshore accounts.
  • Investigate any prior audits or investigations related to compliance or financial irregularities.

These financial indicators are often the first signs of deeper corruption issues and should be fully explored before moving forward with any acquisition.

  1. Engage Third-Party Experts When Necessary

In many cases, particularly when acquiring companies in high-risk jurisdictions, it is wise to engage third-party experts to conduct a thorough FCPA-focused due diligence. These experts can bring an external perspective and often have access to local intelligence that may not be readily available to an internal compliance team.

Had Deere engaged such experts during its pre-acquisition process, they may have been able to identify the corrupt practices that eventually led to the FCPA enforcement action.

Engaging external resources is an investment in mitigating future risks. While it may increase upfront costs, the long-term savings in avoiding penalties, legal costs, and reputational damage far outweigh the initial expense.

  1. Ensure Post-Acquisition Integration is Swift and Effective

Even if certain risks are identified during the pre-acquisition phase, the true test comes during post-acquisition integration. In the Deere case, there was a failure to implement effective compliance controls post-acquisition quickly, allowing the corrupt practices to continue unchecked for a period.

Compliance professionals must ensure that:

  • Compliance policies are integrated quickly into the acquired entity’s operations.
  • Training is provided to the acquired company’s employees on FCPA and anti-corruption best practices.
  • Ongoing monitoring ensures that any potential risks identified during due diligence are mitigated.

The Deere FCPA enforcement action is a cautionary tale for all compliance professionals engaged in M&A activity. Pre-acquisition due diligence is not just a box-ticking exercise but a critical function that can help prevent serious legal and financial consequences for your organization. By conducting thorough corruption risk assessments, evaluating compliance programs and culture, scrutinizing financial data, engaging third-party experts when necessary, and ensuring effective post-acquisition integration, compliance professionals can help their organizations navigate the complexities of M&A in today’s global business environment.

The lessons from Deere reminds us that robust due diligence is the first line of defense in preventing FCPA violations and safeguarding a company’s reputation. Do not wait until after the acquisition to address these issues, as it may be too late.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Lesson from The John Deere FCPA Enforcement Action – Root Cause Analysis for Remediation

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we review why a root cause analysis is the first step you should take before you begin the remediation of your compliance program.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Lesson from The John Deere FCPA Enforcement Action – Post Acquisition Integration

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we review why post-acquisition integration is mandatory for any deal that closes.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Lesson from The John Deere FCPA Enforcement Action – Pre – acquisition Due Diligence

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we review why pre-acquisition due diligence is so critical in any best practices compliance program.