Tag: Matt Ellis

Blog

Returning to Venezuela: Why “Yes, If” Is the Only Defensible Compliance Answer

Post author By Admin
Post date January 30, 2026
No Comments on Returning to Venezuela: Why “Yes, If” Is the Only Defensible Compliance Answer

Most of you readers know that sometimes when I get going on a project, it (the project, not me) just keeps on growing. What started as a podcast with Matt Ellis on the risks of going back into Venezuela expanded out into a series of podcasts on the FCPA Compliance Report and with Mike DeBernardis on All Things Investigations. The podcasts led to a five-part blog post series on the same topic in the FCPA Compliance and Ethics Blog. I then needed to expand the blogs into a book and provide forms, checklists, frameworks, and deployment packs for compliance professionals to help them think through the issues presented in Venezuela and in other similarly high-risk jurisdictions.

All of that has led to the only book on how to return to Venezuela, Returning to Venezuela: The Compliance Guide to Yes, If (Title inspired by Mike DeBernardis). It is available in both print and eBook versions on Amazon.com.

When companies talk about returning to Venezuela, the conversation almost always begins with opportunity. Oil reserves. Market access. First-mover advantage. What the book Returning to Venezuela does is effectively reset that conversation where it belongs for compliance professionals: with reality. It is a disciplined, compliance-first analysis of what it actually means to operate in one of the world’s highest-risk jurisdictions.

The core message is uncompromising but straightforward: Venezuela is not a place for optimism, informal controls, or siloed compliance. It is a stress test. If your compliance program can function there, it can function anywhere. If it cannot, no license, policy, or assurance letter will save you. The book is not a warning label about Venezuela. It is a working manual for how a compliance function should assess risk, design controls, and govern decision-making before commercial momentum takes over.

Step One: Reframing the Risk Assessment

The first way a compliance professional should use Returning to Venezuela is to recalibrate how risk assessments are performed. Traditional country risk assessments often ask abstract questions: corruption perception scores, sanctions status, and enforcement history. Those inputs are necessary, but insufficient. Returning to Venezuela pushes compliance professionals to replace abstract scoring with operational mapping.

Instead of asking whether Venezuela is high risk, the framework asks:

Where will government discretion arise?
Where can delay be monetized?
Where does the business depend on intermediaries?
Where does value move, pause, or change form?

This is a critical shift. Risk is no longer treated as a country attribute. It becomes a process attribute. Compliance professionals can use Returning to Venezuela’s structure to redesign their risk assessment around real business steps: procurement, logistics, payment, security, licensing, and dispute resolution.

Step Two: Identifying Pressure Points Before They Become Incidents

Returning to Venezuela is especially useful in helping compliance professionals identify pressure points, not just risk categories. Pressure points are moments where the business is most likely to face demands for improper value, shortcuts, or exceptions. Procurement is one. Customs clearance is another. Security access, utilities, labor approvals, and payment routing are others.

Using Returning to Venezuela, compliance professionals can document:

Where pressure is expected;
Who owns the decision at that point?
What escalation looks like; and
When refusal or exit becomes mandatory.

This transforms compliance from a reactive role into a proactive role in designing decision architecture.

Step Three: Using the Checklists as Control Gates, Not Paper Artifacts

A common compliance failure is treating red flags as documentation exercises rather than control mechanisms. One of the strengths of Returning to Venezuela is that its red flags are designed as gates, not records. Each checklist answers a single question: Is this activity governable under our current assumptions?

Compliance professionals can deploy these checklists at defined moments:

Market entry discussions
Vendor and JV selection
Transaction structuring
Payment and banking design
Security and logistics planning

If a red flag cannot be cleared, the activity cannot proceed. That discipline is what makes the framework defensible. It also protects compliance officers personally, because decisions are anchored in documented governance rather than informal judgment.

Step Four: Integrating Risk Domains Instead of Managing Them in Silos

Another way compliance professionals should use Returning to Venezuela is as a blueprint for breaking down internal silos. The book makes clear that in Venezuela, corruption, export controls, AML, sanctions, security, and extortion are not separate risks. They are interconnected expressions of the same operating pressure. Treating them separately guarantees blind spots.

Practically, this means compliance can use the book to justify:

Integrated risk reviews instead of sequential sign-offs;
Shared escalation forums across functions;
Unified monitoring rather than separate dashboards; and
Common exit triggers across risk domains.

This is particularly important for AML. Returning to Venezuela positions money laundering risk not as a standalone compliance obligation, but as the capstone test of whether the entire framework works.

Step Five: Structuring Board Oversight Around Decisions, Not Updates

Too often, boards receive high-level compliance updates that provide comfort but not clarity. Returning to Venezuela gives compliance professionals a way to reframe board oversight around decisions, not reports. Using the board materials and decision templates, compliance can:

Force explicit risk acceptance;
Document assumptions that underpin approvals;
Secure delegated authority to pause or exit operations; and
Establish clear revisit and escalation triggers.

This protects both the organization and the compliance function. When conditions change, the discussion is no longer “Why did this happen? ” but “Which assumption failed, and what decision does that trigger? ” That is governance functioning as intended.

Step Six: Building a Repeatable Risk Management Framework

The final and most important way to use Returning to Venezuela is as a template, not a one-off Venezuela playbook. While the facts are Venezuela-specific, the framework is portable. Compliance professionals can lift this framework and apply it to:

Other high-risk markets;
Post-merger integration;
Sanctions-heavy environments; and
Complex third-party ecosystems.

The Appendices: The Operational Backbone of Returning to Venezuela: Yes, If

One of the defining features of Returning to Venezuela: The Compliance Guide to Yes, If is that it does not stop at analysis. The appendices convert risk identification into governance, decision-making, and operational control. They are not academic supplements. They are the machinery that makes a “yes, if” decision possible in practice.

Taken together, the appendices form an integrated compliance control stack designed for one purpose: to govern decision-making in an environment where corruption, coercion, sanctions, AML exposure, and weak rule of law are not edge cases but daily conditions.

Appendix A: One-Page Operational Checklists

Appendix A contains a series of one-page checklists, each focused on a distinct but interconnected risk domain. These are not policy summaries. They are operational gating tools meant to be used before decisions are made, not after problems occur.

Appendix B: The CCO Deployment Pack

Appendix B is written from the perspective of the Chief Compliance Officer and is explicitly operational. It is designed to be deployed internally to executive leadership, business sponsors, and control functions.

Appendix C: Board of Directors Materials

Appendix C is aimed squarely at directors and audit or compliance committees. Its function is not to educate boards on Venezuela generally but to structure how boards make, record, and revisit risk acceptance decisions.

Appendix D: Decision-Making Frameworks

Appendix D pulls together the logic underlying the entire book. It provides decision-making frameworks that force organizations to confront uncomfortable realities before committing resources.

How the Appendices Work Together

Individually, each appendix addresses a specific audience or function. Collectively, they form an integrated control system that aligns:

Operational decision-making.
Compliance authority.
Board oversight.
Exit discipline.

The appendices are designed to prevent the most common failure pattern in high-risk jurisdictions: waiting until conditions deteriorate before asking hard questions. By then, leverage is gone.

Final Thought

The most important contribution of Returning to Venezuela is that it does not accurately describe risk. It shows compliance professionals how to operate in the real world without surrendering control.

Used correctly, the book becomes a working tool:

To assess risk honestly;
To design controls that hold under pressure;
To align management and the board, and finally
To decide when “yes” becomes “no.”

For compliance professionals, that is not just risk management. It is about meeting the business in an operational setting with a risk management strategy for literally the highest risk on earth.

You can purchase Returning to Venezuela: The Compliance Guide to Yes, if on Amazon.com.

Tags Board of Directors, CCO, compliance, If, Matt Ellis, Mike Debernardis, Returning to Venezuela: The Compliance Guide to Yes, Venezuela

FCPA Compliance Report

FCPA Compliance Report: Going into Venezuela, Navigating the Corruption Risks, a Conversation with Matt Ellis

Post author By Admin
Post date January 12, 2026
No Comments on FCPA Compliance Report: Going into Venezuela, Navigating the Corruption Risks, a Conversation with Matt Ellis

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. We take a short break from our 2-part series with Mike Volkov to review the issues arising from the Trump Administration’s invasion of Venezuela. Matt Ellis joins Tom Fox to look at what all this means for companies looking to do business in Venezuela.

They discuss the complex landscape of doing business in Venezuela, focusing on the rampant corruption, security challenges, and the implications of U.S. sanctions. They explore the risks associated with engaging with the national oil company, PdVSA, and the broader implications for U.S. companies considering re-entry into the Venezuelan market. The conversation also touches on Cuba’s role, international organizations, and the potential for infrastructure rebuilding in Venezuela, emphasizing the need for long-term strategies and careful risk management.

Key highlights:

Navigating Corruption and Security Risks in Business
Banking and Money Laundering Concerns
Cuba’s Role and Sanctions Implications
International Organizations and Corruption Regulations
Infrastructure Rebuilding in Venezuela
Long-term Strategies for Companies

Resources:

Matt Ellis on LinkedIn

Miller & Chevalier LLC

Tom Fox

Tags AML, FCPA, Matt Ellis, PdVSA, trade sanctions, Venezuela

ACI FCPA Conference 2025

ACI-FCPA Conference Speaker Preview Series – Matt Ellis on FCPA Enforcement in Mexico

Post author By Admin
Post date November 19, 2025
No Comments on ACI-FCPA Conference Speaker Preview Series – Matt Ellis on FCPA Enforcement in Mexico

In this episode of the ACI-FCPA and Global Anti-Corruption Conference Speaker Podcasts series, Matt Ellis discusses his panel at the event, “The New FCPA Enforcement Focus in Mexico: A Look at How TCO/FTO Designations Could Impact Prosecutions, Coordination with U.S. Authorities, and the Risk Calculus for Businesses Operating There.”

Some of the issues the panel will discuss are:

The evolving enforcement landscape in Mexico.
The impact of FTO designations; and
Business risks and prosecutorial strategies going forward.

I hope you can join me at the ACI–FCPA Conference. This year’s event will take place on December 3-4 at the Gaylord National Resort & Convention Center in National Harbor, Maryland, near Washington, D.C. The lineup of this year’s event is simply first-rate, featuring some of the top FCPA professionals, white-collar attorneys, and compliance practitioners in the field.

The 2025 program is being completely redesigned to help your organization stay agile, responsive, and ahead of the curve. Expect a dynamic agenda shaped by real-world priorities, practical takeaways, and the most cutting-edge thinking in compliance—led by a faculty of global practitioners with boots on the ground, encountering the very risks that come across your desk.

Please join me at the event. For information on the event, click here. Listeners of this podcast will receive a discount by using the code D10-999-CPN26.

Tags FCPA, FTO, Matt Ellis, Mexico

FCPA Compliance Report

FCPA Compliance Report – Navigating the Complexities of FTO Designations and Compliance in Mexico and Latin America

Post author By admin
Post date March 24, 2025
No Comments on FCPA Compliance Report – Navigating the Complexities of FTO Designations and Compliance in Mexico and Latin America

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast on compliance. In this episode, Tom welcomes Tim O’Toole and Matt Ellis from Miller & Chevalier Chartered to discuss the significant implications of President Trump’s executive order designating Mexican drug cartels as foreign terrorist organizations (FTOs).

Tim and Matt elaborate on the heightened compliance risks and operational challenges now faced by companies operating in these regions. The conversation delves into the legal distinctions between Specially Designated Nationals (SDNs) and FTOs, the broad-ranging impact on industries such as agriculture and logistics, and the urgent need for robust risk assessment strategies to mitigate civil and criminal liabilities under U.S. law. They also explore the broader Latin American context and potential collateral consequences for U.S. and Latin American companies amid anticipations of increased regulatory scrutiny and enforcement actions. The discussion concludes with timely observations on recent U.S. Treasury directives aimed at curbing cartel money laundering activities, showcasing the lengths the administration is willing to go to combat these criminal enterprises.

Key highlights:

Executive Order and FTO Designation
Heightened Risks for Companies in Mexico
Complexities of Cartel Influence in Mexico
Risk Management Strategies for Companies
Broader Implications for Latin America
Potential Weaponization of FTO Designation
Corporate Compliance and Human Rights

Resources:

Designation of Cartels as FTOs Creates Heightened Risks for Companies Operating in Latin America

Tom Fox

Tags FTO, Latin America, Matt Ellis, sanctions, Tim O'Toole

Blog

A Brave New World: A Pemex Plant in Texas and the FCPA

Post author By admin
Post date January 31, 2022
No Comments on A Brave New World: A Pemex Plant in Texas and the FCPA

Nearly six years ago, Matt Ellis writing in CCI, detailed some of the Foreign Corrupt Practices (FCPA) enforcement actions involving Pemex. He detailed the software company Paradigm BV which had a FCPA enforcement action based in part on consultant payments, gifts and travel expenses for a Pemex official related to a subcontract it performed on a Pemex project. Hewlett-Packard Company (HP) had a FPCA enforcement action, partly involving payments the company made to a technology consultant in connection with the sale of HP software packages and licenses to Pemex. Back in 2008, Siemens AG had the first billion dollar plus FCPA enforcement action including, among other things, the payment of approximately $2.6 million in bribes to a well-connected business consultant in Mexico, some portion of which allegedly was routed to a senior Pemex official to help the company resolve cost overrun issues related to three refinery modernization projects.
Since that time, it seems doing business with Pemex only became riskier under the FCPA due to apparent endemic corruption at Pemex. Key Energy Services, Inc. has a FCPA enforcement action caused by bribes from its Mexican subsidiary paid to a Pemex employee. However, this endemic corruption is not a new feature of doing business with Pemex as far back as 1982, Crawford Enterprises, Inc., Ruston Gas Turbines, Inc., C.E. Miller Corporation and International Harvester Company, had a FCPA violation for paying bribes to sell turbine compression systems to Pemex. Book-ending this early FCPA enforcement action, as late as 2020, Vitol Inc. was involved in paying bribes in violation of the FCPA. In short, doing business with Pemex has always been high risk.
Now a new FCPA risk may have arisen for US companies doing business in the US as Pemex purchased a massive Royal Dutch Shell refinery in Deer Park Texas (Shell Deer Park up to the sale, Pemex Deer Park, after the transfer.) According to Reuters, turnover of the refinery occurred in January as the deal finally passed Committee on Foreign Investment in the United States (CFIUS) review. (How this deal could pass CFIUS review is the subject for another blog post.) Now we have the anomalous situation of Pemex owing one of the largest refineries on the Gulf Coast. What could go wrong?
One only need to look at the Corpus Christi based Citgo Petroleum Corporation which is owned by Venezuela’s state-owned and state-controlled energy company Petróleos de Venezuela S.A. (PDVSA). According to a 2021 Department of Justice (DOJ) Press Release, Jose Luis De Jongh Atencio (De Jongh) while an official at Citgo Petroleum Corporation, laundered millions of dollars in bribes and corruptly provided business advantages to multiple individuals who obtained contracts with Citgo and PDVSA. He accepted more than $7 million in bribe payments from businessmen in exchange for assisting the businessmen and related companies in procuring contracts with Citgo and providing them with other business advantages.
Another case involving Citgo was Jose Manuel Gonzalez Testino (Gonzalez), who pled guilty in federal court in Houston to one count of conspiracy to violate FCPA, one count of violating the FCPA, and one count of failing to report foreign bank accounts. Yet one of the most interesting items was the reference to Citgo Petroleum Corporation and its involvement in the bribery scheme. As noted in the DOJ Press Release it stated, “Gonzalez also admitted to making bribe payments to several PDVSA officials who were based in Houston and employed by Citgo.” Citgo procured goods and services on behalf of PDVSA and “Gonzalez admitted he and his co-conspirators paid at least four Citgo officials in the Special Projects group and provided gifts and other things of value to a senior Citgo executive.” These Citgo/PDVSA enforcement actions have led nearly 20 different guilty pleas or indictments of other former Citgo/PDVSA employees.
Clearly, there is precedent for a FCPA enforcement action in the United States for a US domiciled business if that business has foreign government ownership. The President of Mexico, Andrés Manuel López Obrador, has taken a decided interest in this acquisition and George Baker, writing in the Houston Chronicle, notes this brings on what he calls the AMLO risk to this facility due to Obrador’s tendency to micromanage Pemex. His position on bribery and corruption is certainly well shown in his administration. In addition to his cutting of Pemex’s budget for repair and plant maintenance, what to you think Pemex and the AMLO administration think of compliance? Not much it appears.
What American companies now need to understand is that every transaction, every meal bought for Pemex Deer Park employees or gifts sent over will have to be screened through a FCPA lens. What happens when Pemex officials from Mexico start arriving to oversee their investment? What happens when Pemex officials in Mexico start to oversee and micromanage contracts and procurement? Given the number of FCPA enforcement actions involving Pemex in the past, would it be too surprising to see a repeat of Pemex employees’ actions at Pemex Deer Park?
What type of due diligence is your American company going to engage in for doing business with Pemex Deer Park? Leaving aside the question of what the financial health of the plant will be under the AMLO regime, what about anti-corruption due diligence? Could Pemex pass such scrutiny or would too many read flags arise? What happens if your company is approached to enter into some type of joint or other business relationship with Pemex Deer Park?
What about training? If you are a US company which has only done due diligence with US owned petro-chemical and chemical plants on the Texas Gulf Coast, you have probably never received FCPA anti-corruption training. Now you will need to do so. You will also need to track all your gifts, travel and entertainment expenses with Pemex, with a separate line item entry in your books and records.
All of these issues and questions will be answered as we move forward into the almost brave new world.

Tags AMLO, corruption, FCPA, Matt Ellis, Pemex

Recent Posts

Recent Comments

Categories

What are you looking for?