Categories
Blog

Phillips FCPA Enforcement Action: Lessons Learned – Part 3

We conclude our exploration of the Koninklijke Philips N.V. (Philips) Foreign Corrupt Practices Act (FCPA) enforcement action involving the Securities and Exchange Commission (SEC), for Phillips actions in China and its Chinese subsidiary, Phillips China. As set out in the SEC Order, Philips was order to “pay disgorgement of $41,126,170, prejudgment interest of $6,047,633, and a civil monetary penalty of $15,000,000” for a total fine and penalty of $62 million. Yesterday we considered the bribery schemes employed by Phillips China. After having reviewed the facts and Order we look at some lessons learned.

Distributors Under the FCPA

This is the third recent FCPA enforcement action involving distributors, following Oracle and Microsoft. Along with those cases, Phillips drives home the message that distributors are a risk under the FCPA. Oracle got into FCPA hot water regarding distributor discounts and marketing reimbursement. Microsoft came to OFAC grief as it did not know to whom its distributors were doing business as some distributors were selling to sanctioned entities. While distributors may not seem to be as high a risk commissioned sales agents, they do present a risk, which must be assessed and then managed with ongoing monitoring and improvements as appropriate. None of these steps were apparent from this FCPA enforcement action or found in the Order.

As noted yesterday, Philips in 2013 had agreed to “enhanced an anti-corruption training program that includes a certification process and a variety of training applications to ensure broad-based reach and effectiveness.” Whatever this training was, it does not seem to have reached China. Effective training is about communications, engagement and demonstrable implementation of the training messaging going forward. Once again Philips China did not seem as if that communications about not engaging in bribery and corruption was taken into its business operations.

Recidivist Behavior Under 2023 Corporate Enforcement Policy

As noted yesterday, in a May 10, 2023 Press Release,  Phillips announced that “The U.S. Department of Justice (DOJ) has closed its parallel inquiry into these matters” and the company intoned that it “fully cooperated with the SEC and DOJ.” Philips also reported that the FCPA matter had “previously been disclosed in Philips’ Annual Reports 2019 through 2022.”

There has been no statement by the Department of Justice (DOJ) regarding Philips. Further there has been no declination regarding Philips publicly announced by the DOJ. Given the strong statement about recidivists by Deputy Attorney General Lisa Monaco in announcing the Monaco Doctrine last September and the need for speed referenced by Kenneth Polite in announcing changes to the Corporate Enforcement Policy in January 2023; one might have expected some statement from the DOJ.

If the DOJ really wants companies to step forward and self-disclose, it would seem that Philips would be a good example to use. Apparently there was not self-disclosure, not extraordinary cooperation and no compliance with the 2013 SEC Order concluding the first Philips FCPA enforcement action. In other words, all the requirements for a company to obtain the significant credit under the 2023 Updated Corporate Enforcement Policy. If you add in Philip’s prior FCPA enforcement action into the mix, it would certainly appear that Phillips’ culture of compliance was lacking, at least along the lines of that aspect of the Monaco Doctrine.

Lessons Learned

With Phillips filing out the trio of recent distributor enforcement actions, it is clear that companies need to start paying more attention to the distributor sales model as a source of risk. Of course, robust due diligence screening is a must but it is only a starting point. Companies need to monitor the relationship after the contract is signed. The Philips FCPA enforcement action points toward the need for robust data analytics particularly around special price discounts with distributors creating excessive distributor margins which could be used to fund improper payments to employees of state-owned enterprises or governmental officials. A data analysis would quickly and efficiently show any special discount or discount beyond the standard range given to distributors. Moreover, regional discounts could be taken into account easily using the data analytics approach.

Additionally the maintenance of adequate books, records, and accounts concerning special price discounts to demonstrate that the discounts were supported by adequate documentation to ensure their business justification and management’s approval of them. This basic step also acts as a basic compliance internal control so that there can not only be oversight of the proposed distributors and any discounts but also creates a documented audit trail if a regulator ever comes knocking.

At this point there is perhaps some head-scratching about the final resolution, if any, regarding Philips given the state of the record as laid out by the Order. However it is clear there are significant lessons for the compliance professional from the Phillips enforcement action around distributors. I hope that at some point there is greater clarity under the 2023 Corporate Enforcement Policy update.

Categories
Blog

Phillips FCPA Enforcement Action: Violations, Remediation and Recidivism – Part 2

We continue our exploration of the Koninklijke Philips N.V. (Philips) Foreign Corrupt Practices Act (FCPA) enforcement action involving the Securities and Exchange Commission (SEC), for Phillips actions in China and its Chinese subsidiary, Phillips China. As set out in the SEC Order, Philips was order to “pay disgorgement of $41,126,170, prejudgment interest of $6,047,633, and a civil monetary penalty of $15,000,000” for a total fine and penalty of $62 million. Yesterday we considered the bribery schemes employed by Phillips China. Today we consider the responses made by Phillips which led to its internal investigation, Phillips remediation and the prior FCPA enforcement action.

A. The FCPA Violations

In the SEC Order, Phillips was not charged with the payment of bribes. Rather, Phillips was charged with a failure of internal controls. Under the FCPA, companies which are issuers are required “devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances.”

  1. Transactions are executed in accordance with management’s general or specific authorization;
  2. Transactions are recorded as necessary (I) to permit preparation of financial statements in conformity with generally accepted accounting principles or any other criteria applicable to such statements, and (II) to maintain accountability for assets;
  3. Access to assets is permitted only in accordance with management’s general or specific authorization; and
  4. The recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences.

Philips violated the FCPA “failing to devise and maintain an adequate system of internal accounting controls regarding distributor transactions and the use of these third parties.” Additionally, “Philips’ internal accounting controls were not sufficient to provide reasonable assurances that transactions were executed in accordance with management’s general or specific authorization and that access to assets was permitted only in accordance with management’s general or specific authorization.”

B. Cooperation and Remediation

Interestingly Phillips did not self-disclose this issue. Nor did Phillips appear to engage in any ‘extraordinary” cooperation. This cooperation was noted in the Order as “Philips undertook an internal investigation and regularly shared with Commission staff the facts developed in its inquiry, including facts previously unknown to the staff, and identified and voluntarily provided translations of key non-privileged documents.” I was particularly intrigued by the statement “facts previously unknown to the staff” which would seem to indicate there were some facts which were previously known to the SEC (and not by the way of a self-disclosure.)

Phillips did engage in remediation efforts which were recognized by the SEC. These included:

  • Phillips made structural improvements to its policies and procedures;
  • The company improved its tone at the top and the middle, with a focus on Philips China;
  • Phillips increased accountability for enforcing compliance policies by its business leaders;
  • The company highlighted compliance as a key component of ethical business practices;
  • Phillips terminated or disciplined Philips China employees involved in the conduct;
  • Phillips terminated business relationships with distributors involved in the conduct;
  • The company also improved its internal accounting controls relating to distributors;
  • Phillips improved its ability to monitor its subsidiaries bidding practices and their use of discounts and special pricing; and
  • Finally, Philips has revised its compliance training.

 C. Prior FCPA Enforcement Action

In 2013 (the year before these actions began) Phillips agreed to its first FCPA enforcement action, also involving the SEC (2013 Order). That matter related to the company’s action in Poland. According to the FCPA Blog, “from 1999 to 2007, in at least 30 bids, employees of Philips’ subsidiary in Poland ‘made improper payments to public officials of Polish healthcare facilities to increase the likelihood that public tenders for the sale of medical equipment would be awarded to Philips. The bribes and kickbacks were 3% to 8% of the contract amounts.” In that 2012 enforcement action, “Philips agreed to pay $4.5 million in the settlement, consisting of disgorgement of $3.1 million and prejudgment interest of $1.4 million.” Of course, Phillips also agreed to “cease and desist from committing or causing any violations and any future violations of” the FCPA.

As for the remedial actions taken by Phillips for the 2013 Order it stated, “Philips also retained three law firms and two auditing firms to conduct the investigation and design remedial measures to address weaknesses in its internal controls. Included in changes to internal controls, Philips established strict due diligence procedures related to the retention of third parties, formalized and centralized its contract administration system and enhanced its contract review process, and established a broad-based verification process related to contract payments. In addition, Philips has made significant revisions to its Global Business Principles policies and continually revises the policies to keep them current and relevant. Philips also established and enhanced an anti-corruption training program that includes a certification process and a variety of training applications to ensure broad-based reach and effectiveness.”

Given that the Phillips China bribery scheme started in 2014 does it sound like Phillips took these obligations very seriously. I wonder just where those three law firms and two audit firms were looking when they conducted an investigation and designed “design remedial measures to address weaknesses in its internal controls.”  Finally I am not sure where the company’s “certification process” went after the 2013 Order, but apparently not as far as China.

All this means that Phillips is yet another FCPA recidivist. There was no statement in the 2023 Order that Phillips self-disclosed the illegal conduct in China to the SEC. Nevertheless, Phillips seemed to get the benefit of the doubt from the DOJ. In a May 10, 2023 Press Release,  Phillips announced that “The U.S. Department of Justice (DOJ) has closed its parallel inquiry into these matters” and the company intoned that it “fully cooperated with the SEC and DOJ.” Phillips also reported that the FCPA matter had “previously been disclosed in Philips’ Annual Reports 2019 through 2022.”

There has been no statement by the Department of Justice (DOJ) regarding Phillips. Further there has been no declination regarding Phillips publicly announced by the DOJ. Given the strong statement about recidivists by Deputy Attorney General Lisa Monaco in announcing the Monaco Doctrine last September and the need for speed referenced by Kenneth Polite in announcing changes to the Corporate Enforcement Policy in January 2023; one might have expected some statement from the DOJ.

Or perhaps not. Tomorrow, we conclude with some final thoughts.

Categories
Great Women in Compliance

All Star Women Monitors, Part 2

Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.

Today is the second part of a 2-part series that we have been planning for a while, and the timing turned out to be perfect.  Lisa is speaking with an all-star panel of Audrey Harris, Bethany Hengsbach and Dionne Lomax,  Managing Directors from Affiliated Monitors.  Audrey’s area is  Global Anticorruption, Compliance, Ethics & Non–Financial Risk, Bethany focuses on Global Corporate Compliance, with a focus on healthcare, and Dionne works in Antitrust and Trade Regulation, as well as being a professor at Boston University. The timing for this series turned out perfectly, as the group was able to get into an in-depth discussion about Lisa Monaco’s statements in September about the Monaco Doctrine and some of their key takeaways.

In Part 2, the group discusses the statements about compensation and clawbacks, and the importance of appropriate resources, among other topics. They also provide their individual perspectives on two other topics that many of us discuss.  One is the reporting line for CECOs, and the importance of a direct line to the Board or Audit Committees.  The other is the certification of Corporate Compliance programs by CEOs and CECOs. The entire discussion was extremely insightful, filled with practical ideas and good tips for everyone who is trying to build and/or maintain a program.

Listen to Part 1 here.

The Great Women in Compliance Podcast is on the Compliance Podcast Network with a selection of other Compliance related offerings to listen in to.  If you are enjoying this episode, please rate it on your preferred podcast player to help other likeminded Ethics and Compliance professionals find it.  If you have a moment to leave a review at the same time, Mary and Lisa would be so grateful.  You can also find the GWIC podcast on Corporate Compliance Insights where Lisa and Mary have a landing page with additional information about them and the story of the podcast.  Corporate Compliance Insights is a much-appreciated sponsor and supporter of GWIC, including affiliate organization CCI Press publishing the related book; “Sending the Elevator Back Down, What We’ve Learned from Great Women in Compliance” (CCI Press, 2020).

If you enjoyed the book, the GWIC team would be very grateful if you would consider rating it on Goodreads and Amazon and leaving a short review.  Don’t forget to send the elevator back down by passing on your copy to someone who you think might enjoy reading it when you’re done, or if you can’t bear parting with your copy, consider it as a holiday or appreciation gift for someone in Compliance who deserves a treat.

You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.

Join the Great Women in Compliance community on LinkedIn here.

Categories
From the Editor's Desk

September and October in Compliance Week

Welcome to From the Editor’s Desk, a podcast where co-hosts Tom Fox and Kyle Brasseur, EIC at Compliance Week, unpack some of the top stories which have appeared in Compliance Week over the past month, look at top compliance stories upcoming for the next month, talk some sports and generally try to solve the world’s problems.

In this month’s episode, we look back at top stories in CW from September around the FCPA enforcement actions involving GOL and Oracle, the Monaco Doctrine as reflected in the Monaco Memo, and the SEC spanking of banks for nearly $2MM over employees using messaging apps. We discussed the ESG virtual event and previewed the CW 2022 in Europe, which will be held in Scotland, and the virtual 3rd Party Risk conference, scheduled for December.

We conclude with a look at some of the top sports stories, including a look at the Tua Tagavoiloa and the NFL concussion protocols, and ask Kyle how he would have covered; the Boston Celtic’s imbroglio regarding its suspended head coach Ime Udoka and  Aaron Judge and his season for the ages.

Categories
Daily Compliance News

October 4, 2022 the Something Fishy Edition

In today’s edition of Daily Compliance News:

  • Cheating in a fishing tournament. (ESPN)
  • Abuse in women’s soccer. Those in authority looked away. (NYT)
  • DOJ promises more individual white-collar enforcement. (WSJ)
  • SCt turns down Platinum Partners fraud convictions. (Reuters)
Categories
FCPA Compliance Report

The EC Gang on the Monaco Doctrine

In this special 5 part podcast series, I am deeply diving into the Monaco Memo and analyzing it from various angles. In this episode of the FCPA Compliance Report, we have the Award-Winning Everything Compliance quartet of Jonathan Marks, Jonathan Armstrong, Karen Woody, and Tom Fox on the Monaco Memo.

1. Tom Fox looks at the Monaco Memo through the monitorship language and answers a listener’s questions about compliance programs under the Monaco Memo.

2. Karen Woody reviews the Monaco Memo, the self-disclosure angle, and investigatory considerations and ponders the role of defense counsel going forward.

3. Jonathan Marks also looks at investigatory issues under the Monaco Memo, the role of the Board of Directors, and the role of the forensic auditor under the Monaco Memo.

4. Jonathan Armstrong’s self-disclosure from a UK angle joins Karen Woody in questioning how defense counsel should move forward.

Resources

Tom 5-Part blog post series in the FCPA Compliance and Ethics Blog

1.     A Jolt for Compliance

2.     Timely Self-Disclosure

3.     Corporate Compliance Programs

4.     Monitors

5.     The Heat is On

Monaco Memo

Categories
Compliance Into the Weeds

Monaco Doctrine and Memo

Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. In this episode, we look at the recently announced Monaco Doctrine as encapsulated in the Monaco Memo. Highlights include:

  1. Corporate accountability.
  2. Timeliness in turning over evidence of wrongdoing.
  3. Baby Carrots in evaluating the corporate history of misconduct.
  4. Additions to Evaluation of Corporate Compliance Programs.
  5. Tweaks to the Yates Memo formulation.
  6. Monitors and Monitorships.

 Resources

Matt in Radical Compliance

Tom in the FCPA Compliance and Ethics Blog

  1. Introduction
  2. Self-Disclosure
  3. Corporate Compliance Programs
  4. Monitors
  5. The heat is on

Monaco Memo

Categories
All Things Investigations

All Things Investigations: Episode 12 – The Monaco Memo with Laura Perkins

 

Welcome to the Hughes Hubbard Anti-Corruption and Internal Investigations Practice Group’s Podcast, All Things Investigations. In this podcast, host Tom Fox and returning guest Laura Perkins of the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group highlight some of the key legal issues in white-collar investigations, locally and internationally.

 

 

Laura Perkins is a Hughes Hubbard partner whose practice focuses on representing clients in Foreign Corrupt Practices Act and white-collar criminal investigations, including government enforcement actions and compliance counseling. She also advises clients on issues related to the FCPA, the federal securities laws, the False Claims Act, and other federal statutes.

Key areas we explain on this podcast are:

  • How the Monaco Memo instructs prosecutors to evaluate the prosecution of individuals responsible for corporate crime.
  • The Monaco Memo is guiding prosecutors to charge more foreign individuals as opposed to less.
  • Steps a company can take to show timeliness to the DOJ.
  • The Memo underscores the DOJ’s desire for companies to self-report misconduct that they become aware of.
  • Previously, in determining whether a monitorship was appropriate, prosecutors would look at what state your compliance program was in at the time of resolution.
  • The importance of clear communication in understanding the DOJ’s expectations.

Resources

Hughes Hubbard & Reed website 

Laura Perkins on LinkedIn

 

The Hughes Hubbard & Reed website has been updated with the following Anti-Corruption & Internal Investigations advisory:

Cutting Through the Noise: Take‑Aways from the DOJ’s Recent Announcements Regarding Corporate Criminal Enforcement

On September 15, 2022, Deputy Attorney General Lisa Monaco announced a series of policy revisions to the U.S. Department of Justice’s approach to criminal enforcement actions against corporations. At a high level, these new policy revisions show the Department’s desire to take an approach to criminal enforcement that targets the individuals directly responsible for corporate misconduct and encourages companies to assist in preventing misconduct by creating effective compliance programs and cultures. Companies should carefully review these policy changes and identify steps they can take to put themselves in the best position possible should they be subject to a criminal investigation in the future. 

For our discussion about these developments, follow this link to our website.

Practice Co-Chair Laura Perkins will cover this topic in-depth in an All Things Investigations podcast, which will be released on Monday, Sept. 26.

Categories
Blog

Monaco Memo – A Jolt for Compliance: Part 5 – The Heat is On for Compliance

Today, we conclude our exploration of the Monaco Memo by considering what all this may mean for compliance professional going forward. Department of Justice (DOJ) officials have emphasized that the changes laid out in the Monaco Memo and the requirements around Chief Compliance Officer (CCO) Certification are to empower compliance professionals. Deputy Attorney General Lisa Monaco said in the speech (Monaco Speech) announcing the Monaco Doctrine, “Companies should feel empowered to do the right thing—to invest in compliance and culture, and to step up and own up when misconduct occurs. Companies that do so will welcome the announcements today. For those who don’t, however, our Department prosecutors will be empowered, too—to hold accountable those who don’t follow the law.”

This was refined by Assistant Attorney General Kenneth A. Polite, who said in a speech (Polite Speech) after the Monaco Doctrine was announced, “in March 2022, I announced that, for all Criminal Division corporate resolutions (including guilty pleas, deferred prosecution agreements, and non-prosecution agreements), we would consider requiring both the Chief Executive Officer and the Chief Compliance Officer (CCO) to sign a certification at the end of the term of the agreement. This document certifies that the company’s compliance program is reasonably designed, implemented to detect and prevent violations of the law, and is functioning effectively. These certifications are designed to give compliance officers an additional tool that enables them to raise and address compliance issues within a company or directly with the department early and clearly. These certifications underscore our message to corporations: investing in and supporting effective compliance programs and internal controls systems is smart business and the department will take notice.”

Finally, Principal Associate Deputy Attorney General Marshall Miller said in a speech (Miller Speech), also after the announcement of the Monaco Doctrine, “I will focus on the ways those policy changes incentivize corporate responsibility and promote individual accountability – by clarifying, rethinking and standardizing policies on voluntary self-disclosure and corporate cooperation. I’ll also address how Department prosecutors are assessing some of the most challenging corporate compliance issues of the day, such as how incentive compensation systems can promote — rather than inhibit — compliance and how companies should be managing data given the proliferation of personal devices and messaging platforms that can take key communications off-system in the blink of an eye.”

However, I think many of these changes will put additional pressures on compliance programs. The new requirements for self-disclosure move beyond those announced under the FCPA Corporate Enforcement Program. The Monaco Memo stated, “it is imperative that Department prosecutors gain access to all relevant, non­privileged facts about individual misconduct swiftly and without delay.” [emphasis supplied] This in turn, puts even more pressure on internal reporting, whether through a hotline, online reporting portal, or simply an employee speaking up to a manager. That pressure means triaging, efficiently elevating and effectively investigating and evaluating the evidence developed. The clock is ticking, and a compliance professional does not know what the DOJ might already know or if a whistleblower has reported to the Securities and Exchange Commission (SEC) or another federal department or agency.

But the pressure does not end when self-disclosure occurs. The DOJ wants speed above all else in the delivery of evidence which could be used in the prosecution of individuals. Miller stated, “In building cases against culpable individuals, we have heard one consistent message from our line attorneys: delay is the prosecutor’s enemy — it can lead to a lapse of statutes of limitation, dissipation of evidence, and fading of memories. The Department will expect cooperating companies to produce hot documents or evidence in real time. [emphasis supplied] And your clients can expect that their cooperation will be evaluated with timeliness as a principal factor. Undue or intentional delay in production of documents relating to individual culpability will result in reduction or denial of cooperation credit. Where misconduct has occurred, everyone involved — from prosecutors to outside counsel to corporate leadership — should be “on the clock,” operating with a true sense of urgency.”

This requirement changes the dynamics of an investigation. Every CCO and compliance professional in such a situation must now speed up not simply their investigation process and turning over documents but their remediation efforts going forward. Of course, remediation is still an equally important part of your overall way forward to receive credit under the FCPA Corporate Enforcement Policy. A root cause analysis is also still a key component as well.

Another area for heat for the compliance professional is the new requirements for clawbacks. In the Miller Speech, he stated, “What we expect now, in 2022, is that companies will have robust and regularly deployed clawback programs. All too often we see companies scramble to dust off and implement dormant policies once they are in the crosshairs of an investigation.”

Companies should take note: compensation clawback policies matter, and those policies should be deployed regularly. A paper policy not acted upon will not move the needle — it is really no better than having no policy at all.

To up the ante, the Deputy Attorney General has instructed the Criminal Division to examine how to provide incentives for companies to clawback compensation, with particular attention to shifting the burden of corporate financial penalties away from shareholders — who frequently play no role in misconduct — onto those who bear responsibility. In addition to this stick, Miller also noted the carrot the DOJ wants to see, noting, “compensation systems to promote compliance isn’t just about clawbacks. It’s also about rewarding compliance-promoting behavior. For years, companies have designed and fine-tuned sophisticated incentive compensation systems that reward behavior that enhances profits.” She concluded, “We’ll be evaluating whether corporations are making the same types of investments in adopting and calibrating compensation systems that reward employees who promote an ethical corporate culture and mitigate compliance risk.”

The final area where the heat is on is the type of conduct which leads to the FCPA violations. Three of the criteria for determining whether a monitor will be mandated to deal with the length or pervasiveness of the conduct and whether senior management was involved; was the violation caused by the “exploitation of an inadequate compliance program or system of internal controls”; and finally, if “compliance personnel were involved or were basically negligent in failing to “appropriately escalate or respond to red flags.””

Compliance professionals should use the Monaco Doctrine, Memo, and related speeches to explain to senior management to educate C-Suite and Board leadership why and how an investment in compliance can pay off. For compliance professionals your work became much more important.

Categories
FCPA Compliance Report

Alvarez & Marsal Threatscape 2022 Report

In this episode of the FCPA Compliance Report, I am joined by Keith Williamson and Henry Chambers, Managing Directors at Alvarez and Marsal. We look at the firm’s Threatscape Report. Highlights of this podcast include:

A.    Threat 1-ABC Threats

  1. Why do you see a potential increase in anti-corruption investigations?
  2. In addition to the US under the FCPA, do you see other countries are actively assisting US authorities in ABC investigations?
  3. The new DOJ Monaco Doctrine reinstate the Yates Memo and the DOJ focus on individuals.  What does this mean for ABC investigations?
  4. What are some of the key challenges in handling investigations in China?
  5. How does this increase in ABC enforcement impact M&A?

B.     Threat 2-Fraud and Digital Asset Fraud Threats

  1. What are digit assets and digit asset fraud?
  2. The US has not yet released many regulations regarding cryptocurrency. What is the role of other countries in such regulation, if any?
  3. Why is the Ukraine war the first ‘digital asset war’?
  4. How have the worldwide sanctions against Russia impacted the growth and use of digit assets?
  5. What are the key controls and screen tools for digital assets that you advocate a company employ?

C.     Threat 3-Data Privacy and Data Protection

  1. What is the Personal Information Protection Law and how does it relate to the Chinese State Secrets and Data Security Laws?
  2. How can a non-Chinese company get data out of China?
  3. What are some of the key components of compliance program for this new law?
  4. How does this new law impact investigations in China?

Resources