In today’s edition of Daily Compliance News:
Tag: SEC
The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject. In this episode, we consider the recent SEC requirement for companies to publicly report clawback provisions and their effects in conjunction with the DOJ requirements for clawbacks. Highlights include:
· What are clawbacks?
· What does the SEC rule require?
· Are clawbacks the mirror of executive incentives?
· How does the DOJ position, as laid out in the Monaco Memo, differ (if any) from the SEC requirements?
· How far down the corporate chain must a clawback provision impact?
Categories
Some Thoughts on Clawbacks
Clawbacks have become a new topic in Foreign Corrupt Practices Act (FCPA) enforcement and compliance with the announcement of the Monaco Doctrine and release of the Monaco Memo. Matt Kelly, writing in Radical Compliance, noted, “The Securities and Exchange Commission [SEC] enacted a rule today that will require public companies to adopt and disclose executive compensation clawback policies, echoing the Justice Department’s effort to make companies exercise clawbacks more often when their executives commit misconduct.” With these developments, I thought it would be a good time to look at clawbacks and what they might mean for a corporate compliance program.
Let’s start with the basics, as in what is a clawback? According PayCor.Com a clawback “is a provision within a business or employment contract that allows—under a prescribed set of circumstances—an organization to reclaim incentive or bonus funds previously paid to an employee. Clawback clauses provide a form of guarantee in situations where a business needs to respond to employee misconduct, poor job performance, low achievements or a general decline in revenue.” The two key requirements are that (1) it is a ‘provision’ i.e., a written clause in a written employment agreement and (2) it is for compensation received in the form of an incentive or bonus, i.e., not salary. This second provision will be a critical point for employees.
Sanjai Bhagat and Charles M. Elson, in a Harvard Business Review (HBR) article entitled “Why Executive Compensation Clawbacks Don’t Work”, said, “the executive pay “clawback,” an idea that had its debut during the discussion around the passage of the Sarbanes-Oxley Act [SOX] in 2002, has become an increasingly common provision in executive compensation packages. In theory, clawback policies enable companies to recover incentive pay granted to executives for achieving financial performance targets on the basis of decisions and actions that subsequently turn out to be ethically and legally questionable, and which impose significant monetary and reputational liabilities on the company.” Indeed, as reported in the Wall Street Journal(WSJ), there have 11 executives sued by or who have settled with the SEC, based upon SOX.
Michael Schrage, in a 2012 HBR piece entitled “Bonuses Are Good, But Clawbacks Make Them Better”, said of the actions which can lead to clawbacks, “The behaviors may not be criminal or even unethical but they undeniably lead to decisions where individuals maximize their own compensation at the expense of their organization in potentially destructive ways. This typically holds true for the highest-ranking and most dynamic slices of industry, whether financial services, professional sports, health care or high tech.” This articulation would seem to fit in both the Department of Justice (DOJ) and SEC recent pronouncements.
While the regulators have focused on the punitive aspects of clawbacks, Schrage also notes they are the mirror for incentive-based compensation. “The fundamental asymmetry, of course, is the presence of bonuses and an absence of clawbacks. That is, individuals and teams may receive impressively large and ostensibly “performance-based” bonuses if they hit their numbers.” If there is no response for those who lie, cheat and steal to get such compensation, he believes an organization “is guilty of bad behavioral economics and even worse management” and that clawbacks are “deterrents and insurance policies for organizations that fear that talented individuals may take inappropriate and unsustainable shortcuts to get the bonus. Clawbacks are an essential technique for balancing long-term business health against short-term bonus wealth.”
All of this means that you should not think of compensation incentives and clawbacks as separate tools in your compliance tool kit but as complimentary tools to help foster a best practices compliance program. Bhagat and Elson propose “incentive compensation of corporate executives should consist only of restricted equity”; that is, an executive cannot sell shares of stock or exercise the options for six to 12 months after their last day in office. They believe, “This would prevent executives from capturing the financial gains from questionable decisions or actions before the longer-term costs of those decisions or actions became apparent. And from the company’s perspective, it is clearly easier to simply withhold the stock or options than to attempt to recover cash paid out.”
It would also make things from the SEC reporting perspective a bit easier as well, because as Kelly noted, the “SEC is requiring companies to develop and implement a policy providing for the recovery of erroneously awarded incentive-based compensation” which must “be filed as an exhibit in the company’s annual report, and the report must include disclosures about “any actions an issuer has taken pursuant to such recovery policy.””
The bottom line is that while both the SEC and DOJ’s thinking on clawbacks has evolved, the business commentary has been talking about clawbacks as a part of a best practices compensation program for some time. Bhagat and Elson wrote, “It is critical to good governance that companies be able to recover compensation from senior executives that has not been fairly and fully earned.” Schrage went further, stating, “Healthy conversations around clawbacks are as important to risk-management and employee morale as well-designed incentive-based compensation programs and a generous bonus pool. I’d argue there’s no such thing as well-designed incentive compensation programs that don’t have a carefully calibrated clawback component. Emphasizing bonuses at the expense of clawbacks is bad for everyone.”
With these new statutory requirements from the SEC based upon Dodd Frank and the pronouncements laid out in the Monaco Memo, clawbacks represent one of those rare mechanisms which represents a convergence between legal and regulatory concerns and better business outcomes. The government wants assurances that executive compensation is not determined by FCPA violations, financial fraud or other nefarious conduct and business want processes that those who do business ethically and in compliance by creating value through best practices compliance rather than cheating and law-breaking are properly incentivized.
In today’s edition of Daily Compliance News:
- Nigeria loses reimbursement claim against Glencore. (FT)
- 10 takeaways from the Crypto Story. (Bloomberg)
- SEC adopts executive compensation clawback rules. (Reuters)
- Glencore sued over bribery in Congo. (WSJ)
The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject. In this episode, we consider the recent statement by Paul Munter, the SEC’s acting chief accountant, who urged auditors to assess fraud risk among their clients better. Highlights include:
- Why did the SEC raise these points in the first place? What are they trying to tell auditors that they’re doing wrong?
- Are auditors equipped to be more aggressive in fraud risk assessment and investigation?
- What should compliance officers think about vis-a-vis the SEC’s statement?
- What is the role of compliance in anti-fraud?
- How will this impact compliance audits by external auditors and fraud examiners?
Resources
Matt in Radical Compliance
In this episode, I take on a solo pod to discuss and consider the Oracle FCPA enforcement action brought by the Securities and Exchange Commission.
Key areas we discuss on this podcast are:
- Background facts.
- Same facts in same country?
- Failure of a paper program.
- The need for data analytics.
- Where is the DOJ?
- What are the lesson learned going forward?
Resources
For a White Paper on the Oracle FCPE enforcement action, email tfox@tfoxlaw.com
After revisiting “Parking in India” from 2012, we return to explore more from the Foreign Corrupt Practices Act (FCPA) recidivist Oracle Corporation. We previously reviewed the bribery schemes in general and how they worked in practice. Given not simply the recidivist status but the nature and location of the bribery schemes, one might reasonably ask questions about the resolution. Quite simply, how did Oracle achieve the result they did?
The Comeback
Under the FCPA Corporate Enforcement Policy, as developed by the Department of Justice (DOJ), the requirements for leniency were (1) self-disclosure, (2) extensive cooperation during the investigation and (3) thorough remediation up to the conclusion of the matter. Under the recent Monaco Memo, this prong 3 was further explained as creating a compliance program to address the issues which led to the compliance program and then testing that program prior to the conclusion of the resolution. While the Securities and Exchange Commission (SEC) does not have a similar written Policy they have followed the DOJ’s lead on since the implementation of the FCPA Corporate Enforcement Policy in November 2017.
In the 2022 Order, it specified there was some type of self-disclosure. The Order stated, “the Commission [SEC] considered that Oracle self-reported certain unrelated conduct, remedial acts it undertook, and cooperation afforded the Commission Staff.” This is one of the most oblique references to self-disclosure seen in an FCPA enforcement action. It is not clear what the ‘unrelated conduct’ might have been nor how it related to the FCPA violations. Whatever this unrelated conduct was, it was self-disclosed to the SEC and apparently that self-disclosure was enough to satisfy the SEC that self-disclosure had occurred.
The next requirement is thorough cooperation with the SEC during the investigation. Here the Order stated, “Oracle’s cooperation included sharing facts developed in the course of its own internal investigations, voluntarily providing translations of key documents, and facilitating the staff’s requests to interview current and former employees of Oracle’s foreign subsidiaries.” Each one of these factors should be digested by every compliance officer to understand what the SEC thinks is important. It may be different from the DOJ, particularly after the Monaco Memo, but these actions are all clearly important to the SEC.
Finally, of course, is the remediation. Here the Order specified several actions in greater detail than in most Orders. The Order stated, “Oracle’s remediation includes:
- terminating senior regional managers and other employees involved in the misconduct and separating from employees with supervisory responsibilities over the misconduct;
- terminating distributors and resellers involved in the misconduct;
- strengthening and expanding its global compliance, risk, and control functions, including the creation of over 15 new positions and teams at headquarters and globally;
- improving aspects of its discount approval process and increasing transparency in the product discounting process through the implementation and expansion of transactional controls;
- increasing oversight of, and controls on, the purchase requisition approval process;
- limiting financial incentives and business courtesies available to third parties, particularly in public sector transactions;
- improving its customer registration and payment checking processes and making other enhancements in connection with annual technology conferences;
- enhancing its proactive audit functions;
- introducing measures to improve the level of expertise and quality of its partner network and reducing substantially the number of partners within its network;
- enhancing the procedures for engaging third parties, including the due diligence processes to which partners are subjected;
- implementing a compliance data analytics program; and
- enhancing training and communications provided to employees and third parties regarding anti-corruption, internal controls, and other compliance issues.”
Resources
These changes appear to be extensive and potentially significant within the greater Oracle compliance program. There was increased resources made available to Oracle through an increase in head count (15 new positions), restructuring of compliance groups and creation of new compliance teams. Additionally, the implementation of a compliance data analytics program would also fall under additional resources. Finally, Oracle moved to more proactive auditing.
Discipline
There were terminations of Oracle employees including “senior regional managers and other employees involved in the misconduct” in addition to the termination of distributors and resellers involved in the misconduct. While not tied to a disciplinary role but clearly in the less is more approach Oracle substantially reduced the number of business partners within its network.
Training
Next was in the area of training. There was enhanced “training and communications provided to employees and third parties regarding anti-corruption, internal controls, and other compliance issues.” This would seem to indicate enhanced training for those remaining business partners.
Internal Controls
Finally, there was the area of internal controls enhancement. Here there were improvements in the following areas: (a) discounting by improving aspects of the Oracle discount approval process and increasing transparency in the product discounting process through the implementation and expansion of transactional controls; (b) procurement through the increased oversight of, and controls on, the purchase requisition approval process; (c) removal of perverse incentives by limiting financial motivations and business courtesies available to third parties; (d) basic GTE by improving its customer registration and payment checking processes and making other enhancements in connection with Oracle technology conferences.
DOJ
Obviously, recidivist behavior is one of the key areas the DOJ focused on in the Monaco Memo. It is one of the factors the DOJ assesses in any resolution of an enforcement action. The Monaco Memo does note that civil penalties over five years old will be given lesser weight so perhaps the 2012 SEC FCPA enforcement action involving Oracle’s conduct in India plays into the SEC analysis here. There is also the question of a monitor for a company with recidivist behavior which Oracle avoided in this SEC resolution. In the Monaco Memo, two of the areas of evaluation are:
- Whether, at the time of the resolution and after a thorough risk assessment, the corporation has implemented an effective compliance program and sufficient internal controls to detect and prevent similar misconduct in the future;
- Whether, at the time of the resolution, the corporation has adequately tested its compliance program and internal controls to demonstrate that they would likely detect and prevent similar misconduct in the future;
While the SEC Order lays out in detail the remediation, there is no information on any testing performed by Oracle on the new components of its compliance program or on its controls.
As yet there is no information on a DOJ resolution. Given the tenor of the most recent DOJ announcements including the Monaco Memo, and the subsequent speech by Principal Associate Deputy Attorney General Marshall Miller and speech by Assistant Attorney General Kenneth A. Polite, it appears that recidivism will be greatly frowned upon. Also, unclear would be whether the DOJ would require a monitor based upon the remediation made by Oracle as reported in the SEC Order. As noted, there is no indication of testing of the compliance program enhancements. All in all, lots of questions for the DOJ and we will have to wait for a DOJ resolution to see if we can begin to answer some of them.
Please join me tomorrow where I conclude this series by considering what does it all mean for the compliance professional.
Welcome to From the Editor’s Desk, a podcast where co-hosts Tom Fox and Kyle Brasseur, EIC at Compliance Week, unpack some of the top stories which have appeared in Compliance Week over the past month, look at top compliance stories upcoming for the next month, talk some sports and generally try to solve the world’s problems.
In this month’s episode, we look back at top stories in CW from September around the FCPA enforcement actions involving GOL and Oracle, the Monaco Doctrine as reflected in the Monaco Memo, and the SEC spanking of banks for nearly $2MM over employees using messaging apps. We discussed the ESG virtual event and previewed the CW 2022 in Europe, which will be held in Scotland, and the virtual 3rd Party Risk conference, scheduled for December.
We conclude with a look at some of the top sports stories, including a look at the Tua Tagavoiloa and the NFL concussion protocols, and ask Kyle how he would have covered; the Boston Celtic’s imbroglio regarding its suspended head coach Ime Udoka and Aaron Judge and his season for the ages.