Categories
Daily Compliance News

Daily Compliance News: September 27, 2024 – The Hiz Honor Indicted Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • NYT Mayor Adams indicted on bribery and corruption charges.  (NYT)
  • What happens when a news organization is a hedge fund or class action firm? (Bloomberg)
  • DOJ probing Super Micro Computer. (WSJ)
  • SEC fines 11 more firms for failures in messaging apps. (SEC Press Release)

Categories
Everything Compliance

Everything Compliance: Episode 141, Tribute to Nick Gallo Episode

Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows.

In this episode, we take up a potpourri of topics. We have the quartet of Matt Kelly Jonathan Armstrong, Jonathan Marks, and Karen Moore; all hosted by Tom Fox.

  1. Matt Kelly looks at the issue of what and who are in your Supply Chain after the pager attacks in Lebanon. He shouts out to Michaela Deprince for a life well lived.
  2. Karen Moore takes a deep dive into executive Clawback and Holdback provisions. She shouts out to Nick Gallo and asks all to keep him in their thoughts and prayers for a speedy recovery.
  3. Karen Woody reviews the Flyfish SEC enforcement action about NFTs as securities. She shouts out to pop culture and the great show on Apple TV Slow Horses.
  4. Jonathan Marks considers the imbroglio of PwC in China and what it means for audit firms trying to do business in China. He shouts out to eBay for providing authenticator services and briefs us on the Keeper Test.
  5. Tom Fox shouts out to Los Angeles Dodger Shohei Ohtani for having one of the greatest single seasons in MLB by a hitter.

The members of the Everything Compliance are:

The host and producer, rantor (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the award-winning Compliance Podcast Network.

Categories
Blog

The John Deere’s FCPA Case: A Throwback to Compliance Fundamentals

In corporate compliance, some very basic compliance lessons are destined to be repeated. This was clear from the recently announced Securities and Exchange Commission (SEC) Foreign Corruption Practices Act enforcement action involving Deere (John Deere herein). The $9.9 million settlement between John Deere and the SEC involved FCPA violations at its Wirtgen Group subsidiary. It offers a stark reminder that even the most established companies can stumble over basic compliance principles. For those in the compliance community, this case highlights the importance of robust integration post-acquisition and serves as a throwback to classic FCPA pitfalls that should have been avoided.

The John Deere Case: A Synopsis

According to the SEC Press Release announcing the resolution, “From at least late 2017 through 2020, Wirtgen Thailand employees bribed Thai government officials with the Royal Thai Air Force, the Department of Highways, and the Department of Rural Roads to win multiple government contracts and also bribed employees of a private company to win sales to that company. The order finds that the bribes included cash payments, massage parlor visits, and international travel for government officials and private company employees. According to the SEC’s order, Wirtgen Thailand made approximately $4.3 million in profits” from these bribes. The improper payments were inaccurately recorded as legitimate expenses in Deere’s books and records.

The settlement resulted in John Deere paying $9.9 million in penalties and disgorgements. While the case details could easily be mistaken for a compliance nightmare from the early 2000s, it happened just last year, making it a timely cautionary tale for compliance professionals today.

The Importance of Post-Acquisition Integration

One of the most glaring issues in this case was John Deere’s failure to integrate Wirtgen’s operations into its compliance program swiftly. This lapse is a textbook example of the risks arising when companies fail to prioritize compliance during and after mergers and acquisitions. The SEC’s settlement order emphasized this point, making it clear that Deere’s delay in extending its compliance framework to Wirtgen created an environment where bribery and corruption could thrive unchecked.

This raises critical questions for compliance professionals: How quickly can we realistically integrate an acquired company into our compliance program? What resources are needed to ensure this integration happens efficiently? The answers to these questions are theoretical; they have real-world implications for preventing violations and avoiding costly enforcement actions.

The Role of Internal Controls and Red Flags

The SEC’s order also highlighted several internal control failures and red flags Deere’s compliance team should have caught regarding gifts, travel, and entertainment (GTE). Expense reports with round numbers, lack of detail in expense documentation, and including non-existent employees to justify expenses are all classic indicators of fraud and bribery. Yet, these obvious signs were missed—or worse, ignored. What makes all of this even more egregious is that the rules around gifts, travel, and entertainment for clients have long been known, since at least 2007 when the Department of Justice (DOJ) issued Opinion Releases 07-01 and 07-02, which detailed the DOJ’s expectations for GTE going forward.

This oversight suggests a deeper issue: a lack of robust internal audit and compliance mechanisms within Deere at the time. It is a stark reminder that strong internal controls are not just a regulatory requirement but essential tools for detecting and preventing unethical behavior. The lesson for compliance officers is to continually assess and strengthen these controls, ensuring they can identify red flags before they escalate into full-blown violations.

The Perennial Importance of Pre-Acquisition Due Diligence

Another critical aspect of this case is the apparent need for thorough pre-acquisition due diligence. The SEC’s order does not mention evidence of John Deere conducting such due diligence before acquiring Wirtgen, raising serious concerns about the company’s risk assessment process. In high-risk markets like Thailand, where corruption is pervasive, skipping or skimping due diligence can be costly.

Compliance professionals should take this as a reminder to prioritize comprehensive due diligence in any acquisition, especially when the target operates in regions of corruption risks. This includes reviewing the target’s compliance program and understanding its business practices, key relationships, and potential vulnerabilities. As Deere’s case demonstrates, failure to do so can expose a company to significant legal and financial liabilities.

Positive Steps and Root Cause Analysis

While the case against John Deere is filled with the company’s missteps, the company’s response post-settlement also offers some positive lessons. John Deere has enhanced its internal audit and compliance programs, including launching an in-house compliance podcast and a bi-monthly compliance newsletter. These initiatives reflect an effort to improve the company’s tone at the top and engage employees in ongoing compliance education.

Moreover, Deere’s commitment to conducting a root cause analysis is particularly noteworthy. We saw this set out by the DOJ in its enforcement action involving SAP earlier this year. Understanding the root causes of compliance failures is crucial for preventing future violations. In this case, the root cause seems to stem from a failure to integrate Wirtgen into John Deere’s compliance framework rather than from deficiencies in accounting or transparency. This distinction highlights the need for companies to identify compliance gaps and address the underlying issues that allow those gaps to exist in the first place.

For compliance professionals, the takeaway is clear: a robust root cause analysis is a vital component of any remediation effort. Whether conducted by the compliance team, internal audit, or an external party, this analysis should be thorough and inform subsequent risk assessments and program improvements.

Learning from the Past

In many ways, the John Deere case feels like a throwback to the early days of FCPA enforcement, when companies were still learning the ropes of anti-bribery compliance. The violations at Wirtgen Thailand are reminiscent of the kind of misconduct that the DOJ and SEC have warned against for over a decade, with the GTE issues mandated nearly 15 years ago. Yet, here we are in 2024, still grappling with the same basic issues.

The John Deere enforcement action serves as a sobering reminder that the fundamentals of compliance—strong internal controls, thorough due diligence, timely post-acquisition integration, and ongoing risk assessment—are as relevant today as they were 20 years ago. The challenge for compliance professionals is ensuring that these fundamentals are understood and deeply embedded in the company’s culture and operations.

Ultimately, the John Deere case is a call to action for the compliance community. It reminds us that even large, sophisticated companies can falter if they lose sight of the basics. It prompts us to revisit those basics in our organizations, ensuring that we are not just keeping up with the latest trends in compliance but also mastering the fundamentals that will protect our companies from tomorrow’s risks.

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance: Episode 37 – The Florida Couple Edition

What happens when two top compliance commentators get together? They talk compliance, of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode!

In this episode, Tom and Kristy discuss the controversial LinkedIn post that categorized people aged 45 to 55 as in ‘late career,’ while highlighting how Gen Z is showing new enthusiasm for corporate jobs. They delve into the Biden administration’s crackdown on Chinese imports linked to modern slavery and debate the costs of closing the de minimis exception for tariffs and package reviews. Additionally, they touch on the alarming case of a missing Chinese executive and dissect the implications of mandatory retirement ages in corporate America. The episode wraps up with a quirky story about a Florida couple (not Florida Man) attempting to claim a lottery prize with a laminated, torn ticket, showcasing the wide spectrum of compliance and ethical issues in today’s world. Tune in for a mix of insightful discussion and lighter moments from the compliance community.

Stories Include:

  • What me? retire? (FT)
  • The top Chinese bank told me to wire money. (FT)
  • Ex-Glencore execs appear in court. (FT)
  • PCAOB orders audit firms to bring in outsiders.  (FT)
  • The way forward for ESG. (FT)
  • Biden Takes Aim at China’s Temu and Shein with Trade Crackdown. (WSJ)
  • An affair cost Alan Shaw his job and severance. Will Norfolk Southern also try to claw back his pay? (Fortune.com)
  • 20-Somethings Learn to Love Their Corporate Jobs. (WSJ)
  • SEC Charges Seven Public Companies with Violations of Whistleblower Protection Rule. (SEC)
  • Florida couple caught allegedly tapping lottery ticket together to claim $1 million prize. (FOX Orlando 35 

Resources: 

Kristy Grant-Hart on LinkedIn

Spark Consulting

Prove Your Worth

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Into the Weeds

Compliance into the Weeds: Everything Old is New Again – The John Deere FCPA Enforcement Action

The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom Fox and Matt Kelly take a deep dive into the recent Securities and Exchange Commission FCPA enforcement action involving John Deere.

The case centers on a $10 million civil penalty imposed by the SEC for bribery activities in the Thailand office of a newly acquired subsidiary, Wirtgen Group. This transgression spanned from 2017 to 2020, and despite having a code of business conduct, Wirtgen employees flouted rules by falsifying expenses, entertaining government officials at massage parlors, and engaging in a luxury sightseeing tour under the guise of a factory visit.

A critical issue was John Deere’s delayed integration of Wirtgen into its compliance program, leading to internal control lapses and obvious red flags in expense reports. Although Deere has since taken significant remedial actions, including firing culpable employees and enhancing its compliance and internal audit programs, the situation underscores persistent compliance challenges even for large, sophisticated firms. This episode serves as a reminder of the essential compliance lessons from past decades that firms must steadfastly adhere to.

Key Highlights:

  • Details of the Bribery Scheme
  • Internal Control Violations
  • Pre- and Post-Acquisition Due Diligence Issues
  • Remedial Steps and Improvements
  • Root Cause Analysis and Lessons Learned

Resources:

Matt in Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Great Women in Compliance

Great Women in Compliance: Karen Woody on The Voice of Victims in Negotiated Plea Agreements

The recent Boeing plea agreement has led to many discussions about the role of victims in negotiated settlements, and today we have one of the top academic experts on the SEC and financial securities regulation, Karen Woody.  Karen is an associate professor at Washington & Lee School of Law. Karen and Lisa discuss why the Boeing case is a good example of who the victims are because the victims suffered a tragedy.  However, many other white-collar cases (we hope) are not as clear, especially in the FCPA bribery context, and what avenues of relief that others have, particularly in the international context.

Lisa and Karen also follow on the prior episode’s discussion of internal controls, particularly in light of the Solarwinds case. They talk about whether internal controls are the appropriate way for the SEC to pursue certain claims, such as cybersecurity or in a bribery case, and whether they should be limited to accounting provisions and whether other controls would be more appropriate, and if they don’t exist, should they?

Karen also shares her journey into academia and gives some practical tips for those who are interested in teaching and how to be resilient when one hits roadblocks. #GWIC is proud to announce that it has been nominated for the WomenInPodcastAwards. This is a people’s choice award and whether you vote for #GWIC or other nominees, we ask that you send the elevator back down by voting. Voting opens August 1, 2024, and details can be found on the #GWIC Linkedin page at http://www.linkedin.com/groups/12156164

Resources:

Join the Great Women in Compliance community on LinkedIn here.

Categories
10 For 10

10 For 10: Top Compliance Stories For The Week Ending September 14, 2024

Welcome to 10 For 10, the podcast that brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance, brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes, hear about the stories every compliance professional should be aware of from the prior week.

Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • Albanian ex-PM indicted for corruption. (Reuters)
  • The Bibi Files. (The Guardian)
  • NYPD Police chief resigns. (NYT)
  • Will South Africa leave the FATF dirty money list in 2025? (Bloomberg)
  • Google and Apple face billions in back taxes in the EU. (NYT)
  • Slovakia loses corruption battle. (Politico)
  • John Deere settles FCPA allegations.   (WSJ)
  • Ex-Glencore employees plead not guilty. (FT)
  • PCAOB requires audit firms to bring in outside experts to oversee audit quality. (FT)
  • Hong Kong now high-risk? (WSJ)

Connect with Tom 

Instagram  Facebook  YouTube  Twitter  LinkedIn

Categories
Blog

Addressing Pre-taliation

One of the most talked about subjects in corporate compliance is the issue of pre-taliation—an increasingly common enforcement target by the U.S. Securities and Exchange Commission (SEC). Matt Kelly and I did a recent podcast on the topic, and you can check out the recent episode of Compliance Into the Weeds for an audio discussion of the topic. Matt has blogged on the topic of Radical Compliance. This post will deeply dive into this issue and show why pre-taliation clauses in contracts, which inhibit whistleblowers from claiming financial rewards, are illegal and how compliance officers can effectively address this recurring problem.

What Is Pre-Taliation?

Pre-taliation refers to contract provisions that prevent or discourage employees from reporting potential misconduct to regulators. Typically, these clauses claim an employee forfeits the right to financial rewards associated with whistleblowing. While companies cannot directly prohibit employees from reporting wrongdoing, they attempt to introduce barriers that dissuade individuals from taking the financial risk of blowing the whistle. These clauses have a “chilling effect” on potential whistleblowers and are, quite simply, illegal under SEC rules.

The SEC’s recent enforcement actions against several corporations show that despite being a known violation, many businesses continue to use these clauses in their employment contracts. The fines may be relatively small, but the impact of these enforcement actions is clear: companies must remove pre-taliation language from all contracts, or they will face the consequences.

Recent SEC Enforcement Actions on Pre-Taliation

Last week, the SEC sanctioned seven companies for including pre-taliation language in their employment contracts. One major violator, Acadia Healthcare Corporation, was fined $1.4 million, while others, including TransUnion and IDEX Corporation, paid penalties ranging from $19,000 to $690,000. While these fines may seem minor compared to other enforcement actions, the real issue lies in the recurring use of these illegal clauses.

For the compliance professional, the key is that these contracts stated that employees were free to report potential violations to regulators. Still, they included an additional clause that employees had to forfeit any right to claim whistleblower rewards. This approach violates SEC whistleblower provisions designed to incentivize whistleblowers with financial rewards for bringing misconduct to light.

Why Do Companies Use Pre-Taliation Clauses?

Companies continue to use such clauses to prevent them from going to the SEC or other regulators. Including pre-taliation language is an intentional tactic designed to scare employees into silence. These clauses are legally dubious, but they can effectively discourage employees from whistleblowing if they are unaware of their legal rights. The logic is simple: why risk your career and financial livelihood to report misconduct without potential financial reward?

In some cases, these companies may also be testing the boundaries of the law if regulators do not prioritize enforcement. However, as the SEC’s actions have shown, this is a serious miscalculation, as it is clear that using such clauses is intentionally trying to prevent employees from exercising their federal rights.

Addressing Pre-Taliation: A Compliance Officer’s Roadmap

How can compliance officers avoid falling into the same trap as Acadia Healthcare and others? Here’s a practical roadmap for compliance professionals tasked with eliminating pre-taliation clauses from their companies’ contracts:

  • Conduct a Contract Review

The first step is to conduct a comprehensive review of all employment contracts, both current and historical. This is easier said than done, particularly for large organizations with decentralized operations. As Matt Kelly pointed out, the challenge lies in the sheer volume of contracts and the number of people involved in drafting and approving them. Contracts may come from various teams—HR, legal, commercial, and even procurement—so identifying all instances of pre-taliation language requires a coordinated effort across multiple departments.

  • Establish Clear Contract Policies

The next step is establishing clear and enforceable policies about what can and cannot be included in contracts. This policy should be enterprise-wide and include specific language that prohibits the inclusion of pre-taliation clauses. Not only does this create a standard for new contracts, but it also sets a clear precedent for remediating older contracts that may still contain illegal language.

This policy should also include specific guidelines for all contracts, not just employment agreements, as pre-taliation clauses can sometimes slip into customer contracts, vendor agreements, and third-party relationships. For instance, earlier this year,  J.P. Morgan was penalized for including pre-taliation language in its customer contracts, which stipulated that customers had to notify the company before reporting misconduct to regulators.

  • Collaborate with Legal and HR Teams

A cross-functional approach is critical to solving this issue. Compliance officers must work closely with the legal and HR teams to implement contract policies correctly. HR plays a key role in drafting employment contracts, while the legal department ensures the language complies with regulatory standards. Without close collaboration, tracking down all the contracts that need to be updated or ensuring that future contracts are compliant will be nearly impossible. The idea that there is a magical person in the company who can fix this problem is a myth. Addressing pre-taliation requires a team effort involving multiple functions and a strong commitment to enterprise-wide remediation.

  • Provide Employee Education

Another important step is to educate employees about their rights under whistleblower laws. Pre-taliation language works best when employees do not understand that these clauses are illegal. By informing employees of their rights, compliance officers can undermine the chilling effect these clauses are designed to create. Employees should know they are legally entitled to report misconduct to regulators and cannot be penalized.

  • Establish a Remediation Plan for Older Contracts

Once all pre-taliation clauses have been identified, the next step is to establish a remediation plan. This may involve contacting former employees who signed contracts with illegal language and current employees who must be informed that their contracts have been updated. While this can be a complex process, it is essential for maintaining the integrity of the company’s compliance program.

  • Monitor for Future Violations

Finally, compliance officers should establish ongoing monitoring to ensure that pre-taliation language doesn’t slip into future contracts. This can be done by including contract reviews as part of regular compliance audits or by implementing automated tools to flag problematic language. By proactively monitoring contract language, compliance officers can prevent future violations and ensure that their company complies with SEC regulations.

A Simple Fix but a Complex Process

Addressing pre-taliation clauses may seem straightforward, but as Matt Kelly pointed out, it can be highly complex. With multiple stakeholders involved and various contracts to review, it truly takes a coordinated, enterprise-wide effort to eliminate these illegal provisions.

For compliance officers, the message is clear: do not wait for the SEC to come knocking. Review contracts, establish clear policies, and educate employees about their rights. By taking these steps, compliance officers can ensure that their companies are compliant and foster a culture where whistleblowers feel empowered to come forward. With the new DOJ Whistleblower Financial Incentive Program, it is only a matter of time before the DOJ comes knocking.

Categories
Compliance Into the Weeds

Compliance into the Weeds: Pre – taliation Illegality- from Employment Contracts to All Contracts

The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom Fox and Matt Kelly take a deep dive into the recent SEC enforcement actions against several companies for pre-taliation clauses and related illegal intent.

Our conversation discusses recent enforcement actions by the SEC sanctioned against seven companies for a total of $3 million in civil penalties. The main issue was that these contracts required employees to forfeit any right to whistleblower awards if they reported misconduct to regulators. The conversation explores the legality of these contract clauses and the chilling effect they have on potential whistleblowers. Tom and Matt also discuss the challenges of remediation and the need for a comprehensive approach to address retaliatory clauses in all types of contracts.

Key Highlights:

  • SEC Enforcement Actions on Pre-Retaliation Language
  • The Illegality of Pre-Retaliation Clauses
  • Addressing Pre-Retaliation Clauses: Remediation Challenges
  • Expanding the Focus: From Employment Contracts to All Contracts

Resources:

Matt in Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Check out the full 3-book series, The Compliance Kids on Amazon.com.

Categories
10 For 10

10 For 10: Top Compliance Stories For The Week Ending September 7, 2024

Welcome to 10 For 10, the podcast that brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance, brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes, hear about the stories every compliance professional should be aware of from the prior week.

Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • A Nigerian tech boss fined $250MM for a fictional company. (FT)
  • 7 people have died from a listeria outbreak so far. (NYT)
  • How much did Stewart Health Care pay its agent? (OCCRP)
  • The former VW chief goes to trial for the emissions testing scandal. (NYT)
  • HP to go after Lynch’s widow. (Reuters)
  • Another round of SEC enforcement actions for off-channel comms. (WSJ)
  • Corruption pushing Africans to immigrate. (Al Jazeera)
  • ENRC seeks $290MM from SFO for a botched investigation. (WSJ)
  • Did BoA share non-public information with investors? (WSJ)
  • Biden to block Japanese takeover of US Steel. (Bloomberg)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

You can check out the Daily Compliance News for four curated compliance and ethics related stories each day, here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn