Tag: self disclosure

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance – Episode 24 — The Self-Disclosure Edition

What happens when two top compliance commentators get together? They talk about compliance, of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode! In this episode, Tom and Kristy take on a wide variety of compliance-related topics.

The Department of Justice (DOJ) is launching a paid whistleblower initiative, specifically targeting cases of criminal exploitation of the U.S. financial system that slip through the cracks of existing agency schemes. This move has elicited various perspectives, notably from compliance experts Tom Fox and Kristy Grant-Hart. Fox, drawing on his extensive experience in compliance, identifies the program as a vital development, filling a gap in whistleblower compensation efforts. He anticipates that it will compel compliance officers to foster a culture of reporting and enhance efficiency in managing investigations. On the other hand, Kristy, a renowned compliance specialist, also views the initiative positively but expresses concerns about the increased pressure on organizations to ensure compliance.

Despite this, both experts agree that the program is a step in the right direction towards promoting transparency, accountability, and ethical corporate behavior.

Highlights Include:

1. DAG Monaco Speech (DOJ Release)

2. Nicole M. Argentieri Speech (DOJ Release)

3. CTA struck down (WSJ)

4. Leadership Lessons from Robert Oppenheimer (WSJ)

5. State governments move to regulate AI (NYU)

6. The Percentage Of Corporate DOJ And SEC FCPA Enforcement Actions That Result From A Voluntary Disclosure (FCPA Professor)

7. Husband Who Eavesdropped on Wife’s Work Calls Pleads Guilty to Insider Trading (WSJ)

8. SEC Adopts Climate Disclosure Rule (Radical Compliance)

9. Is It Ever OK to Have an 8 a.m. Meeting? (WSJ)

10. The Florida Man Games (NYTimes)

Resources:

Kristy Grant-Hart on LinkedIn

Spark Consulting

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Ten Top Lessons from Recent FCPA Settlements – Lesson No. 1, Self-Disclosure

Over the past 15 months, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have made clear, through three Foreign Corrupt Practices Act (FCPA) enforcement actions and speeches, their priorities in investigations, remediations, and best practices compliance programs. Every compliance professional should study these enforcement actions closely for the lessons learned and direct communications from the DOJ. They should guide not simply your actions should you find yourself in an investigation but also how you should think about priorities.

The three FCPA enforcement actions are ABB from December 2022, Albemarle from November 2023, and SAP from January 2024. Taken together, they point a clear path for the company that finds itself in an investigation, using extensive remediation to avoid monitoring, and provide insight for the compliance professional into what the DOJ expects in a best practices compliance program on an ongoing basis.

Over a series of blog posts, I will lay out what I believe are the Top Ten lessons from these enforcement actions. Today, we begin with Number 1, self-disclosure. The first and most important thing is that a company should self-disclose a potential FCPA violation to the DOJ.

The DOJ expects and will reward self-disclosure above all else. The ABB enforcement action all began with ABB’s putative attempt to self-disclose. ABB set up a meeting where they intended to self-disclose but only set up the meeting without telling the DOJ the reason for the meeting. Unfortunately for ABB, this attempt was unsuccessful, as the South African press broke the story of ABB’s bribery and corruption between the time ABB called to set up a meeting and sat down with the DOJ. Yet the DOJ spent significant time discussing the underlying facts, and it was clear it positively impacted the DOJ.

Kenneth Polite, then Assistant Attorney General, said of ABB’s conduct around this attempt, “Before the meeting, however, a media report drew public attention to the wrongdoing.  But because the company could demonstrate intent and efforts to self-disclose before, and without any knowledge of, the media report, the Department weighed both the early detection of the misconduct and the intent to disclose it significantly in ABB’s favor.”

In the Albemarle enforcement action, there was a significant discussion in the NPA around Albemarle’s voluntary self-disclosure to the DOJ. “The disclosure was not “reasonably prompt,” as it was made approximately 16 months ago to the DOJ after initial discovery by the company. This meant the self-disclosure “was not within a reasonably prompt time after becoming aware of the misconduct in Vietnam,” and it means that Albemarle did not meet the standard for voluntary self-disclosure. While the DOJ “gave significant weight” to the company’s voluntary, even if untimely, disclosure of the misconduct, it is certainly cautionary.

Equally interesting was the SAP enforcement action. Although this factor was not present in the SAP enforcement action, the DOJ’s message regarding the DOJ’s expectation of self-disclosure and the obvious and palpable benefits could not be any clearer. Under the Corporate Enforcement Policy, SAP’s failure to self-disclose cost it an opportunity of at least 50% and up to a 75% reduction off the low end of the U.S. Sentencing Guidelines fine range. Its actions as a criminal recidivist resulted in it not receiving a reduction of at least 50% and up to 75% from the low end of the U.S.S.G. fine range but rather at 40% from above the low end. SAP’s failure to self-disclose cost it an estimated $20 million under the Sentencing Guidelines. SAP’s failure to self-disclose and recidivism cost it a potential $94.5 million in discounts under the Corporate Enforcement Policy. The DOJ’s message could not be any clearer.

In addition to these enforcement actions, Kenneth Polite, in a speech announcing changes in the Corporate Enforcement Policy, made clear the importance of self-disclosure in the eyes of the DOJ. “Our existing policy provides that if a company voluntarily self-discloses, fully cooperates, and timely and appropriately remediates, there is a presumption that we will decline to prosecute absent certain aggravating circumstances involving the offense’s seriousness or the offender’s nature. These aggravating circumstances include, but are not limited to, involvement by executive management of the company in the misconduct; a significant profit to the company from the wrongdoing; egregiousness or pervasiveness of the misconduct within the company; or criminal recidivism.” If a company self-discloses, but a criminal resolution is warranted, our existing policy offers 50% off of the low end of the applicable Sentencing Guidelines penalty range.

He re-emphasized this position: “When a company has uncovered criminal misconduct in its operations, the clearest path to avoiding a guilty plea or an indictment is voluntary self-disclosure.  It is also the clearest path to the greatest incentives that we offer, such as a declination with disgorgement of profits.” While noting the difficulty of a company deciding to self-disclose, “we are underscoring that a corporation that falls short of our expectations does so at its own risk. Make no mistake – failing to self-report, cooperate, and remediate fully can lead to dire consequences.” [emphasis supplied]

The DOJ could not be clearer. The No. 1 lesson is that you need to self-disclose if you want any of the benefits available.

Categories
Blog

Self-Disclosure is Now the Key

The Department of Justice (DOJ) has been making significant strides in emphasizing the importance of voluntary self-disclosure in corporate enforcement cases, particularly in the Foreign Corrupt Practices Act (FCPA) realm. This shift in approach is evident in recent policy announcements and enforcement actions, beginning with the 2022 ABB Foreign Corrupt Practices Act (FCPA) settlement to the 2023 Albemarle FCPA resolution and continuing to the 2024 SAP Foreign Corrupt Practices Action settlement. Through these three resolutions,  the DOJ clarified that its most important criteria for evaluating a company for a fine under the FCPA is whether or not it self-discloses.

Representatives of the DOJ Kenneth Polite and Lisa Monaco further discussed this incentive in speeches in 2023. In announcing a revision to the 2017 FCPA Corporate Enforcement Policy, which became the 2023 Corporate Enforcement Policy, Kenneth Polite emphasized the ‘need for speed’ both in self-disclosure and during the pendency of any FCPA or compliance real compliance-related involving the DOJ.

The DOJ’s focus on incentivizing self-disclosure is a strategic move to encourage companies to come forward with violations and cooperate with authorities. The new Corporate Enforcement Policy offered up to a 75% reduction in penalties for voluntary disclosure. This discount is available even if there were ‘aggravating factors’ in the matter, such as C-Suite involvement in bribery and corruption. The DOJ could not send a more precise signal and be more transparent about what they want and will incent. This approach reflects a broader trend toward rewarding companies that proactively address compliance issues and work collaboratively with law enforcement agencies.

One of the key factors influencing the DOJ’s enforcement actions is the impact of recidivism. In October 2021, the DOJ, through a speech by Lisa Monaco and memorialized in the 2023 Evaluation of Corporate Compliance Programs (2023 ECCP), made it clear that it will not tolerate repeat offenders and is prepared to impose harsh penalties on companies that fail to self-disclose violations. However, even recidivist companies are encouraged to come forward and address compliance issues head-on, with the potential for significant penalty reductions if they demonstrate genuine cooperation and remediation efforts. The ABB resolution, in which the company was the first three-time FCPA recidivist yet received a superior outcome, once more demonstrated the DOJ’s current focus. The attempted self-disclosure fell short by only a day or two, as ABB had scheduled a meeting with the DOJ to self-disclose but had not formally done so. In the interim, a news story broke in South Africa about ABB’s systemic bribery and corruption in that country.

Although this factor was absent from the SAP enforcement action, the DOJ’s message regarding the benefits of self-disclosure and the DOJ’s expectation of self-disclosure could not have been clearer. Under the Corporate Enforcement Policy, SAP’s failure to self-disclose costs it an opportunity of at least 50% and up to a 75% reduction off the low end of the acceptable range of the US Sentencing Guidelines. Its actions as a criminal recidivist resulted in it not receiving a reduction of at least 50% and up to 75% from the low end of the USSG acceptable range but rather at 40% from above the low back. SAP’s failure to self-disclose cost it an estimated $20 million under the Sentencing Guidelines. Its inability to self-disclose and recidivism cost it a potential $94.5 million in discounts under the Corporate Enforcement Policy. The DOJ’s message could not be any clearer.

There was a significant discussion in the NPA around Albemarle’s voluntary self-disclosure to the DOJ. However, NPA noted that “the disclosure was not “reasonably prompt” as defined in the Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy and the US Sentencing Guidelines.” The NPA reported that Albemarle learned of allegations regarding possible misconduct in Vietnam approximately 16 months before disclosing them to the DOJ. Interestingly, the SEC Order only stated, “Albemarle made an initial self-disclosure to the Commission of potential FCPA violations in Vietnam after completing an internal investigation of such conduct and, simultaneously, self-reported potential violations it was investigating in India, Indonesia, and China. Albemarle later self-disclosed potential violations in other jurisdictions to the Commission as part of an expanded internal investigation.”

This meant the self-disclosure “was not within a reasonably prompt time after becoming aware of the misconduct in Vietnam,” which means that Albemarle did not meet the standard for voluntary self-disclosure under the Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy. While the DOJ “gave significant weight” to the Company’s voluntary disclosure, even if untimely, disclosure of the misconduct is undoubtedly cautionary.

The tradeoffs involved in balancing different factors, such as self-disclosure, cooperation, and remediation, can present challenges for companies navigating the complex landscape of FCPA enforcement. While the DOJ’s emphasis on self-disclosure offers potential benefits regarding penalty reductions and monitoring requirements, companies must carefully weigh the risks and rewards of voluntary disclosure against the possible consequences of non-disclosure.

The importance of considering the impact of decisions about the DOJ’s FCPA enforcement actions cannot be overstated. Companies that prioritize a culture of compliance, proactive monitoring, and data-driven analytics are better positioned to detect and address potential violations before they escalate into costly enforcement actions. By aligning their compliance programs with the DOJ’s expectations and demonstrating a commitment to ethical business practices, companies can mitigate the risks associated with FCPA violations and build a strong foundation for long-term success.

What the DOJ wants is self-disclosure as soon as possible. One only needs to recall the case of Cognizant Technologies, where the company received a complete declination, and there were allegations of C-Suite involvement in the bribery schemes. This Declination was provided mainly because the company self-disclosed only two weeks after the information was filtered to the Board of Directors. While Cognizant Technologies may be the gold standard, a company’s timely self-disclosures can be considered for a full Declination.

Categories
FCPA Compliance Report

FCPA Compliance Report – Tom Fox and Michael Volkov Look at Incentives for Self-Disclosure

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom Fox welcomes back Michael Volkov as they take a deep dive into the ABB, Albemarle, and SAP FCPA enforcement actions to try and unpack the DOJ’s pivot away from heavy penalties for recidivists to prioritizing self-disclosure above all else.

Volkov’s perspective on the Department of Justice’s (DOJ) FCPA enforcement actions is both critical and analytical, shaped by his extensive experience. He underscores the necessity of transparency and explanation in the factors considered by the DOJ, highlighting its significance to practitioners in the field. Volkov also recognizes the shift in DOJ policy towards data-driven compliance, requiring companies to provide data to substantiate their conclusions and demonstrate their compliance efforts. He further notes the evolving landscape of voluntary disclosure and remediation, suggesting these areas are now pivotal in the DOJ’s enforcement approach. Volkov’s insights reflect a nuanced understanding of the changing dynamics in FCPA enforcement and the imperative for companies to adapt to these shifts.

Key Highlights:

  • Importance of Cooperation in Corporate Enforcement Cases
  • Incentivizing Self-Disclosure in DOJ’s FCPA Enforcement
  • Increased Penalty Reduction for Voluntary Self-Disclosure
  • DOJ’s Evolving Approach to Corporate Penalties
  • Benefits of Voluntary Self-Disclosure in Enforcement

Resources:

Volkov Law Group

Corruption, Crime and Compliance

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

 

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
FCPA Compliance Report

FCPA Compliance Report – Navigating DOJ Investigations: Insights from Joshua Drew

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom Fox welcomes Joshua Drew, a Member of Miller & Chevalier who practices in the firm’s white collar and FCPA practice areas.

Joshua Drew, a seasoned attorney with a rich background in the Department of Justice (DOJ) and the Foreign Corrupt Practices Act (FCPA), recently joined the litigation group at Miller & Chevalier. His perspective on joining the firm is largely influenced by his admiration for the team’s expertise, having interacted with several of the firm’s lawyers during his tenure at Vimple.com, now Veon. He also found the firm’s practice areas, particularly FCPA work and general litigation, to be in perfect alignment with his experience. Moreover, he appreciated the firm’s smaller size, strategic focus, and subject-matter expertise, making his decision to join Miller & Chevalier a no-brainer.

To learn more about Joshua Drew’s journey and his insights, join Tom Fox and Joshua Drew on this episode of the FCPA Compliance Report.

Key Highlight:

  • Drews’s extensive Compliance and Litigation Experience
  • Streamlining Investigations and Improving Compliance at HP
  • Life under the monitor at Veon
  • Impressive Team and Strategic Focus at Miller
  • Incentivizing Disclosure and Cooperation in Mergers

Resources:

Joshua Drew on LinkedIn

Miller & Chevalier Chartered

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

 

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
Blog

The SAP FCPA Enforcement Action-Part 5: Lessons Learned

We conclude our series on the initial Foreign Corrupt Practices Act (FCPA) enforcement action. It involved the German software giant SAP. While the conduct which led to the enforcement action occurred for a lengthy period of time and was literally worldwide in scope, the response by SAP is to be both noted and commended. The hard and impressive work that SAP did during the pendency of the investigation and enforcement action led to a very favorable result for the company in the reduced amount of its assessed fine and penalty as well as the fact that no monitor was mandated by the Department of Justice (DOJ) or Securities and Exchange Commission (SEC). Today, in our final post, we review key lessons learned from the SAP enforcement action.

Remediation

SAP did an excellent job in its remedial efforts. Whether SAP realized as a recidivist of the dire straits it was in after the publicity in South Africa around is corruption or some other reason, the company made major steps to create an effective, operationalized compliance program which met the requirement of the Hallmarks of an Effective Compliance Program as laid out in the 2020 FCPA Resource Guide, 2nd edition.

The remedial actions by SAP can be grouped as follows.

  1. Root Cause, Risk Assessment and Gap Analysis. Here the company conducted a root cause analysis of the underlying conduct then remediating those root causes, conducted a gap analysis of internal controls, remediating those found lacking; and then performed a comprehensive risk assessment focusing on high-risk areas and controls around payment processes, using the information obtained to enhance its compliance risk assessment process;
  2. Enhancement of Compliance. Here the company significantly increasing the budget, resources, and expertise devoted to compliance; restructuring its Offices of Ethics and Compliance to ensure adequate stature, independence, autonomy, and access to executive leadership; enhanced its code of conduct and policies and procedures regarding gifts, hospitality, and the use of third parties; enhanced its reporting, investigations and consequence management processes;
  3. Change in sales models. On the external sales side, SAP eliminated its third-party sales commission model globally, and prohibiting all sales commissions for public sector contracts in high-risk markets and enhanced compliance monitoring and audit programs, including the creation of a well-resourced team devoted to audits of third-party partners and suppliers. On the internal side, SAP adjusted internal compensation incentives to align with compliance objectives and reduce corruption risk;
  4. Data Analytics. Here SAP expanded its data analytics capabilities to cover over 150 countries, including all high-risk countries globally; and comprehensively used data analytics in its risk assessments.

Data Analytics

The references to data analytics and data driven compliance warrant additional consideration. SAP not only did incorporate data analytics into its third-party program but also expanded its data analytics capabilities to cover over 150 countries, including all high-risk countries globally. The SEC Order also noted that SAP had implemented data analytics to identify and review high- risk transactions and third-party controls. The SAP DPA follows the Albemarle FCPA settlement by noting that data analytics is now used by SAP to measure the compliance program’s effectiveness. This language follows a long line of DOJ pronouncements, starting with the 2020 Update to the Evaluation of Corporate Compliance Programs, about the corporate compliance functions access to all company data; this is the second time it has been called out in a FCPA settlement agreement in this manner. Additionally, it appears that by using data analytics, SAP was able to satisfy the DOJ requirement for implementing controls and then effectively testing them throughout the pendency of the DOJ investigation; thereby avoiding a monitor.

Holdbacks

Next was the holdback actions engaged in by SAP. The DPA noted, SAP withheld bonuses totaling $109,141 during the course of its internal investigation from employees who engaged in suspected wrongdoing in connection with the conduct under investigation, or who both (a) had supervisory authority over the employee(s) or business area engaged in the misconduct and (b) knew of, or were willfully blind to, the misconduct, and further engaged in substantial litigation to defend its withholding from those employees, which qualified SAP for an additional fine reduction in the amount of the withheld bonuses under the DOJ’s Compensation Incentives and Clawbacks Pilot Program.

Self-Disclosure

While this factor was not present in the SAP enforcement action, the message sent by the DOJ could not be clearer on not simply the expectation of the DOJ for self-disclosure but also the very clear and demonstrable benefits of self-disclosure. Under the Corporate Enforcement Policy, SAP’s failure to self-disclose cost it an opportunity of at least 50% and up to a 75% reduction off the low end of the U.S. Sentencing Guidelines fine range. Its actions as a criminal recidivist, resulted in it not receiving a reduction of at least 50% and up to 75% from the low end of the U.S.S.G. fine range but rather at 40% from above the low end. SAP’s failure to self-disclose cost it an estimated $20 million under the Sentencing Guidelines. It’s failure to self-disclose and recidivism cost it a potential $94.5 million in discounts under the Corporate Enforcement Policy. The DOJ’s message could not be any clearer.

Extensive Cooperation

There were also lessons to be garnered from SAP’s cooperation with the DOJ. While there was no mention of the super duper, extra-credit giving extensive remediation which Kenneth Polite discussed last year; when SAP began to cooperate, it moved to extensively cooperate. The DPA noted SAP “immediately beginning to cooperate after South African investigative reports made public allegations of the South Africa-related misconduct in 2017 and providing regular, prompt, and detailed updates to the Fraud Section and the Office regarding factual information obtained through its own internal investigation, which allowed the government to preserve and obtain evidence as part of its independent investigation…” Most interestingly, the DPA reported that SAP imaged “the phones of relevant custodians at the beginning of the Company’s internal investigation, thus preserving relevant and highly probative business communications sent on mobile messaging applications.” This is clear instruction around messaging apps in FCPA enforcement actions.

Resources

SEC Order

DOJ DPA

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 6 – DOJ M&A Safe Harbor

In October 2023, Deputy Attorney General Lisa Monaco announced a new policy regarding M&A. It is a Mergers & Acquisitions Safe Harbor policy that encourages companies to self-disclose criminal misconduct discovered by an acquiring company during the acquisition of a target company. Under the policy, the acquiring party will receive a presumption of criminal declination if it promptly and voluntarily discloses criminal misconduct, cooperates with any ensuing investigation, and engages in appropriate remediation, restitution, and disgorgement.

Under this new Mergers & Acquisitions Safe Harbor, which applies across the Department of Justice, companies that promptly and voluntarily disclose criminal misconduct during the Safe Harbor period and then cooperate with the resulting investigation, engage in timely and appropriate remediation, and pay applicable restitution and disgorgement will receive a presumption of a declination. Once again, the key deadlines are as follows:

  • Companies must disclose misconduct discovered (whether pre-or post-acquisition) at the acquired entity within six (6) months from the date of closing.
  • Companies will then have one year from the date of closing to fully remediate the misconduct.

The 6 month and one-year deadlines are subject to modification depending on the specific circumstances and complexity of the transaction. The acquired company can also qualify under the Mergers & Acquisitions Safe Harbor Policy for voluntary self-disclosure benefits. Interestingly, the DOJ clarified that any misconduct disclosed under the Safe Harbor Policy will not implicate or be counted in any future potential recidivist analysis.

Three key takeaways:

1. The DOJ Mergers & Acquisitions Safe Harbor policy encourages companies to self-disclose criminal misconduct discovered by an acquiring company during the acquisition of a target company.

2. The DOJ is seeking to incentivize an acquiring company to timely disclose misconduct uncovered during the M&A process.

3. The DOJ has made it clear that under this new Mergers & Acquisitions Safe Harbor Policy, organizations that do not perform effective due diligence or self-disclose misconduct at an acquired entity will be subject to full successor liability.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 4 – The March 2023 Monaco Speech

In March, Deputy Attorney General (DAG) Lisa Monaco reviewed a number of initiatives by the DOJ that every compliance professional needs to study in some detail. These new initiatives included: (1) The Criminal Division’s Pilot Program Regarding Compensation Incentives and Clawbacks; (2) Evaluation of Corporate Compliance Programs; and (3) Revised Memorandum on Selection of Monitors in Criminal Division Matters.

Monaco set the tone for the week by identifying five general areas of DOJ focus. (1) Inspiring a Culture of Compliance; (2) Voluntary Self-Disclosure Programs; (3) Promoting Compliance through Compensation and Clawback Programs; (4) Resource Commitments to Corporate Criminal Enforcement; and (5 ) Individual Accountability.

Three key takeaways:

1. A culture of compliance continues to be the most important component of DOJ reviews.

2. Self-disclosure will be the number one factor in reducing a potential fine and penalty.

3. Expect more individual accountability.

Categories
Blog

Key Compliance Speeches from 2023 – DAG Monaco on a Culture of Compliance

In March 2023 there were two days of speeches from the DOJ which added to the compliance complexity.  The speeches were made by Deputy Attorney General (DAG) Lisa Monaco (2023 Monaco Speech) and Assistant Attorney General Kenneth A. Polite, Jr. (Polite Speech) and they discussed a number of initiatives by the DOJ which every compliance professional needs to study in some detail. Today we will review the 2023: (1) The Criminal Division’s Pilot Program Regarding Compensation Incentives and Clawbacks; (2) Evaluation of Corporate Compliance Programs; and (3) Revised Memorandum on Selection of Monitors in Criminal Division Matters.

In the fall 2021, Monaco announced the “Corporate Crime Advisory Group to recommend more advances, based on input, and this is important, input from outside as well as inside the department.” This led to the September 2022 announcement of the Monaco Doctrine as laid out in the Monaco Memo where the DOJ changed its focus to “promoting cultures of corporate compliance, while also ensuring consistency and predictability in the way the government treats corporate crime.” Her goal was to “empower companies to do the right thing, by investing in compliance, in culture and in good corporate citizenship — while at the same time empowering our prosecutors to hold accountable those who don’t follow the law.”

At the end of the day, perhaps the most significant pronouncement from Monaco was the following “in today’s complex and uncertain geopolitical – very uncertain quite frankly – geopolitical environment, corporate crime and national security are overlapping to a degree never seen before, and the department is retooling to meet that challenge.” This fits with the Biden Administration’s Strategy on Combatting Corruption, which elevated the fight against bribery and corruption through enforcement of laws such as the Foreign Corrupt Practices Act (FCPA) to a National Security Issue. Of course, the Biden DOJ has said several times in the past that “Sanctions are the new FCPA” and Monaco reiterated that in her speech last week.

Monaco set the tone for the week by identifying five general areas of DOJ focus. (1) Inspiring a Culture of Compliance; (2) Voluntary Self-Disclosure Programs; (3) Promoting Compliance through Compensation and Clawback Programs; (4) Resource Commitments to Corporate Criminal Enforcement; and (5 ) Individual Accountability.

A Culture of Compliance

The Monaco Memo “emphasized the department’s commitment to finding the right incentives to promote and support a culture of corporate compliance.” Monaco hoped to do so by creating two new areas of focus in addition to those laid out in the FCPA Resource Guide,  the 2017 Evaluation of Corporate Compliance Program and its 2020 Update and Chief Compliance Officer (CCO) certification requirement. In the 2023 Monaco Speech, she stated, “I noted two new areas of particular focus: a cross-department approach to promoting voluntary self-disclosure and how compensation structures can foster responsible corporate behavior. We want companies to step up and own up when they discover misconduct and to use compensation systems to align their executives’ financial interests with the company’s interest in good corporate citizenship.”

What is interesting about these two components is that they previously existed but were made more important in the Monaco Memo. Clear rewards for self-disclosure have been a part of FCPA enforcement since 2016 with the initiation of the Pilot Program around self-disclosure. Financial incentives and penalties (carrots and sticks) have been a part of best practices compliance programs since at least 2004 and were included in the original 2012 FCPA Resource Guide. But now a company must engage in both actions to demonstrate a “culture of compliance” to obtain the presumption of a declination under the Corporate Enforcement Policy.

Voluntary Self-Disclosure

Seemingly buried in the speech is perhaps the most significant statement about white collar criminal enforcement. Monaco said, “Now, with respect to voluntary self-disclosure, I am pleased to report that, for the first time, every U.S. Attorney’s Office now has, and every component I should say, that prosecutes corporate crime, now has in place an operative, predictable and transparent voluntary self-disclosure program. These policies share a common principle: absent aggravating factors, no department component will seek a guilty plea where a company has voluntarily self-disclosed, cooperated and remediated the misconduct.” She went on to add, “Let me be very clear. I want every general counsel, every executive and board member to take this message to heart: where your company discovers criminal misconduct, the pathway to the best resolution will involve prompt voluntary self-disclosure to the Department of Justice.” Her example was an excellent one: the ABB FCPA enforcement action.

Compensation and Clawbacks

Once again Monaco emphasized a part of every best practices compliance program over the past 20 years, financial incentives for doing business ethically and in compliance. However, in her 2023 Speech, she emphasized the disincentives or clawbacks. She stated, “First, every corporate resolution involving the Criminal Division will now include a requirement that the resolving company develop compliance-promoting criteria within its compensation and bonus system…Second, under the pilot program, the Criminal Division will provide fine reductions to companies who seek to claw back compensation from corporate wrongdoers.”

Monaco said the goal is “to shift the burden of corporate wrongdoing away from shareholders, who frequently play no role in the misconduct, onto those directly responsible.” The DOJ will incentivize such behavior in the following manner. “At the outset of a criminal resolution, the resolving company will pay the applicable fine, minus a reserved credit equaling the amount of compensation the company is attempting to claw back from culpable executives and employees. If the company succeeds and recoups compensation from a responsible employee, the company gets to keep that clawback money — and also doesn’t have to pay the amount it recovered.  And because we heard from stakeholders about how challenging and how expensive the pursuit of clawbacks can be, the pilot program will also ensure that those who pursue clawbacks in good faith but are unsuccessful are still eligible to receive a fine reduction.”

Resource Commitments

This section of the speech deals with DOJ resource commitments but it is still significant. Here Monaco emphasized the intersection of corruption, money-laundering, sanctions and National Security. This continues the Biden Administration trend on this score. There are new and additional resources the DOJ is bringing to bear in all of these areas. This includes the international arena as well. But a huge part of this commitment is that companies are now seen in many ways as the front line of criminal enforcement through self-disclosure of illegal conduct. If the DOJ continues down this path, both the incentives for self-disclosure and cooperation as well as the pain the DOJ will bring for companies which do self-disclose will be significant.  Monaco closed her speech with the following, “Investing now in a robust compliance program is good for business, and it is good for our collective economic and national security.”

Individual Accountability

As far back as 2015, in the Yates Memo, the DOJ has said they will emphasize individual accountability, through individual, as opposed to corporate, enforcement actions. In her speech, Monaco pointed to charges brought against two of the current most prominent alleged fraudsters, Sam Bankman-Fried and Carlos Watson and the convictions out of Theranos; Elizabeth Homes and Sunny Balwani. She also stated, “The Criminal Division’s Fraud Section, for example, secured more individual convictions at trial last year than in any of the previous five years.  So, our message is clear: the department will zealously pursue corporate crime in any industry, and we will hold wrongdoers accountable, no matter how prominent or powerful they are.” While this has yet not been seen in FCPA enforcement, perhaps it will be this year and beyond.

Tomorrow we will review the Polite Speech.

Categories
Blog

Albemarle FCPA Enforcement Action: Part 5 – Lessons Learned

Over the past several blog posts, I have been exploring the Albemarle FCPA enforcement action.  We have explored in some detail the DOJ Non-Prosecution Agreement (NPA) and the SEC Administrative Order(Order). In this final blog post on the series, I want to suss out some lessons for the compliance professional.

Consequence Management

When Kenneth Polite announced the Pilot Program in conjunction with the 2023 Evaluation of Corporate Compliance Programs (ECCP), the focus was largely on clawbacks. However, the relevant section in the ECCP was entitled “Consequence Management,” indicating a broader focus on both incentives to do business ethically and in compliance as well as disincentives. The ECCP asked a series of questions:

  • Has the company considered the impact of its financial rewards and other incentives on compliance?
  • Has the company evaluated whether commercial targets are achievable if the business operates in a compliant and ethical manner?
  • What role does the compliance function have in designing and awarding financial incentives at senior levels of the organization?
  • How does the company incentivize compliance and ethical behavior? What percentage of executive compensation is structured to encourage enduring ethical business objectives?
  • Are the terms of bonus and deferred compensation subject to cancellation or recoupment, to the extent available under applicable law, in the event that non-compliant or unethical behavior is exposed before or after the award was issued?
  • Does the company have a policy for recouping compensation that has been paid where there has been misconduct?
  • Have there been specific examples of actions taken (e.g., promotions or awards denied, compensation recouped, or deferred compensation canceled) as a result of compliance and ethics considerations?

The NPA noted that Albemarle engaged in holdbacks, as they did not pay bonuses to certain employees involved in the conduct or those who had oversight. The NPA stated, “The Company withheld bonuses totaling $763,453 during its internal investigation from employees who engaged in suspected wrongdoing.” The illegal conduct involved those who “(a) had supervisory authority over the employee(s) or business area engaged in the misconduct; and (b) knew of, or were willfully blind to, the misconduct.” The significance of this effort was vital as it qualified Albemarle for an additional fine reduction of a dollar-for-dollar credit of the amount of the withheld bonuses under the Criminal Division’s March 2023 Compensation Incentives and Clawbacks Pilot Program.

Indeed, Deputy Attorney General Lisa Monaco, in a recent speech, said, “The pilot program also rewards companies that claw back or withhold incentive compensation from executives responsible for misconduct – or attempt to do so in good faith. For every dollar that a company claws back or withholds from an employee who engaged in misconduct – or a supervisor that knew of or turned a blind eye to it – the Department will deduct a dollar from the otherwise applicable penalty that the resolving company would pay.”

She specifically cited the Albemarle FCPA resolution, where “the company received a clawback credit for withholding bonuses of employees who engaged in misconduct. Not only did Albemarle keep the bonuses that would have gone to wrongdoers, but the company also received an offset against its penalty for the same amount. That’s money saved for Albemarle and its shareholders – and a concrete demonstration of the value of clawback programs.”

 Remediation During Investigation

The NPA cited several remedial actions by the company that helped Albemarle obtain the superior result in terms of the discounted fine and penalty. These steps were taken during the pendency of the DOJ investigation so that when the parties were ready to resolve the matter, Albemarle had built out an effective compliance program and had tested it. The NPA provided that Albemarle:

  • Strengthening its anti-corruption compliance program by investing in compliance resources, expanding its compliance function with experienced and qualified personnel, and taking steps to embed compliance and ethical values at all levels of its business organization;
  • Transformed its business model and risk management process to reduce corruption risk in its operation and to embed compliance in the business, including implementing a go-to-market strategy that resulted in eliminating the use of sales agents throughout the Company, terminating hundreds of other third-party sales representatives, such as distributors and resellers, and shifting to a direct sales business model;
  • Provided extensive training to its sales team and restructured compensation and incentives so that compensation is no longer tied to sales amounts;
  • Used data analytics to monitor and measure the compliance program’s effectiveness and
  • We are engaged in continuous testing, monitoring, and improvement of all aspects of its compliance program, beginning almost immediately following the identification of misconduct.

Two of the factors are relatively new and certainly are noteworthy for the compliance professional. The first is the change in the company’s approach to sales and their sales teams. Obviously, it was corrupt third-party agents that brought the company to such FCPA grief. Many of the quotes in the NPA and Order make it clear that Albemarle executives had an aversion to paying bribes but had greater moral flexibility when a third-party agent was involved. This led to the company moving away from third-party agents to a direct sales force.

Moving to a direct sales force does have its risks, which must be managed, but those risks can certainly be managed with an appropriate risk management strategy, monitoring of the strategy, and improvement; those risks can be managed. Yet there is another reason, and more importantly, a significant business reason, to move towards a direct sales business model. Every time you have a third-party agent or anyone else between you and your customer, you risk losing that customer because your organization does not have a direct relationship with the customer. By having a direct sales business model, your organization will have a direct relationship with your customer and, therefor, the ability to develop it further.

The NPA also specifically called out the Company’s use of data analytics in two ways. The first was to monitor the Company’s compliance program, and the second was to measure the compliance program’s effectiveness. While this language follows a long line of DOJ pronouncements, starting with the 2020 Update to the Evaluation of Corporate Compliance Programs, about the corporate compliance functions’ access to all company data, this is the first time it has been called out in a settlement agreement in this manner. Moreover, although not specifically tied to the lack of a required corporate Monitor, it would appear that by using data analytics, Albemarle was able to satisfy the DOJ requirement for implementing controls and then effectively testing them throughout the pendency of the DOJ investigation.

Internal Controls Over Commission Increases

According to the SEC Order, the Company failed to devise and maintain a sufficient system of internal accounting controls with respect to commission rates and deviations from contracted rates. In other words, even though there were internal controls in place for the setting of third-party agents’ commissions, they could be overridden at will. The Order concluded by noting, “As a result, sales personnel were able to increase agents’ commission rates in multiple countries – including Vietnam, India, China, and UAE – despite certain Albemarle personnel having knowledge of red flags indicating the agents would use a portion of the commission to make bribe payments to obtain contracts, influence tender specifications, or obtain nonpublic information concerning competitors’ bids.”

Every compliance professional should review their company’s controls over agents’ commission rates to make sure the business unit personnel alone cannot raise commission rates. While business units can always make the business case, this enforcement action drives home the message that the compliance function is not ‘one and done’ when an agent is approved but must be monitored throughout the third-party relationship lifecycle. Any requested change to a commission rate must go through the same analysis and approval process as the original approval.

Timely Self-Disclosure

There was a significant discussion in the NPA around Albemarle’s voluntary self-disclosure to the DOJ. However, NPA noted that “the disclosure was not “reasonably prompt” as defined in the Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy and the U.S. Sentencing Guidelines.” The NPA reported that Albemarle learned of allegations regarding possible misconduct in Vietnam approximately 16 months before disclosing it to the DOJ. Interestingly, the SEC Order only stated, “Albemarle made an initial self-disclosure to the Commission of potential FCPA violations in Vietnam following its completion of an internal investigation of such conduct and, at the same time, self-reported potential violations it was investigating in India, Indonesia, and China. Albemarle later self-disclosed to the Commission potential violations in other jurisdictions as part of an expanded internal investigation.”

This meant the self-disclosure “was not within a reasonably prompt time after becoming aware of the misconduct in Vietnam,” and it means that Albemarle did not meet the standard for voluntary self-disclosure under the Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy. While the DOJ “gave significant weight” to the Company’s voluntary, even if untimely, disclosure of the misconduct, it is undoubtedly cautionary.

What the DOJ wants is self-disclosure as soon as possible. One only needs to recall the case of Cognizant Technologies, where the company received a complete Declination where there were allegations of C-Suite involvement in the bribery schemes. This Declination was provided in large part because the company made its self-disclosure only two weeks after the information filtered up to the Board of Directors. While Cognizant Technologies may be the gold standard, it shows that if a company timely self-discloses, it can be considered for a full Declination.

The Albemarle FCPA resolution documents are chocked full of solid information that every compliance professional can use in the future. They are well worth a deep dive—finally, a kudos to Albemarle for obtaining this superior result.