FCPA Compliance Report

Tom Fox has practiced law in Houston for 30 years and now brings you the FCPA Compliance and Ethics Report. Learn the latest in anti-corruption and anti-bribery compliance and international transaction issues, as well as business solutions to compliance problems.
RSS Feed Subscribe in Apple Podcasts
FCPA Compliance Report





All Episodes
Now displaying: November, 2016
Nov 30, 2016

What is risk and how should it be evaluated? What is the data that should be reviewed to determine if an increase in sales is based on unethical or even illegal behavior? Finally, what happens when you migrate company personnel who have been involved in such illegal or unethical behavior to other locations, does their nefarious conduct spread throughout the organization or is it curtailed? In this episode Matt Kelly and I explore some of these questions and others. 

Every Chief Compliance Officer (CCO) and compliance practitioner understands that the sales side of a business is where the highest risk is located because that is most generally the side of the business which generates the most money and potential profit. Yet looking at sales numbers are not something which compliance professionals will generally have access to as a part of a compliance program. 


Sales spikes in low performing regions can and should be reviewed by a wide variety of disciplines within an organization, including compliance. One would think that companies would want to know and understand the reasons for any sales increase so that it could be determined if such strategies might work in other areas of a company’s operations. This is true for the compliance function as well. As far back as the December 2012, in the Eli Lilly Foreign Corrupt Practices Act (FCPA) enforcement action brought by the Securities and Exchange Commission (SEC), I raised the issue that a dramatic sales increase should be reviewed by compliance to determine if there were any corruption issues involved. This same logic works for sales in the US over products as benign as debit cards. Moreover, if you consider whether the issue should be reviewed by a Board of Directors, it certainly would be material for one state region going from worst to first in sales. 

One CCO told me that every time he hears an employee who wins a sales award for making numbers wildly far above plan, he wonders what might have led to such remarkable attainment. Sales spikes is data that increasingly becomes more important for compliance to consider. Just as the Key Energy FCPA enforcement specifically mentioned transaction monitoring around massive increases in gift giving in a geographic region where sales had spiked.

Nov 29, 2016

Show Notes

  1. Introduction
    1. What is the FAR
    2. What’s the differences with DFARs
    3. What types of companies should be concerned
    4. What are some examples of covered with these regs (eg. Ozone depleting substances, child labor, sanctions/debarment)
  2. Reporting requirements
  3. What sort of resources are available to help demonstrate compliance

  What is the Federal Acquisition Regulation (FAR)

  • The purpose of the FAR is to provide uniform policies and procedures for acquisition of goods supplied to the US federal government. Among its guiding principles is to have an acquisition system that satisfies customer's needs in terms of cost, quality, and timeliness; minimize administrative operating costs; conduct business with integrity, fairness, and openness; and fulfill other public policy objectives
  • At over 1,800 pages in its entirety, is a substantial and complex set of rules governing the procurement of all goods and services required by the U.S. Government
  • When a federal government agency issues a contract, it will specify the applicable FAR provisions, which may be numerous. In order to be awarded a contract, a company must either comply with the provisions, demonstrate that it will be able to comply with them once awarded, or claim an exemption from them (eg. Small business exemption)
  • All government issued contracts include any number of the FAR and/or DFARS clauses either in full text or by reference requiring the company issued the contract to demonstrate compliance to the requirements
  • Failure to comply with the requirements of FAR and DFARS may result in loss of contract or monetary fines

 What’s the differences with DFARs?

  • Updated in July of this year the DFARS is one of the best-known examples of an agency supplement to the FAR addressing further reporting requirements put forth by the Department of Defense
  • This supplement covers contracts with the office of the secretary of defense, branches of the military, and other defense agencies
  • In order to be in the running for one of these highly lucrative defense contracts, companies need to stay on top of the latest changes to DFARS and ensure their contracts, systems and processes reflect these requirements

 What types of companies should be concerned?

  • Companies that conduct their business with agencies of the US govt including defense contractors
  • Additionally those companies selling to organizations which conduct business with agencies of the US govt. will likely be asked to supply certain documentation to support their customer’s ability to demonstrate compliance
  • Winning a federal or defense contract means complying with laws and regulations unique to those doing business with the government. Many new contractors as well as their suppliers, are often unprepared for the rules and regulations they must follow and demonstrate, which can lead to costly errors and potential legal problems

 Why should they be concerned? 

  • Depending on the type of end product provided to government agencies, different types of concerns or risk becomes a focus in such situations

Reporting Requirements

  • In many cases sufficient screening, policy reviews and certification collection and validation will allow reporting companies to demonstrate compliance. But the issue isn’t necessarily what you have to collect to demonstrate compliance to meet FAR requirements (or report to customers which are obligated to) it’s how you do it.  Having a platform which can automate the data collection process as well as act as a repository is where most struggle…
  • What sort of resources are available to help me demonstrate compliance with these regs
    • We’ve created workflows to meet 48 of the specific FARs/DFARS supplier reviews and data collection processes
Nov 21, 2016

This episode is dedicated exclusively to where FCPA enforcement, SEC enforcement, the compliance profession and compliance programs may be headed under the Trump administration, with a dash of anti-trust enforcement and EU Privacy Shield.

  • Mike Volkov about where FCPA enforcement may be headed. We explore how FCPA cases are largely self-funded through company internal investigations which are turned over to the Justice Department. Volkov discusses funding and resources for the Department’s FCPA unit. He also touches on potential (or the lack thereof) of anti-trust enforcement going forward.

For Volkov’s post, “A New Administration: A New FCPA Enforcement Regime?” click here.

  • Matt Kelly leads a discussion on how the new administration may view the SEC going forward. He considers the announced resignation of SEC Chairman Mary Jo White and the appointment (and dismissal) of Kevin O’Connor from Trump’s transition team. Matt explains how Trump’s attacks on Dodd-Frank focus on easing rules for capital formation not on the whistleblower provisions or other sections more applicable to the compliance profession.

For Kelly’s posts, see the following:

  1. Five Post-Election Points for CCOs to Ponder;
  2. It’s Starting: Disclosure of ‘Trump Risk’;
  3. Compliance in the Trump Era, Part I: The SEC;
  4. A CCO Voice Emerges in Trump World; and
  5. Well That Didn’t Last Long
  • Jonathan Armstrong leads a discussion of the view from across the pond on where anti-corruption compliance enforcement may be headed after the election. He considers what the effects might be on the UK Serious Fraud Office (SFO)? He also considers what the effect of the Trump election might mean for EU and UK privacy advocates, privacy protections and privacy legislation going forward. He also discusses issues surrounding Privacy Shield. Privacy Shield faces a number of challenges from regulators, courts and possibly from the European Parliament.  A new Trump administration is likely to make Privacy Shield’s future even more uncertain.  Jonathan’s thoughts on Privacy Shield are here -

For Armstrong’s blog post, “What does the election of President Trump mean for compliance?” click here.

  • Jay Rosen takes us through how all of this may well be much ado about nothing. He points out that the compliance profession will continue to thrive as it becomes more as a part of business processes. From his role as ‘Mr. Translations’ he explains that companies have been moving compliance into the fabric of organizations and that by doing so, companies become better run, more efficient and more profitable.

For Rosen’s blog post (and great riff off of The Clash) “Should I Stay or Should I Go?”, click here.

  • For my blogs posts on these topics see the following:
  1. FCPA Enforcement Going Forward in the Trump Administration;
  2. Compliance Isn’t Going Away (and neither should you), Part I;
  3. Compliance Isn’t Going Away (and neither should you), Part II;
  4. Compliance Isn’t Going Away (and neither should you), Part III; and
  5. Why FCPA Compliance Makes America Great.

The members of the Everything Compliance panel include:

  • Jay Rosen (Mr. Translations) – Jay is Vice President of Legal & Corporate Language Solutions at United Language Group. Rosen can be reached at
  • Mike Volkov – One of the top FCPA commentators and practitioners around and is the Chief Executive Officer (CEO) and owner of The Volkov Law Group, LLC. Volkov can be reached at
  • Matt Kelly – Founder and CEO of Radical Compliance, is the former Editor of the noted Compliance Week Kelly can be reached at
  • Jonathan Armstrong – Rounding out is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at

For additional reading check out some of the following posts:

  1. Over at the Global Anti-Corruption Blog, Matt Stephenson talks about his nightmare version of a Trump administration for the global fight against anti-corruption.
  2. NYT Times DealB%K- on what DOJ and SEC enforcement may look like going forward.
  3. Sam Rubenfeld at the WSJ Corruptions Currents online site,a collection of some thoughts on what a Trump administration may mean for compliance.
  4. SCCE CEO Roy Snell tells us how he has seen it all before and advises everyone to wait a year and see what happens.
  5. Finally, in an uncharacteristically restrained post, the FCPA Professor advises everyone to take a deep breath, when it comes to FCPA enforcement under a Trump administration.
  6. Mike Scher advises President-Elect Trump to consider compliance officers.
Nov 18, 2016

Show Notes for Episode 30, week ending November 18, 2016-the Thanksgiving edition:

  1. Teva Pharmaceuticals reserves $520MM for FCPA settlement, reported in the FCPA Blog.
  2. JP Morgan FCPA enforcement action surrounding its ‘Sons and Daughters’ hiring program. Non-Prosecution Agreement and SEC Cease and Desist Order.
  3. SEC 2016 Report of the Office of Whistleblower.
  4. 2st edition of Everything Compliance Podcast, devoted entirely to issues of FCPA, Dodd-Frank and SEC enforcement under Trump, the compliance profession going forward and what does the new administration mean for EU Privacy Shield. (Podcast available on Monday, November 21).
  5. Mike Scher on his open letter to President-Elect Trump on the importance of compliance professionals going forward. Click here for the FCPA Blog posting, Dear President Trump, Compliance officers are still underdogs
  6. How about them Cowboys. Who you got for MVP, Prescott or Brady?
  7. Additional reading on the background to JP and views on the enforcement effort, see:
  8. FCPA Professor NPR Interview;
  9. Matthew Stephenson agrees with the enforcement theory, while Andy Spalding doesn’t; and
  10. Penn Law Review take on the issues involved.
Nov 17, 2016

In this episode, Matt Kelly and I take a deep dive into a couple of issues surrounding the new Trump administration. The first is the 'Trump Risk' disclosure that several companies have made since the election. The second is around Dodd-Frank and the SEC going forward. When Trump speaks about repealing Dodd-Frank, it means easing rules for capital formation, not the whistleblower program or other more traditional compliance related roles and issues. We discuss Paul Adkins, who is heading up the Trump transition at the SEC and what his prior tenure at the SEC may portend. Finally we discuss why the SEC whistleblower program is not going away but there may be a change in focus from the current aggressive approach under Chairman Mary Jo White.  We wave good-bye to Kevin O'Connor who was in then out on the Trump DOJ transition team. For more reading see Matt's blog posts:

1.Compliance in the Trump Era, Part I: The SEC

2. It's Starting: Disclosure of 'Trump Risk'

Nov 15, 2016

In this episode, I visit with white collar defense specialist Sara Kropf, founder of the Kropf Law Firm. She discusses defending corporate executives and employees who are caught up in corporate internal investigations which may be turned over to the government. She discusses how the Yates Memo has changed the relationship between such employees, their counsel and the company. She blogs at Grand Jury Target blog. 

Some of the issues we explore include the following. 

  1. What are the obligations of inhouse counsel to inform an employee of his or her potential 5thamendment rights before an interview?
  2. Does the DOJ emphasis on internal investigations turn outside counsel to a de facto arm of the government for criminal procedure purposes if there is a chance the internal investigation will be disclosed to the government?
  3. What should a company do if the DOJ instructs them to stand down and allow the government to interview an employee?
  4. What should a company do if an employee refuses to answer questions or even meet with internal investigators?
  5. What happens is an employee who refuses to meet with company investigators runs to the government to either (1) present their own version of the facts to the DOJ or (2) cut a deal to avoid or lessen prosecution?
  6. What are the different types of proffers?
  7. Why indemnification is critical for senior executives and employees?
Nov 11, 2016

Show Notes for Episode 29, week ending November 11, 2016-the Brave New World   edition: 

  1. Trumps stunning and surprising win and what does it mean for regulatory enforcement and FCPA –See article in the New York Times, Deal Book -- How Trump’s Presidency Will Change the Justice Dept. and S.E.C.; for additional views on see Matt Kelly’s thoughts on his site, “5 Post-Elections Points for CCOs to Ponder; for the nightmare scenario, see Matthew Stephenson’s blog post, “US Anticorruption Policy in a Trump Administration: A Cry of Despair from the Heart of Darkness” and finally Jack Kelly’s perspective from the compliance arena in the financial services sector (Dodd-Frank), “It is Not Looking too Good for Compliance Officers in the New Trump Administration”. The next Everything Compliance podcast will be devoted to this top;
  2. New French Anti-Corruption Law (Saipan II) – click here for Miller & Chevalier newsletter on this new law.
  3. The VW emissions-testing scandal investigation expands. As reported in the FCPA Blog, German prosecutors name VW chairman in expanded probe;
  4. 1st edition of Everything Compliance Podcast, the new podcast in the FCPA Compliance and Ethics Report podcasting network;
  5. Scott Moritz continues his two-part series on compliance and M&A, focusing on post-acquisition. Click here for the FCPA Blog posting, A plan to integrate the compliance program after an acquisition;
  6. Rio Tinto announces it has suspended a senior executive for payment to a consultant to assist the company obtain a mining concession in Guinea that it had previously lost. See blog post on the FCPA Compliance and Ethics Report;
  7. Joe Warin and Julie Rapoport Schenker discuss the intersection of corporations, white collar defense and trials in their law review article on why companies refuse to settle and instead go to trial. To read click here; and
  8. The Jay Rosen Weekend Report.
Nov 10, 2016

In this episode, Matt Kelly and I take a deep dive into how the SEC may look under the Trump administration and what it may portend for FCPA enforcement. We consider how companies currently under investigation or engaged in negotiations for a resolution may position themselves during the final months of the Obama administration. For additional information check out Matt Kelly's blog post on the subject, click here- Five Post-Election Points for CCOs to Ponder

Nov 10, 2016

Show Notes for Episode 1

At the SCCE 2016 Compliance and Ethics Institute, I sat down with four of the top compliance commentators in the field for my first roundtable-style podcast. It was so successful that I persuaded the gang to come back together every couple of weeks for a formal podcast, which is entitled Everything Compliance. The premier episode is available for your listening pleasure today. I will post a new episode every two weeks.

I host these four well-known compliance practitioners and commentators:

  • Jay Rosen (Mr. Translations) - Jay is Vice President of Legal & Corporate Language Solutions at United Language Group. Rosen can be reached at
  • Mike Volkov - One of the top FCPA commentators and practitioners around and is the Chief Executive Officer (CEO) and owner of The Volkov Law Group, LLC. Volkov can be reached at
  • Matt Kelly - Founder and CEO of Radical Compliance, is the former Editor of the noted Compliance Week Kelly can be reached at
  • Jonathan Armstrong - Rounding out is our UK colleague, who is an experienced lawyer with Cordery Compliance Limited in London. Armstrong can be reached at

The format is a roundtable discussion where I throw out a question to one commentator to lead the discussion. From that starting point we will all join in. I also include an “On My Mind” segment where each participant discusses what is on the forefront of their mind. This podcast is longer than my others, coming in at around 60 minutes, which allows us to explore the week’s issues in depth.

In the inaugural episode we discuss the following subjects:

  1. Mike Volkov leads a discussion of the unintended consequences of the Yates Memo/Pilot Program for internal investigations. We explore the issue of “de-confliction” where the government asks a company to halt its own internal investigation for the government to be the first to interview witnesses. We explore de-confliction in the context of a requirement of cooperation to gain the benefits of the pilot program and how such a request from the Department of Justice (DOJ) could lead companies to be unable to disclose to other agencies or to shareholders and keep a Board in the dark about the alleged wrongdoing. What does this mean for the company and the internal investigator?

For Volkov’s post on conflicts of interest (COI) in internal investigations after the Yates Memo, click here.

  1. Matt Kelly leads a discussion on compliance and corporate governance. We explore the issue of compliance being involved in issues around pricing and sales in companies like Valeant and Wells Fargo. We discuss the role of compliance in areas outside of strict legal compliance but may move towards reputational risk, going into such areas as the new revenue recognition standards and executive compensation.

For Kelly’s blog post on the intersection of CEO pay and Chief Compliance Officers (CCOs), click here.

  1. Jonathan Armstrong leads a discussion of funding and the UK Serious Fraud Office (SFO), in the context of the recent announcement that the SFO has received additional or supplemental funding to investigate Unaoil. Why does the SFO need supplemental funding and how does it obtain it? What does all of this mean for the continued existence of the SFO in light of a former critic now being PM? Finally, Armstrong ties all of this into Brexit, his recent interview of Max Schrems and issues surrounding Privacy Shield.

For Armstrong’s interview with Max Schrems, click here and Cordery’s FAQs on Privacy Shield, click here.

  1. Jay Rosen takes us through the compliance conference scene. For those of you who are avid attenders of the various conferences, he discusses some of the key differences in the types observed, such as the nuts and bolts types (SCCE) and others which focus more on commentary (FCPA Blog NYC Conference). He discusses the relative strengths of each and how a compliance professional should think about selecting one or more to attend. He ends with his thoughts on why compliance certification is a plus (or minus).

For Rosen’s blog post Designing Your 2017 Ethics, Compliance & FCPA Conference Schedule, click here.

This new podcast Everything Compliance joins the four other podcasts I have on different aspects of compliance. The original FCPA Compliance and Ethics Report focuses on the nuts and bolts of compliance. Unfair and Unbalanced - is a podcast I do with SCCE CEO Roy Snell. In it we focus on wide ranging issues for the compliance profession. Compliance into the Weeds - is a podcast I do with Matt Kelly where we take a deep dive into the weeds of a compliance issue, typically technology, internal controls or GRC. We both indulge our inner geekiness in this podcast. Jay Rosen and I wrap up each week in FCPA, compliance and ethics with This Week in FCPA. All of these podcasts are available to you on my site, FCPAcompliancereport.comand are available on iTunes under the same name.

Nov 9, 2016

In this second part of a two-podcast series, taped live at SCCE’s 15th Annual Compliance & Ethics Institute, Roy and myself get a chance to interact with a live audience and bounce from topic to topic, discussing:

  • A hard look at whether compliance officers should be involved in setting the salary of CEOs;
  • Arnold Palmer and the culture of ethics;
  • How can we continue to encourage and celebrate ethical individuals?;
  • Whistleblowers and the first-time front-pay award, asking how much pain do the companies have to feel to stop encouraging unethical behavior?; and
  • Should compliance officers sit on the nomination committee and help choose the C-suite? The board?
Nov 8, 2016

In this podcast Matt Kelly and I take a deep dive into an area rarely discussed in the compliance space, namely budgeting. How should you think through the budgeting process; how does your company benchmark against its peer; how can you determine the proper amount of budget for your company's compliance department. We explore these and other questions on this podcast. For additional resources see Matt Kelly's blog post "Finding the Right Compliance Budget for You" on his site, radical

Nov 4, 2016

Show Notes for Episode 28, week ending November 4, 2016-the High Anxiety edition


  1. Assistant Attorney General Leslie R. Caldwell Delivers Remarks Highlighting FCPA Enforcement at GWU Law School, for a copy of her remarks click here;
  2. NYT article on China corruption crack down as it impacted GSK, for a copy of the NYT article click here;
  3. SEC Probes Wells Fargo, Bank Ups Legal Reserves Fund – The New York Times;
  4. Tom Fox series on stakeholder engagement, for each article click for Part I, Part II and Part III; for podcast with Alison Taylor of BSR, click here;
  5. First FCPA Mock Trial Institute-for information and registration, click here; Best of all, for listens of this podcast you are entitled to a 50% discount off the regular price. To get this special rate of $350, you must enter promo code ‘FCP350’when registering online or give the promo code by phone.  Call 800-285-2221 or register online at
  6. Cubs Win World Series
  7. The Jay Rosen Weekend Report
Nov 3, 2016

In this episode, I visit with Duke Law School Professor Samuel Buell about his book Capital Offenses-Business Crime and Punishment in America's Corporate Age. We explore some of his theories on why corporations are so difficult to prosecute, what corruptly means under the FCPA and his ideas on potential reforms. 

Nov 2, 2016

In this part one of a two-part podcast, taped live at SCCE’s 15th Annual Compliance & Ethics Institute, Tom & Roy get a chance to interact with a live audience and bounce from topic to topic, discussing:

  • The breadth and depth of wisdom from the general session speakers this year (a little self-promotion never hurts);
  • What Bill Baer (Principal Deputy Associate Attorney General, U.S. Department of Justice) suggests to keep the DOJ out of your hair;
  • The pervasiveness of modern slavery and human trafficking (Hint: think about how many slaves are in the US right now? Now triple that number. You’re still low.);
  • Then on to Kristy Grant-Hart and her infectious passion for compliance;
  • What it means to attend the CEI and be “with your people;”
  • The difference between being older than soil and older than dirt; and
  • Why we can’t give Roy pens that make noise