This episode is the first of a two-part series of podcasts dedicated to the chaotic (at best) first 100 days of the Trump administration as it related to compliance. Today we have Jonathan Armstrong and Jay Rosen. Next week Matt Kelly and Mike Volkov.
For the Cordery Compliance client alerts see the following:
EU conflicts minerals compliance legislation
DOJ Evaluation of Corporate Compliance: how does it compare to UK Bribery Act 2010?
For Jay’s post see,
Still in the Enforcement Business and Evaluation of Corporate Compliance Programs
“It Was the Best of Times, It was the Worst of Times,” or “Ignorance is Strength”
For Matt Kelly’s posts see:
Compliance in the Trump Era: More Markers Placed
Trump Administration Whacks Telco Firm for $892 Million
Drone Industry Pan Trump’s Regulatory
Trump Risk Disclosures Start Rolling In
First SEC Whistleblower Award of Trump Era
Sessions Dodges, Weaves, Promises on FCPA
For Mike Volkov’s posts see the following:
Yates, AG Sessions and Individual Criminal Prosecutions
New E-Book — Moving the Goalposts: The Justice Department Redefines Effective Compliance
FCPA Remediation Focus on Supervisory Personnel
For Tom Fox’s posts on the Trump administration’s first 100 days see the following:
The Trump Administration-Kaos is Bad for Business
The Trump Administration-Failures in Leadership and Management
The Trump Administration-Preparing for a Catastrophe
The Trump Administration-the Business Response
The members of the Everything Compliance panel include:
One of the areas that many companies have not paid as much attention to in their Foreign Corrupt Practices Act (FCPA) anti-corruption compliance programs is compensation. However the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have long made clear that they view monetary structure for compensation, rewarding those employees who do business in compliance with their employer’s compliance program, as one of the ways to reinforce the compliance program and the message of compliance. As far back as 2004, the then SEC Director of Enforcement, Stephen M. Cutler, said “[M]ake integrity, ethics and compliance part of the promotion, compensation and evaluation processes as well. For at the end of the day, the most effective way to communicate that “doing the right thing” is a priority, is to reward it.” The FCPA Guidance states the “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance program, and rewards for ethics and compliance leadership.”
A Harvard Business Review (HBR) article, entitled “The Right Way to Use Compensation”, discussed a company’s design and redesign of its employee’s compensation system to help drive certain behaviors. The piece’s subtitle indicated how the company fared in this technique as it read, “To shift strategy, change how you pay your team.” The article lays out a framework for the Chief Compliance Officer (CCO) or compliance practitioner to operationalize compensation as a mechanism in a best practices compliance program.
As your compliance program matures and your strategy shifts, “it’s critical that the employees who bring in the revenue-the sales force-understand and behave in ways that support the new strategy. The sales compensation system can help ventures achieve that compliance.” The prescription for you as the compliance practitioner is to revise the incentive system to focus your employees on the goals of your compliance program. This may mean that you need to change the incentives as the compliance programs matures; from installing the building blocks of compliance to burning anti-corruption compliance into the DNA of your company.
There are three key questions you should ask yourself in modifying your compensation structure. First, is the change simple? Second, is the changed aligned with your company values? Third, is the effective on behavior immediate due to the change?
Simplicity
Your employees should not need “a spreadsheet to calculate their earnings.” This is because if “too many variables are included, they may become confused about which behaviors” you are rewarding. Keep the plan simple and even employee KISS, Keep it simple sir, when designing your program. If you do not do so, your employees might fall back on old behaviors that worked in the past. Roberge notes, “It should be extraordinarily clear which outcomes you are rewarding.”
The simplest way to incentive employees is to create metrics that they readily understand and are achievable in the context of the compliance program. This can start with attending Code of Conduct and compliance program training. Next might be a test to determine how much of that training was retained. It could be follow up, online training. It could mean instances of being a compliance champion in certain areas, whether with your employee base or third party sales force.
Alignment
As the CCO or compliance practitioner, you need to posit the most important compliance goal your entity needs to achieve. From there you should determine how your compensation program can be aligned with that goal. Roberge cautions what the DOJ and SEC both seem to understand, that you should not “underestimate the power of your compensation plan.” You can tweak your compliance communication, be it training, compliance videos, compliance reminders or other forms of compliance messaging but it is incumbent to remember that “if the majority of your company’s revenue is generated by salespeople, properly aligning their compensation plan will have greater impact than anything else.”
The beauty of this alignment prong is that it works with your sales force throughout the entire sales channel. If your sales channel is employee based then their direct compensation can be used for alignment. However, such alignment also works with a third party sales force such as agents, representatives, channel ops partners and even distributors. Here Roberge had another suggestion regarding compensation that I thought had interesting concepts for third parties, the holdback or even clawback. This would come into place at some point in the future for these third parties who might meet certain compliance metrics that you design into your third party management program.
Immediacy
Finally, under immediacy, it is important that such structures be put in place “immediately” but in a way that incentives employees. Roberge believes that “any delay in the good (or bad) behavior and the related financial outcome will decrease the impact of the plan.” As a part of immediacy, I would add there must be sufficient communication with your employee or other third party sales base. Roberge suggested a town hall meeting or other similar event where you can communicate to a large number of people.
Even in the world of employee compensation incentives, there should be transparency. He cautioned that transparency does not mean the design of the incentive system is a “democratic process. It was critical that the salespeople did not confuse transparency and involvement with an invitation to selfishly design the plan around their own needs.” However, he did believe that the employee base “appreciated the openness, even when the changes were not favorable to their individual situations.” Finally, he concluded, “Because of this involvement, when a new plan was rolled out, the sales team would understand why the final structure was chosen.”
So just as Roberge, working with HubSpot as a start-up, learned through this experience “the power of a compensation plan to motivate salespeople not only to sell more but to act in ways that support a start-up’s evolving business model and overall strategy”; you can also use your compensation program as such an incentive. For the compliance practitioner one of the biggest reasons is to first change a company’s culture to make compliance more important but to then burn it into the fabric of your organization. But you must be able to evolve in your thinking and professionalism as a compliance practitioner to recognize the opportunities to change and then adapt your incentive program to make the doing of compliance part of your company’s everyday business process.
Three Key Takeaways
This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.
In this episode, Roy Snell and I discuss the following:
In metrics laid out by former Assistant Attorney General Leslie R. Caldwell, she spoke about the need for compliance program incentives. She posed it with the following question, “Are there mechanisms to enforce compliance policies? Those include both incentivizing good compliance and disciplining violations.”
I think most compliance professionals understand the need to discipline employees who may have violated the Foreign Corrupt Practices Act (FCPA) or otherwise engaged in bribery and corruption. However, many CCOs and compliance practitioners do not focus as much attention to compliance incentives. I have developed six core principles for incentives, adapted from an article in the Spring 2014 issue of the MIT Sloan Management Review entitled “Combining Purpose with Profits” and reformulated them for the compliance function in an anti-corruption compliance program.
Obviously, this list is not exhaustive. Yet it is now more important than ever that you demonstrate tangible incentives for your employees to gain benefits, both financial and hierarchical, thorough doing business ethically, in compliance with your own Code of Conduct and most certainly in compliance with the FCPA. It is also a requirement that such actions must be documented so they can be demonstrated to the DOJ if they come knocking and look to employ the metrics which Caldwell has laid out for us all.
Three Key Takeaways
This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.
In this episode I caught up with Paula Long, founder and CEO of DataGravity, Inc. at the recently concluded Collision 2017 Conference. Paula has worked in the data and information space for over 30 years and now helps companies with data security and data privacy. We discuss the intersection of these issues with compliance and how they all converge for a CCO or compliance practitioner. The site has some great resources for the compliance practitioner and data professional including white papers on continuous monitoring of sensitive data and detecting and tracking anomalous use and behaviors around data. Check out more about Paula and DataGravity by going to the site DataGravity.com.
In the Department of Justice’s Evaluation of Corporate Compliance Programs, Prong 8 Incentive and Disciplinary Measures it states:
Incentive System – How has the company incentivized compliance and ethical behavior? How has the company considered the potential negative compliance implications of its incentives and rewards? Have there been specific examples of actions taken (e.g., promotions or awards denied) as a result of compliance and ethics considerations?
Further, one of the key points that representatives of the DOJ and Securities and Exchange Commission (SEC) have continually raised when discussing any best practices compliance program; whether based on the Ten Hallmarks of an Effective Compliance Program, as articulated in their 2012 FCPA Guidance, or some other articulation such as in a Deferred Prosecution Agreement’s (DPA) Attachment C embedded in a compliance program. They continually remind Chief Compliance Officers (CCOs) and compliance practitioners that any best practices compliance program should have incentives as a part of the program.
The 2012 Guidance is clear that there should be incentives for not only following your own company’s internal Code of Conduct but also doing business the right way, i.e. not engaging in bribery and corruption. On incentives, the Guidance says, “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance program, and rewards for ethics and compliance leadership. Some organizations, for example, have made adherence to compliance a significant metric for management’s bonuses so that compliance becomes an integral part of management’s everyday concern.” But the Guidance also recognizes that incentives need not only be limited to financial rewards as sometime simply acknowledging employees for doing the right thing can be a powerful tool as well.
All of this was neatly summed up in the Guidance with a quote from a speech given in 2004 by Stephen M. Cutler, the then Director, Division of Enforcement, SEC, entitled, “Tone at the Top: Getting It Right”, to the Second Annual General Counsel Roundtable, where Director Cutler said the following:
[M]ake integrity, ethics and compliance part of the promotion, compensation and evaluation processes as well. For at the end of the day, the most effective way to communicate that “doing the right thing” is a priority, is to reward it. Conversely, if employees are led to believe that, when it comes to compensation and career advancement, all that counts is short-term profitability, and that cutting ethical corners is an acceptable way of getting there, they’ll perform to that measure. To cite an example from a different walk of life: a college football coach can be told that the graduation rates of his players are what matters, but he’ll know differently if the sole focus of his contract extension talks or the decision to fire him is his win-loss record.
All of this demonstrates that incentives can take a wide range of avenues. The oilfield services company Weatherford, annually awards cash bonuses of $10,000 for employees who go above and beyond in the area of ethics and compliance for the company. While some might intone that is to be expected from a company that only recently concluded a multi-year and multi-million dollar enforcement action; if you want emphasize a change on culture, not much says so more loudly than awarding that kind of money to an employee.
While I am sure that being handed a check for $10,000 is quite a nice prize, you can also consider much more mundane methods to incentivize compliance. You can make a compliance evaluation a part of any employee’s overall evaluation for some type of year end discretionary bonus payment. It can be 5%, 10% or even up to 20%. But once you put it in writing, you need to actually follow it.
But incentives can be burned into the DNA of a company through the hiring and promotion processes. There should be a compliance component to all senior management hires and promotions up to those august ranks within a company. Your Human Resources (HR) function can be a great aid to your cause in driving the right type of behavior through the design and implementation of such structures. Employees know who gets promoted and why. If someone who is only known for hitting their numbers continually is promoted, however they accomplished this feat will certainly be observed by his or her co-workers.
Three Key Takeaways
This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.
Over some breakfast tacos and Mexican coffee, Jay and I have a wide-ranging discussion on some of the week’s top compliance related stories. We discuss:
Uganda considers a demand side response to corruption. See Tom’s article in Compliance Week. What are the rationales for anti-corruption legislation? See Tom’s post on the rationales underlying the FCPA on the FCPA Compliance Report.
Why is hiring so important under for compliance? It is because hiring is important to any company’s health and reputation. At this point, until the US Supreme Court tells us that a corporation is the same as a human being, with both obligations and rights; a company is only as strong as its employees. Like most areas of compliance good hiring practices for those employees who will do business in compliance with anti-corruption laws such as the FCPA are simply good business practice. I have seen one industry estimate, it costs an average of roughly $4,000 to replace a single employee, and one survey of 2,500 companies found that a single bad hire can cost more than $25,000 in lost productivity, lower morale and the like. For one of the energy services company where I worked this estimate went as high as $400,000 to hire and fully train a new employee. I would add that those costs could go up significantly if a bad hire violates the FCPA.
As far back as 2004, in Opinion Release 04-02, the Department of Justice (DOJ) realized this was an important part of an overall compliance program when it approved a proposed compliance program that had the following requirement:
Clearly articulated procedures which ensure that discretionary authority is not delegated to persons who the company knows have a propensity to engage in illegal or improper activities.
One tool which that is often overlooked in the hiring process is the reference check. Many practitioners feel that a reference is not of value because prospective candidates will only list references that they believe will provide glowing recommendations of character. This leads to a pro forma reference check. However, in an article in Harvard Business Review (HBR), entitled “Gilt Groupe’s CEO on Building a Team of A Players”, author Kevin Ryan explodes this misconception by detailing how he views the entire hiring process and specifically checking references. I would add that it could be a valuable and useful tool for you and your compliance program.
In the hiring of personnel, Ryan details the three steps his company takes: (1) Resume review; (2) In-Person interview; and (3) Reference checks. Ryan believes that resumes are good for establishing “basic qualifications for the job, but not for much else.” He believes that the primary problem with in-person interviews is that they are skewed in favor of “persons who are well spoken [or] present well.” For Ryan, the key check is through references and he says, “References are really the only way to learn these things?”
Ryan recognizes that many people believe that reference checks are not of great value because companies cannot or will not give out much more information than confirming dates of employment. However, he also believes that “the way around it is to dig up people who will speak candidly.” He also recognizes that if you only speak to the references listed on a resume or other application, you may not receive the most robust appraisal. Ryan responds that the answer is to put in the work to check out references properly. Ryan believes this is one of the key strengths of search firms and that companies should emulate this practice when it comes to reference checks.
He notes that anyone who has worked in an industry for any significant length of time will have made many connections. Invariably some of these connections will be acquainted with you or those in your current, and former, company. Ryan gave the following example: A longtime friend who was employed at another company called and said that he had been asked by his hiring partner to find out “the real story” on a hiring candidate by asking Ryan his candid opinion of the candidate. Ryan’s response was “Don’t hire him.” Lest you think that such refreshing honesty no longer exists when informal employment references are provided, you are mistaken. In my past corporate position, I was charged with performing compliance due diligence on senior executives and I spent time doing what Ryan suggested, calling acquaintances that I knew and asking such direct questions. More than 75% of the time, I got direct responses.
Ryan believes that you must invest your company in the hiring process to get the right people for your company. The same is true in compliance. You do not want people with a propensity for engaging in corrupt acts working for, or leading, your company. Moreover, failure to prevent such hires can be evidence of an not effective compliance program and lack of appropriate commitment to compliance at your company.
The hiring of someone who will perform business activities in compliance with anti-corruption laws such as the FCPA will continue to be as much art as science because the hiring of quality employees for senior management positions is similarly situated. But that does not mean a company cannot work to not hire those persons who might have a propensity to engage in bribery and corruption if the situation presented itself. The hiring process is just one more tool that can be utilized to build an effective and operationalized compliance program.
Three Key Takeaways
This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.
One of the theories of conventional wisdom about anti-corruption compliance is that you will never be able to reach 5% of your workforce with compliance training because they are predisposed to lie, cheat and steal anyway. Whether they are simply sociopaths, scumbags or just bad people; it really does not matter. No amount of training is going to convince them to follow the rules, as they do not think such laws apply to them. They will lie, cheat and steal no matter what industry they are in and what training you provide to them. But knowing such people exist and they may be able to lie, con or otherwise dissimilate their way into your organization does not protect your company from FCPA liability when they inevitably violate the law by engaging in bribery and corruption. It is still the responsibility of your company to prevent and detect such conduct and then remediate if it occurs.
This is where your HR function has a dual role. They can work to help weed out such miscreants and to communication your corporate values of doing business ethically, in compliance and aligned with your corporate values of integrity. Today, I want to consider several techniques which might be used to both help in the hiring process and begin the ongoing communications with prospective employees about your values at the pre-employment process in the employment relationship lifecycle.
Through a structured series of questions, a properly trained HR professional can begin to assess whether an employee might have a propensity to engage in bribery and corruption. By adding information about your company’s values towards doing business ethically and in compliance, you can introduce this topic at either the interview evaluating process or in the promotion process. While true sociopaths will most certainly lie to you, perhaps even convincingly, by introducing the topic at such a pre-employment stage, they may be encouraged to take their skills elsewhere.
In a Corner Office column of the New York Times (NYT), entitled “Three Keys to Hiring: Skill, Will and Fit”, Adam Bryant interviewed Marla Malcolm Beck, the Chief Executive Officer (CEO) of Bluemercury. She had several lessons that are helpful when trying to have your company avoid bringing in the five per-center mentioned above.
Avoiding the hiring or promotion of the sociopaths, is a key tool that HR brings to the table. Beck’s approach is to take a short interview technique in which she attempts to assess, Skill, Will and Fit. She said, “I’ll ask, “What’s the biggest impact you had at your past organization?” It’s important that someone takes ownership of a project that they did, and you can tell based on how they talk about it whether they did it or whether it was just something that was going on at the organization. Will is about hunger, so I’ll ask, “What do you want to do in five or 10 years?” That tells you a lot about their aspirations and creativity. If you’re hungry to get somewhere, that means you want to learn. And if you want to learn, you can do any job. In terms of fit, I’m looking for people who have some sort of experience with a smaller company. At big companies, your job is really one little piece of the pie. I need someone who can make things happen and is comfortable with ambiguity.”
Another approach was suggested by Russell Goldsmith, the Chairman and Chief Executive Officer (CEO) of City National Bank in Los Angeles, CA. He was interviewed by Adam Bryant for the Corner Office column entitled, “What’s Your Story” Tell It, and You May Win a Prize”. Goldsmith focuses on character by directly asking the prospective hires what their expectations are in coming to work at City National because if the person is not a good match for the company, both parties will be better off if he or she does not go to work there in the first place. Goldsmith also asks if a prospective hire has any questions for him. Goldsmith believes it is important for a candidate to not only have questions but to ask them as well. He stated, “Not because I want them to kind of butter me up or something. It tells me several things. Sometimes people don’t have a single question. And if you have any curiosity, here is your window. I mean, you are thinking of changing your entire career and you have 40 to 60 minutes with the C.E.O., and you don’t have a single question about the company?”
An interesting example came from an interview of Brian Ching, the General Manager of the Houston Dash, the city’s professional women’s soccer team. The Dash are quite active in the local community, not only sent its players out into the community to meet fans but also encouraged its players to adopt local charities and become involved to create greater community involvement. The Dash left it up to the individual player as to which charity they might want to be involved with.
I asked him how the team could work to draft or sign players or prospects who are willing to engage in that type of community development. He said that in addition to the metrics and traditional scouting it involved having a frank discussion with any prospective signing about what would be expected of her as a Dash member. If getting out, meeting and interacting with the fans was not something that the prospective player was interested in doing that was considered in the evaluation process. This last point is assessed during face-to-face interviews with any prospect.
Something that may not seem important for professional athletes is the ability to get out and engage with the community, however this was viewed as not only an important part of the job description with the team but a key job skill which was required. For prospective Dash players, this meant that there had to be some direct conversations about not only the team’s expectations but also the prospects ability to engage in those activities.
Ching’s discussion about how they communicate their expectations was also an important point that the compliance practitioner should also consider in the interview process and compliance. Just as the Dash use the interview process to convey expectations, they also use the interview to directly inquire from candidates whether they would be willing to go out into the public and represent the franchise. This is important when interviewing for compliance positions and for senior management positions in companies as well.
Another approach was suggested by Mike Tuchen, Chief Executive Officer (CEO) of the software vendor Talend, in an interview by Adam Bryant for the NYT Corner Office Column entitled “Watch the Road, Not the Wipers”. I thought Tuchen’s thoughts on hiring from the compliance perspective were pertinent. When he interviews, “The first questions are always going to be about management and leadership style. And I’ll ask a number of open-ended questions about what’s important to get right as a leader. Some people will talk about the people on the team and the best way to motivate them. The answers that kind of scare me are from candidates who talk about people as if they’re something on a spreadsheet. Leadership and management are all about people.” Clearly for Tuchen, leadership is about people and this should be so for any CCO who is interviewing as well.
Three Key Takeaways
This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.
Today, I conclude my review of FCPA enforcement actions that involved the corporate hiring function. From these three cases I have considered, it is clear that HR must be involved in compliance and if HR hiring controls are over-ridden there must be an appropriate consideration of the risk management issues.
In November 2016, JP Morgan Chase (JPM) and its subsidiary, JPMorgan Securities (Asia Pacific) Limited (JPM-APAC) resolved its FCPA matter, obtaining a NPA from the DOJ with a penalty of $72MM, agreeing to a Cease and Desist Order (“Order”) from the SEC, with a penalty consisting of profit disgorgement and interest of $135MM, and reaching an agreement with the Federal Reserve Bank (Fed) for a Consent Cease and Desist Order (Fed Order) to put in place a best practices compliance program and pay a penalty of $61MM. The total fines and penalties paid by JPM for its violation of the FCPA was $268 MM.
The conduct involved JPM-APAC’s Client Referral Program, named the “Sons & Daughters Program” (Sons and Daughters), which targeted children of high Chinese government officials and employees of state-owned enterprises, other close family members and even close friends and associates of foreign officials and employees of state-owned enterprises for hiring in a blatant attempt to win business. It was designed, created and implemented by the top management of JPM-APAC, which went so far as to keep a tally of those persons hired by JPM-APAC and JPM tied to specific business development. As noted in the NPA, “certain senior executives and employees of (JPM-APAC) conspired to engage in quid pro quo agreements with Chinese officials”. The language quid pro quo is replete throughout the settlement documents because that is the specific language used by JPM-APAC personnel when discussing Sons and Daughters.
These actions led to over $100MM in profit to JPM. While JPM was certainly aware that many of these hires did not meet the companies stringent hiring requirements, there never seemed to be oversight of this illegal program or even investigation into the clear red flags presented by the company’s actions. What is more JPM knew the high-risk in hiring family members of foreign officials as far back as 2001 and indeed, had a written policy prohibiting such conduct. However, in 2006, this program morphed into a targeted program “directly attributable linkage to business opportunity”, and lasted until 2013. Over seven years, over 100 family members went through the program, with parents in more than 10 different Chinese government agencies. The program extended from new hires to summer internships to lateral hires.
JPM-APAC tracked the metrics of Sons and Daughters, the with “a spreadsheet that tracked hires to specific clients, while also tracking revenue attributable to those hires.” This spreadsheet was so detailed that it delineated “columns for each hire, the referring client, the relationship of the candidate, and the amount of revenue generated attributable to the hire in U.S. dollars.” Finally as noted in the NPA, a of the purpose of this level of documentation “was to track deals that resulted from the hires and measure revenue associated with Client Referral Program hires.” So the corruption scheme and the benefits obtained therefrom were fully documented.
The Son and Daughters program began as a FCPA risk management tool and listed five requirements to be considered for hire at JPM-APAC: “(1) whether the applicant was qualified for the position; (2) whether the applicant had gone through the normal interviewing process; (3) whether the referring client/potential client was government-related; (4) whether the firm was actively pitching for any business from the client/potential client; and (5) whether there was an “expected benefit to JPMorgan” for hiring the referred candidate.” These criteria were designed to act as internal control to prevent illegal hiring under the FCPA but it morphed into a program to disguise the true reason for these hires.
Worse, it appears that both the HR and compliance functions were complicit in the scheme to violate the FCPA because on at least one instance where the JPM-APAC business unit sponsor noted on the form “[t]he hiring of this candidate will place JPMorgan in a more favorable position for securing future business from the client.” This business justification morphed into the next iteration, “The candidate will be trained by JPMorgan for couple of years and then go to local bank. Thus, will bring more business”; all because the company’s compliance and HR functions “instructed the JPMorgan-APAC employee to remove the offending language, writing, “[h]iring of the candidate should not be for the purposes of securing future business of the firm. Please remove.” Further damning to the JPM-APAC compliance and HR functions was that of the more than 200 candidates hired through the Sons and Daughters program, none were rejected by either HR or compliance.
In addition to the tying of business to the hiring’s under the Sons and Daughters program, there was the additional problem that these hires did not meet JPM’s basic hiring and retention standards. According to the Order, one JPM-APAC representative described those hired under the program “as a protected species requiring [senior management] input. His reporting line to you is accountable but like national service.” Both the Order and NPA were replete with document evidence that the hires under Sons and Daughters did not meet minimum hiring standards and they often failed to meet minimum standards for retention at the company. The Box Score is a summary from the NPA of some of the candidates which clearly did not meet JPM hiring standards, yet who were hired and where such hires under the Sons and Daughters program brought benefits to JPM.
| Foreign Official or SOE employee | Reasons for hire | Candidate deficiencies | Deficiencies as JPM employee | Benefit tied to hire |
| Client 1 | Maintain good relationship with client |
|
| $4.82MM profit |
| Client 2 | Quid pro quo for business |
|
| JPM-APAC lead underwriter on IPO |
| Client 3 |
| Not very impressive, poor GPA | Attitude issue. He doesn’t seem to care about work. Don’t need to have an intern doing nothing | JPM-APAC lead underwriter on IPO |
| Client 4 | Promised IPO work | Not qualified for job at JPM. Tech and quantitative skills ‘light’ | Communication skills and interest in work lagged his peers | JPM-APAC lead underwriter on IPO. $23.4MM profit |
| Government Official 1 | Father would go the extra mile to help JPM | Worst business analyst candidate ever seen | Immature, irresponsible and unreliable. Sent out sexually inappropriate emails | JPM-APAC lead underwriter on IPO |
| Government Official 2 | Hire would ‘significantly’ influence role of JPM-APAC | Unlikely to meet hiring standard | New York not comfortable with his work. Recommends he follow a different career path | JPM-APAC lead underwriter on IPO |
One thing that the resolution decidedly does not stand for is the proposition that a company can never hire a family member of a foreign official or employee of a state-owned enterprise. Indeed, it was one JPM-APAC compliance officer (albeit a new one) in 2013 who stopped the entire Sons and Daughters program with the following reason for denying a family member a position at the company, writing, “I’m afraid from an anti bribery [sic] and corruption standpoint, we cannot create positions to accommodate client requests….”. This statement clearly shows that when an official refers a family member for hire, a red flag should go up. It also demonstrates why compliance should be involved in any high-risk endeavor. If there is no position which the candidate can fill based upon their own qualifications at your company, that should be the end of the discussion, full stop.
What are the criteria compliance can advise to HR to operationalize the compliance issues in hiring? There are three questions I suggest be used to analyze the hiring of a family member of foreign official or state-owned enterprise. They can also be installed as internal controls.
If the answer to the first question is “No” and the second two “Yes”, you may well be in a high-risk area of violating the FCPA. You should investigate the matter quite thoroughly and carefully. Finally, whatever you do, Document, Document, and Document your investigation, both the findings and the conclusions.
These questions can be set up as internal controls. This is another example of how a company can operationalize compliance and burn it into the fabric and DNA of an organization. Further, it provides another level of oversight or “a second set of eyes” on the hiring process around hires that are high-risk under the FCPA or other anti-bribery/anti-corruption regime such as the UK Bribery Act.
Three Key Takeaways
This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.
In this episode, Matt Kelly and I take a deep dive into the weeds of the soon-to-be-released the House Financial Services Committee, the Financial Choice 2.0 Act. We consider some of the ideas in the legislation which Matt thinks are bad including:
1. Repeal of the Chevron deference repealed.
2. Attempts to clip the SEC rule making authority.
3. Exempting more companies which desire to go public from SOX 404(b) requirements and reporting.
4. (Matt's most particular bad idea) The exemption of more filers exempted from XBRL reporting.
We also discuss some of the potential benefits from the legislation and where it may all go in the Senate.
For more see Matt's blog post House GOP Regulatory Reform Axe, on his site Radical Compliance.
Up until the summer of 2015, hiring practices under the FCPA were not been given much thought or widely discussed. However that began to change in the summer of 2015 when the SEC announced a resolution with Bank of New York Mellon Corporation (BNY Mellon) for violations of the FCPA. This was the first enforcement action around the now infamous Princess-lings and Princelings investigation where US companies hired the sons and daughters of foreign officials to curry favor and obtain or retain business.
In this matter the BNY agreed to pay $14.8 million to settle charges that it violated the Foreign Corrupt Practices Act (FCPA) by providing valuable student internships to family members of foreign officials affiliated with a Middle Eastern sovereign wealth fund.
The Order also specified how the hiring of the relatives led directly to BNY Mellon obtaining and retaining business. One foreign official, made a personal request that BNY Mellon provide internships to two of his relatives: his son and nephew. As a Middle Eastern Sovereign Wealth Fund department head, he had authority over allocations of new assets to existing managers and was viewed within the bank as a “key decision maker” at the Middle Eastern Sovereign Wealth Fund. The second foreign official, who had authority to make decisions directly impacting BNY Mellon’s business asked that BNY Mellon provide an internship to the official’s son.
Added to all of this was that none of the three individuals met the BNY Mellon requirements for its internship program; they met neither the academic or professional requirement to obtain an internship. BNY Mellon not only waived its own hiring requirements, it did not even go through the pretense of meeting with them or interviewing them. Finally, these three individuals were provided with personalized, rotational internships so they had the opportunity to work in a number of different BNY Mellon business units, enhancing the value of the work experience beyond that normally provided to interns.
Red Flags
In February 2016, came the Qualcomm enforcement action. In addition to the types of facts presented in BNY, there were additional reasons not to hire the family member of a foreign official. The candidate was rated as a “No Hire” because not only was he not a “skill match” for the company but he did not even “meet the minimum requirements for moving forward with an offer”. Finally, among the Qualcomm team involved in the interview process, “there was an agreement that he would be a drain (not even neutral) on teams he would join.” Yet he was offered a job as a “special favor”. [Emphasis supplied]. If someone is so unqualified that employing them will negatively impact the company, there must be another very good reason to hire them, such as providing a benefit to their father, who is an official under the FCPA.
Lessons Learned Going Forward
The obvious starting point for any hiring of a close family member of a foreign governmental official is whether the candidate is qualified for the position. If they are not qualified it is ‘Full Stop’ at that point. In the case of BNY Mellon there was no evidence any of the candidates had the academic background, the academic credentials, leadership traits or intangible skills to meet the bank’s normal internship hiring criteria. As with any other anomaly granted in a company’s normal process, there must be a documented reason for the exception, review by appropriate authority of the exception and documentation as to why the exception was granted. None of these steps were present in the BNY Mellon matter. Put another way, if you are hiring a family member or close relative of a foreign official for any reason other than merit, it had better be a darn good one and well-documented as to your decision-making calculus with appropriate senior management oversight.
But your risk management does not stop simply with the hiring process. If the foreign governmental official is the person who made the request for the hiring of the family member, this is a Red Flag not to be overlooked. Your analysis needs to be on the role of that foreign governmental official in awarding new business to your company or in retaining old business. If the foreign governmental official has direct or even strong indirect control over such business relation, this may present such a direct conflict of interest, this may be a risk that you cannot manage. A good rule of thumb here is whether there is full transparency in the hiring with the foreign government involved with your company. In the case of BNY Mellon, they did not want anyone in the Sovereign Wealth Fund to know BNY Mellon had hired the son or nephew. That is a clear sign transparency is lacking and someone, somewhere is engaging in unethical conduct, if not breaking the law.
Finally, if you do decide to move forward and hire the close family member, you need to assign that new hire to work not associated with the business relationship between your company and the foreign government involved. Just as in the lifecycle of third party management, managing the relationship after a contract is inked is in many ways the most critical element; the same is true in the employment relationship involving close family members of foreign officials.
Ultimately, you need to have internal controls to ensure effective compliance going forward. You cannot have customer relationship managers making the calls on hiring which over-ride the Human Resources (HR) procedures. There must be not only HR review but also mechanisms to flag for compliance review such hires. Lastly, there needs to be sufficient senior management oversight because this is such a high-risk proposition.
Three Key Takeaways
This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.
In this podcast, Marc Bohn and James Tillen from the firm of Miller & Chevalier, discuss their recent publication entitled, "Evaluating FCPA Pilot Program: Declinations on the Rise" where they review the state of Department of Justice's Foreign Corrupt Practices Act declinations after one year of the agency's enforcement Pilot Program, which sought to promote greater accountability for companies and individuals who violate the FCPA, while rewarding those who voluntarily self-disclose violations and cooperate with investigations and remediation efforts. They discuss the following issues:
For additional reading on FCPA enforcement in 2017, see Miller & Chevalier's FCPA Spring Review 2017.
Day 1- The Role of Human Resources in Operationalizing Compliance
This month, I will consider the role of Human Resources (HR) in operationalizing a best practices compliance program. I have long advocated for a greater role of Human Resources (HR) in a compliance program. Indeed, one sign of a mature Foreign Corrupt Practices Act (FCPA) compliance and ethics program is the extent to which a company’s HR Department is involved in implementing a solution. While many practitioners do not immediately consider HR as a key component of a FCPA compliance solution, it can be one of the lynch-pins in spreading a company’s commitment to compliance throughout the employee base. HR can also be used to ‘connect the dots’ in many divergent elements of a FCPA compliance and ethics program.
Even more importantly is the operationalization of compliance into the fabric of the business. One of the key indicia of compliance program effectiveness is how thoroughly each separate corporate discipline incorporates compliance into its everyday job functions. An active and functioning compliance program will literally be alive in each department in an organization.
HR has as many touchpoints as any other corporation function with employees. From interviews to onboarding, through evaluations and performance appraisals, even to the separation process; HR leads many of the corporate touchpoints. Each one of these touchpoints can be used teach, educate and reinforce the message of doing business ethically and in compliance with laws such as the US Foreign Corrupt Practices Act (FCPA), UK Bribery Act or any similar legislation.
The Department of Justice Evaluation of Corporate Compliance Programs (Evaluation) listed four specific areas of HR touchpoints in a best practices compliance program, found under Prong 8, Incentives and Disciplinary Measures
Accountability – What disciplinary actions did the company take in response to the misconduct and when did they occur? Were managers held accountable for misconduct that occurred under their supervision? Did the company’s response consider disciplinary actions for supervisors’ failure in oversight? What is the company’s record (e.g., number and types of disciplinary actions) on employee discipline relating to the type(s) of conduct at issue? Has the company ever terminated or otherwise disciplined anyone (reduced or eliminated bonuses, issued a warning letter, etc.) for the type of misconduct at issue?
Human Resources Process – Who participated in making disciplinary decisions for the type of misconduct at issue?
Consistent Application – Have the disciplinary actions and incentives been fairly and consistently applied across the organization?
Incentive System – How has the company incentivized compliance and ethical behavior? How has the company considered the potential negative compliance implications of its incentives and rewards? Have there been specific examples of actions taken (e.g., promotions or awards denied) as a result of compliance and ethics considerations?
When you consider the number of touchpoints, HR has in the employment life cycle, its role in facilitating the operationalization of compliance becomes clear. At each of these touchpoints, HR can take the lead in operationalizing compliance. Additionally, each touchpoint provides an opportunity for ongoing communications with a prospective employee, newly hired employee, seasoned employee or one moving up into the ranks of management about the need for ethical dealings and compliance with company values as set out in the Code of Conduct and operationalized in the compliance policies and procedures.
By using these touch points HR can demonstrated the shared commitment requirement found in Prong 2 of the Evaluation as well as provide ongoing communications as laid out in Prong 6. There are few other corporate departments which have so many employee touchpoints as HR. Every compliance practitioner should use HR to operationalize compliance through the variety of touchpoints and expertise available to a compliance professional through a corporate HR department. As a key first step, I would suggest that every compliance professional head down to your corporate HR department and have a cup of coffee with your functional equivalent. Find out not only what they do but how they do it and then explore how you can further operationalize your compliance program through these HR-employee touchpoints.
Over this next month, I will be considering the role of HR in all of these steps and more. Further, over the past 20 months there have been 3 Foreign Corrupt Practices Act (FCPA) enforcement actions which spoke directly to the role of HR and hiring in a compliance program. I will begin with these three cases and move through the employment lifecycle.
Three Key Takeaways