It emerged on May 5 that the Department of Justice opened an investigation into Uber’s use of software called “Greyball” that concealed the ride-sharing company’s operations from regulators in cities and countries that did not permit Uber’s services. Since then, the Portland City Council has voted to subpoena documents concerning the program, and lawmakers in Philadelphia and Austin have said they are cooperating with DOJ investigation. Uber allegedly deployed Greyball not only in the United States (including in Boston, Philadelphia, and Las Vegas), but also in Australia, Paris, China, and South Korea.
This is the third in a series of posts where we will explore critical elements of a successful compliance program. In February, the Department of Justice’s Fraud Section offered a new perspective on what the government expects in an anti-corruption compliance program, in the form of a series of questions that companies should be prepared to answer about their program. The guidance offers companies a roadmap for building or assessing their compliance program. In this series, we will explore recent and past guidance on key compliance topics, as well as key takeaways for companies of all sizes.
Policies and Procedures are the cornerstone of a compliance program. While traditional sources of guidance, such as the DOJ and SEC FCPA Resource Guide and DPAs themselves, lay out the government’s fundamental expectations with regard to policies and procedures, the Fraud Section’s new guidance goes deeper, reflecting an approach that will assess not only the existence but also the design and integration of policies and procedures.
The most basic expectation with regard to policies and procedures is that companies will have a code of conduct prohibiting violations of the FCPA and the law’s foreign counterparts. Additionally, companies should have policies and procedures covering, among other things, gifts, travel & entertainment, expenses, political and charitable contributions, and payments to third parties. Finally, traditional sources of guidance make clear that companies should also have a set of finance and accounting internal controls reasonably designed to ensure the maintenance of fair and accurate books and records.
This is the second in a series of posts where we will explore critical elements of a successful compliance program. In February, the Department of Justice’s Fraud Section offered a new perspective on what the government expects in an anti-corruption compliance program, in the form of a series of questions that companies should be prepared to answer about their program. The guidance offers companies a roadmap for building or assessing their compliance program. In this series, we will explore recent and past guidance on key compliance topics, as well as key takeaways for companies of all sizes.
It would be a mistake for companies to dismiss the Fraud Section’s recent guidance, which one high-level DOJ official suggested may be used more broadly by DOJ’s Criminal Division, as business as usual. It is not just more of the same. The guidance does more than merely flesh-out existing direction; it operationalizes compliance. Consider two examples from the guidance’s “Autonomy and Resources” section:
- Empowerment – Have there been specific instances where compliance raised concerns or objections in the area in which the wrongdoing occurred? How has the company responded to such compliance concerns? Have there been specific transactions or deals that were stopped, modified, or more closely examined as a result of compliance concerns?
- Compliance Role – Was compliance involved in training and decisions relevant to the misconduct? Did the compliance or relevant control functions (e.g., Legal, Finance, or Audit) ever raise a concern in the area where the misconduct occurred?
This is the first in a series of posts where we will explore critical elements of a successful compliance program. In February, the Department of Justice’s Fraud Section offered a new perspective on what the government expects in an anti-corruption compliance program, in the form of a series of questions that companies should be prepared to answer about their program. The guidance offers companies a roadmap for building or assessing their compliance program. In this series, we will explore recent and past guidance on key compliance topics, as well as key takeaways for companies of all sizes.
A commitment from high-level management is typically the first compliance component discussed in government guidance and Deferred Prosecution Agreements. Commonly referred to as “Tone at the Top,” this critical concept has previously been described in vague, generic ways. See, for example, this excerpt from Attachment C of DOJ’s recent DPA with Embraer S.A., which is identical to language in many other agreements:
“The Company will ensure that its directors and senior management provide strong, explicit, and visible support and commitment to its corporate policy against violations of the anti-corruption laws and its compliance code.”
Without fanfare or forewarning, the US Department of Justice released new anti-corruption compliance guidance on February 8, 2017. The eight page document provides rare insight into the government’s evaluation of corporate compliance programs. Companies designing compliance programs, conducting internal investigations, or facing a bribery or books and records-related government inquiry can now look to the appropriately titled “Evaluation of Corporate Compliance Programs” for a hint at the types of questions they should be prepared to answer.
As emphasized in the Department of Justice and Security and Exchange Commission’s November 2012 FCPA Resource guide, DOJ’s recent guidance again reinforces that a compliance program should be individualized to a company’s risk profile, and so should the government’s evaluation of the program. The guidance is clearly not a checklist that applies to all. It does, however, provide more detail about the way a company should evaluate its own program. Companies can leverage the information to design more robust compliance programs and better respond to potential violations. READ MORE
According to a report in the Wall Street Journal, the acting Chairman of the Securities and Exchange Commission has centralized authority to issue formal orders of investigation – a critical authority that triggers the ability of SEC staff attorneys to issue subpoenas. The move, which was not publicized by the SEC, would curb existing powers of the Commission’s enforcement staff.
Since 2009, the power to issue formal orders of investigation had been “sub-delegated” to about 20 senior attorneys within the SEC’s Enforcement Division. However, according to the Journal report, acting SEC Chairman Michael Piwowar ordered the authority to be centralized exclusively with the Director of Enforcement. READ MORE
An important issue for companies and their executives that are the subject of an investigation by the federal government is whether, and how early, to cooperate.
On September 27, 2016, Principal Deputy Associate Attorney General Bill Baer delivered remarks at the Society of Corporate Compliance and Ethics Conference, where he laid out in some detail his views on the value of early cooperation with the federal government in financial cases, and the consequences for waiting. As the number 3 attorney in the Department of Justice who is charged with overseeing civil litigation, antitrust, and other large divisions, Baer’s words are significant, and are a further gloss on the so-called “Yates Memo”, which Deputy Attorney General Sally Yates released last September, detailing DOJ’s guidance on individual accountability for corporate wrongdoing.
Speaking specifically about cases against banks and the fallout from protracted litigation involving residential mortgage-backed securities, Baer said those cases could have been resolved more quickly if only the financial institutions “had decided early to cooperate.” Consequently, “each [institution] paid a lot more than it would have if it had cooperated early on.” Recalling that many of these same institutions had nonetheless sought “significant cooperation credit,” Baer stated that DOJ “dismissed the arguments quickly because they so lacked merit.”
So how early is early enough, and how can your company get credit for cooperating? Baer elaborated on recent “internal” guidance he has provided to his attorneys in civil enforcement matters.
In recent months, issues related to internal control systems and reporting have taken on an increased profile and significance. For example, as previously noted by the authors here and here, the SEC has sought to prioritize compliance with internal controls by initiating a growing number of investigations into companies based on allegations of inadequate internal controls.
Internal investigations are an ever-present challenge for companies. They can involve virtually any topic and arise in myriad ways. Embezzlement, accounting improprieties, bribery, and financial statement adjustments can all lead to a closely scrutinized investigation, with likely triggers of whistleblower reports, news articles, litigation demands, or regulatory inquiries. The common denominator is that they present high pressure and/or high stakes. Consequently, it is imperative that matters not be made worse through a flawed internal investigation. In today’s post, we cover some of the essential topics to keep in mind when managing an internal investigation to ensure that the investigation itself does not cause or exacerbate harm to the company.
For the first time in the nearly five years since Dodd-Frank went into effect, the SEC last week took action against a company over concerns that the company was preventing its employees from potentially blowing the whistle on illegal activity. The action is significant because the SEC was targeting seemingly innocuous language in a confidentiality agreement and there were no allegations that the company, KBR, Inc., was otherwise breaking the law.