There is absolutely no percentage in disagreeing with Mike Volkov. Besides being—and I don’t use this word all that often—brilliant, and an experienced practitioner, and a former prosecutor, and just a heck of a nice guy, he’s usually right.
But with a slight tremor of my fingers on the keys, let me venture into this dangerous world of those who disagree.
To be fair (and I recognize this is another caveat), it’s not just Mike I disagree with. Mike, in his latest blog post, echoes a common theme. The theme—like a lot of the latest drivel masquerading as commentary lately—is something that sounds like someone wants it to be true. But it’s not true at all. It’s a lie. And a dangerous lie at that.
Mike says that the Department’s enforcement regime is well into hubris [don’t be ashamed, go ahead and click through to the definition: I did]. He claims that companies just want clarity:
Companies and practitioners are frustrated because they have to read tea leaves of Justice Department expectations from criminal settlements and official speeches to decipher what is expected of them in the compliance world.
Most business want to comply in good faith but want more specific guidance on what they have to do to comply with the law. Legal interpretations of terms are made by DOJ lawyers with little judicial supervision. These are issues which should be addressed by some type of overall regulatory framework or even like the Ministry of Justice tried to do in releasing guidance for the UK Bribery Act.
I’m sorry, but no. I don’t accept this at all. Whether the Department’s habit of trumpeting its settlements ventures into hubris is something reasonable people can disagree on. I tend to think not, if only because every single agency—and law firm—does the same thing. If everyone has hubris, no one does, don’t you think?
But the idea that companies would jump to comply with the FCPA if only they knew what the DOJ expected of them is total crap. In case you missed the Metcalf and Eddy case back in the 90s, or the 2004 opinion release (04-02) which defined effective compliance, you need only look at Schedule C to any recent deferred prosecution agreement. Or go to any “Luncheon Law” event, or read any of the books written about effective FCPA compliance (including, not for nothing, Mike’s)[which I bought, by the way, and I recommend you buy as well]. At the conference I just chaired (I’m writing this post in the Hong Kong airport), Chuck Duross appeared via Skype and talked about this very thing. How many times have we heard from Chuck, and Mark before him, that programs need to be more than paper?
I’ve done a metric ton of benchmarking, and you’d be amazed at what companies don’t do. What amazes me isn’t that there are 80 companies under investigation, but that the number is only 80.
The problem isn’t that people don’t know what to do. The problem is that they don’t want to do it. Not really. They tell their compliance officer that an extra $500 spent on diligence would “kill the business.” Or “that’s just not how things are done here in ______”. And their senior leaders say they want ethical business, but push comes to shove, they get their bonus only if they meet their sales targets. Which are set in stone.
Or worse, companies come up with all kinds of workarounds, or set up their program to give the appearance of diligence without actually learning anything about the partner.
Companies also know—within a range—what kind of benefit they’ll get from having effective compliance. But because each case is different, the Department must have—absolutely must have—significant discretion on what to reward and how much.
But is this what we want? And do you mean what you’re saying? Companies shouldn’t have to implement effective compliance without knowing their ROI? Companies have to implement effective anti-corruption compliance because companies shouldn’t bribe! Bribery is bad. I think we can all get behind this concept, yes? Bribery leads to things like kids getting killed because construction projects use substandard materials approved through bribery, and the buildings fall down during an earthquake. And if you think I’m being melodramatic, someone at my conference used that very example in training. It really happened. Bribery is a blight that warps markets, and ends up impacting the most the segment of the population that can bear it the least. People struggling with poverty shouldn’t have to deal with forced expediting payments.
And if you’re interested in ROI, let’s talk about the effect of bribery on the ROI of product developement and customer service.
But why do I call this a “dangerous lie?” It’s dangerous because it’s an excuse for inaction. And inertia is a compliance officer’s worst enemy. “Let’s wait until we get some better guidance on what we need to do.” “If the Department can’t tell us what they want, we really can’t justify the expense of the system you want to build; maybe next quarter when the DOJ comes out with the guidance.” It’s tough enough to move companies into the light without experienced practitioners giving them ammunition.
I don’t think the DOJ could be clearer if they gave us a checklist. Oh wait, they did. By the way, for those of you waiting for the guidance, prepare to be underwhelmed. There’s no way—no way at all—that the DOJ is going to put into writing something that will limit their discretion in a meaningful way. They’ll define “foreign official” using the recent decision—I’m betting they’ll quote it exactly—and they’ll talk generally about rewarding effective compliance. But if they say anything significantly different from what they’ve already been saying for the last 6 years, I’ll eat my hat. (A different hat, Barry)
Let’s move the discussion along, shall we? What are the best ways to implement what the DOJ has been telling us for 8 years that they want? That’s a discussion we should be having.