23 Jul

I’m in Monterey, CA this week for the Carmel Valley eDiscovery Retreat. First day is almost done. Nary an FCPA question to be found.

Here’s one for you. I’m still marinating over the Jackson & Ruehlen briefs, and some of the arguments that were made.

One of the arguments Ruehlen made was about the pleading requirement. Ruehlen said that the SEC failed to plead in its Complaint that the payment was not a facilitation payment.

The SEC opposed the motion to dismiss, claiming that the facilitation payment exception wasn’t so central to the violation that it needed to be pleaded separately.

In his Reply, Ruehlaen argued that if facilitation payments were an affirmative defense, that the SEC would be right. But since its an exception, that’s a problem. And the problem is doubled because if the SEC must plead the negative (that the payment wasn’t a facilitation payment), and in this case, they don’t have the identity (or at least aren’t providing it) of the government official.

Ruehlen logically argues, if you can’t name the official, how can you say that the benefit wasn’t in his non-discretionary authority?

The SEC’s argument is essentially that what’s important isn’t the identity of the recipient, it’s the mind of the payor. I’m in general agreement with that.

But I also think that exceptions to the statute need to plead.

I could be wrong about that. What do you think?


Arguments I Don’t Like

17 Jul

I was still coming off the rant the other day when I was reading the Reply memoranda of Mark Jackson and James Ruehlen in the Noble follow-on actions.  Mistake. It’s a little like going into the grocery store when you’re hungry; you end up over-spending.

And to a certain extend, Jackson’s and Ruehlen’s arguments are sympathetic.  As Jackson says:

The SEC spent years investigating these matters before filing its Complaint.  If the SEC is still unable to provide well-pleaded facts as to all the elements of an FCPA violation, the remedy is dismissal.

And the Complaint is, to be honest, light on facts and heavy on conclusions.  But there are facts, and I’m sympathetic to the SEC’s “sympathy plea” about how establishing facts in foreign bribery allegations is difficult.  I’m also sympathetic to Jackson & Ruehlen’s disdain for that argument. Whether there are sufficient facts pleaded in the Complaint is not what I’m going to write about.  I don’t often write about the ultimate issue, and I’m not going to here.  What I am going to write about are two arguments that Jackson and Ruehlen made that I think cross the line into just plain wrong.  One of them seems worse than that.

The first argument, well, let’s just say that I think it’s probably a hard concept to get across.  What it seems like is that Jackson is saying that he didn’t know that bribing Nigerian officials was wrong.

These assumptions are legal conclusions based on assumptions about the laws of another nation, unsupported by citation to any indication that Jackson knew the acts sought or methods used were actually illegal, and are therefore insufficient to establish Jackson’s state of mind. (emphasis in original)

The motion continues a page or two later:

The SEC next gives the back of its hand to Jackson’s argument that the Complaint must be dismissed because the few well-pleaded facts in the Complaint are equally consistent with a legal alternative explanation, that Jackson believed any payments were lawful facilitating payments.

First, can I just say that “gives the back of its hand” is such a colorful phrase, and masterfully used here.  This is just good legal writing, in my opinion.

If only the underlying legal premise were accurate. Bribery is wrong.  Bribes are wrong.  Do we really need the FCPA to teach us this?  Can we really say “well, it’s legal under the FCPA, so I didn’t know it was wrong?”  Okay, how about US domestic bribery statutes?  How about every country in the world’s domestic bribery statutes?

Which makes me pause for a second.  Maybe I’m wrong.  Maybe its actually an interesting legal question, to which I don’t actually have an answer.  Corrupt intent means that you have to understand that what you’re doing is wrong.  If something is legal under US law, but illegal in the country in which you’re operating, can you say “US law says I’m fine, therefore I had no corrupt intent?”  I think it’s a stretch to say that.  More than a stretch, an overreach.  I’ve asked the DOJ what they think of this legal question.  I’m going to go out on a limb and say they’re not going to comment.

The second argument…well, let’s just say I’m hoping that there’s more to the story than what’s in the dry motion papers filed by both sides.

Because if a defense attorney did to me what these attorneys did to the SEC enforcement lawyers, I’d be pissed.

Here’s how it looks.  The defense attorneys agreed to toll the statute of limitations.  Those tolling agreements were signed by the defense.  Then, they claim a statute of limitations defense because the SEC didn’t attach the agreements to the Complaint.  The SEC’s response is dead on:

While the defendants are certainly correct that the SEC did not allege the existence of the tolling agreements, this was on the assumption that defense counsel would make only good faith arguments in their motion to dismiss.  That assumption proved inaccurate, and, thus, if the Court deems it necessary, the SEC requests leave to amend the Complaint to add that allegation….

That was in the original opposition brief.  In Jackson’s reply brief, the defense doubles down on failure.

As a preliminary matter, the tolling agreements cannot be considered on this motion because the SEC chose not to allege them in the Complaint.  The omission cannot be cured by attaching the documents to the SEC’s response brief.  (citations omitted)

If it were me…denied.

Seriously?  While the defendants admit the existence of tolling agreements, they do so in a footnote, and say “nyah, nyah, you didn’t attach the tolling agreements to the complaint.”

I’m with the SEC on this one, fully.  Here’s the way this works: if you sign tolling agreements, your statute of limitations argument only works if the acts were 5 years ago plus the time you agreed to toll.

I don’t know whether there is sufficient evidence in the complaint, but neither of these two arguments makes me sympathetic to Jackson or Ruehlen.

“The Limit Should Be Zero Dollars”

16 Jul

If you don’t read Mark Herrmann’s column on Above the Law, you should.

Today’s column was on one of my favorite topics: the UK Bribery Act, and the semi-ridiculous advice that companies are getting from “experts.”  By the way, if you want an expert, go talk to Barry Vitou at Pinsent Masons.  There’s an expert.  Let’s remember that there hasn’t been a case brought under the UK Bribery Act yet.  (Yes, I know.  But no, there’s hasn’t been).  So most of the so-called experts are people who have just read the statute, and attended some conferences where other people who have no idea what they’re talking about talk about the UK Bribery Act.

Herrmann talks in today’s column about advice he got about complying with the UKBA.  His approach was that the firm who gave him the advice violated that advice about thirty seconds later.  He said “I could rant at this point about law firms giving utterly impractical advice, but I won’t.”

I will.

What was the advice that Herrmann got?  He attended a law firm presentation on the UKBA, and there was a question asked about what the right entertainment limits were.  The answer he got back exemplifies the problem I have with some outside counsel:

The limit should be zero dollars.  That will keep you safe.

Really?  Zero?

Leave out for a moment that the rest of Herrmann’s column is about how that same law firm sponsored a dinner for some in-house folk.  Let’s just talk about how advice likes this harms not just the giver, but the receiver too.  First, the giver.  The person who gives this advice will give it to one of two types of people: people who know what they’re talking about, or people who don’t.  I don’t know which comes out on the bottom.  If the lawyer is giving this advice to a knowledgeable person, that person will likely politely smile, nod, and then put the lawyer in the “idiot” box in his head, and not listen to another thing that lawyer says.  Which is a problem, because maybe in the future—even a stopped clock is right, twice a day—that lawyer will give some advice the client should listen to.  But getting out of the “idiot” box is a rare feat.

Or the recipient won’t know what they’re talking about.  In which case, like a wide-eyed doe, they’ll just accept what the lawyer says as a best practice.  Heaven forbid they go back to their own company and repeat that advice out loud.  (We’re back to the “Idiot” box).  Or even worse, that they’re in a position of authority, and could implement that advice.

Like I said, I don’t know who comes out worse.  Either way you go, someone’s in the Idiot box.

When it comes to hospitality—and here’s my opinion on this—everyone needs to calm down.

Zero is not the answer.  Herrmann’s concern about “killing the business” is probably also a little overblown, if someone wants to go that way.  It’s uncompetitive, certainly.  But you’d be amazed what the market will adjust to.  It’s not something I would recommend.

The number you come up with is entirely less important than the process by which you determine it.  The number can’t be outrageous, but here’s the thing: the DOJ has never brought a case against a company that came up with a reasonable number, and enforced it.  There are few cases where gifts play any role, none where they play a truly primary role, and absolutely none where the DOJ overruled a business decision.  That’s not something the DOJ does, as a rule.  They don’t take a reasoned decision and say “you made the wrong choice.”  Almost all of the time, the company failed to consider the problem, or considered it but said, “who cares,” or the equivalent.

So pick a number.  I’ve heard companies pick one number globally—say, $150 per person—or use different numbers for each region, or each market.  I’ve seen people use their own internal numbers—that is, whatever they’ll reimburse an employee for, that employee can spend on others.  That’s not a bad idea.

The point is, there is no “right answer” here.  It’s what’s right for you.

Just remember, as my friend and colleague Tom Fox always says, “document, document, document.”  Be prepared to tell the DOJ what your number is, why you chose it, who was involved in the decision, and how you’re enforcing it.  Remember, this is a company decision on how it wants to act.  People should know the number.

This applies not just to meals, but to gifts as well.  Same idea applies.  Whatever you decide, just decide.  Pick a number and stick with it.  Enforce it.

By the way, that “zero dollars” idea doesn’t keep you safe.  The business will ignore it, sidestep it, and will do that for just about any advice you give from now on.  You lose credibility with the business, and that’s the ball game!

I have to admit, though, I was always a softy when it came to gifts.  Absent some totally inappropriate gesture, most gifts are harmless, in my opinion.  Tickets to a ball game (or the Olympics) are not, absent something more, really a problem.  Where you need to be a little more careful is when you’re inviting someone where you have an open tender and that person is the decision-maker.  I’ve seen rules which say “here are the rules for everyone except people from whom we’re awaiting a decision, and for those people, they get gornisht.”  That’s a damn fine rule.  Sometimes, zero might be the answer.

But not usually.  And telling people that in a public setting, in my opinion, puts you in the idiot box.


Something I’m Really Excited About: FCPA TV

11 Jul

Obviously, I’m a fan of video.  I subscribe myself to numerous video podcasts: This Week in Google, iPad Today, HBR, This Week in Startups, and more.

I also have This Week in FCPA, my weekly video with Tom Fox.

Now, I’m happy to present a video podcast on iTunes: FCPA TV.

These will be shorter videos, mainly my opinions on various anti-corruption topics, plus some others thrown in occasionally.

You can subscribe here.

If you don’t have iTunes (seriously?), you can watch the episodes online at

Schedule C, Element #5

9 Jul

At this rate, I know, it’ll take quite a while to get through all 13 steps.  But one small step at a time.

Today’s step is all about reviewing your program on a regular basis.

I want to lay out the importance of this element first, then go into the specifics.

Not too long ago, Morgan Stanley got a bye—a total pass—because of their pre-existing compliance program.  The DOJ issued a press release on the case, and listed three things in it about Morgan Stanley’s compliance program that influenced the decision.

The first one:

“…Morgan Stanley maintained a system of internal controls meant to ensure accountability….  Morgan Stanley’s internal policies, which were updated regularly to reflect regulatory developments and specific risks, prohibited bribery….”

Now let’s turn to the language of the DPA itself, and element #5:

Alcatel-Lucent shall review its anti-corruption compliance standards and procedures, including internal controls, ethics, and compliance programs, no less than annually, and update them as appropriate, taking into account relevant developments in the field and evolving international and industry standards, and update and adapt them as necessary to ensure their continued effectiveness.

What does this mean, and how do you implement this in a real way?

Some might take a look at this and see a requirement to pull their policies off the shelf once a year, dust them off, and put a new coat of polish on them.  Then, after their “annual review” they can put their program on the shelf for another year, and check that box.

And don’t think that this description doesn’t apply to you.  I know I stated it a little more bleakly than usual, but if you’re really paying attention to this series, you are probably open-minded about the state of your program.  Think realistically about how you approach your policies and processes.  Because the annual review—and yes, you need to do an annual review—is not what this element is all about.

“Update them as appropriate” is important, and even more important is “taking into account relevant developments.”  Because this is the crucial piece of the program: the ability to be nimble.

This is something that Tom and I talk about all the time.  It’s crucial, but don’t get the impression that it’s easy.  Like all things worthwhile, this is difficult, and it’s going to take effort, willpower, and resources to get it right.  Let’s talk about the most cost-effective way to make this happen.  Because as Morgan Stanley found out, getting it right generates some huge benefits.

So what does it mean for a program to be “nimble?”

It means a few things:

  1. You need lines of sight into your program so you can find information quickly.  For example, when you read new enforcement actions, and see a corrupt third party identified, you should be able to ping your program to see whether you’ve ever had dealings with that third party.  If you do find something, you need to be able to adjust to that fact.  In the case of a third party, you need to adjust your transaction monitoring of that individual, the risk ranking, and potentially start an audit.  (n.b. a lot of attorneys would tell you “terminate the relationship.”  Terminate, terminate, terminate.  That’s their answer to bad news.  I don’t think that’s always—or even usually—the right call.)  Whatever you decide, it should be a decision, not a default.
  2. You need to review your policies and procedures when they fail.  This is also not so easy.  The main reaction to a failure is usually “move on.”  No one wants to dwell on—and certainly not to take ownership of—a compliance failure.  But the failures are where you learn.  And learning from failure is exactly what we’re supposed to do.  Revel in it.  Own it.  And make sure that you figure out what went wrong.  A side note: my practice is to figure out what went wrong, but I rarely dig too deeply into whowent wrong.  That is, why the old process—the one that failed—was like it was.  You must find out—and potentially discipline—the employee who did something wrong.  But figuring out why the old policy was like it was is usually a wasted effort.
  3. You need a line of sight into the business. If you’re doing compliance right, you are a partner to the business. I often say that 80% of compliance is “being in the room.” That is, knowing what the business is doing at any particular time. In this case, it’s knowing what the business is going to be doing. Is the business entering a new market? Developing a new product? Is there a new push toward opening new stores? (Not to think of any company in particular). If you know what the business is up to, you can anticipate new risk.

Recognizing the business priorities and the concomitant risk, and working the new issues into your risk assessment and plan, is what “nimble” is all about.

Notice, by the way, that this is an entirely different effort from the yearly review.

These three things aren’t easy. Developing a relationship with the business takes time and effort. It takes not saying “no” so much. It takes not being the “business prevention department.” Saying “yes” requires more work, on our part. You need to get creative. I used to call myself a creative solutions vendor to the business. You also need the right “ask.” Make sure you’re in the room. Get yourself invited to meetings. Don’t say anything in the meetings. Just listen. Add value where you can. Offer to help. Get one-on-one time with senior leaders. Listen to them.

Getting a line of site into your program is technology. You need the ability to interrogate the data you already have. This means payment data, contract data, data (or whatever CRM system you use). Plus, if you want to get advanced, you can use your eDiscovery technology to search your actual data. I love this convergence, because you already own the technology. Why not get the most out of it? That’s the essence of compliance convergence: using technology you already own in a different silo. I’m sure you have eDiscovery people: get to know them. For payments, talk to your finance people. You need to understand your finance controls to know where, and how, to interrogate your payments data. Plus, remember there are different kinds of payments: wires, ACH, checks, refunds, credits, loyalty point grants, and more.

Being willing to face your program head on takes investment of an entirely different type. Emotional investment. Or emotional humility. Either one. Both, more likely.

I heard Charles Cain at a conference. He was asked what factors in a company’s compliance program he considers important to a decision to decline prosecution. The first answer he gave was the ability of a program to be nimble.

And because I’m a fan of multi-channel return on investment, I’m happy to say that being nimble presents benefits beyond the immediate—and immense—positives for the program. There are controls that look good and there are controls that actually prevent bribery. You need both, but I’d rather have the latter. What you gain from being nimble—a partnership with the business, technology use efficiencies, and an ability to look dispassionately at your own program—actually prevents bribery. When you add value to the business, when the business knows that all you want is their success, you get something valuable: credibility.

We always talk about credibility in terms of your relationship with the DOJ. And we’re right to. It’s among the most important things.

Credibility with the business is more important.

Being nimble, going through what you need to go through to be nimble, leads to credibility, which leads to sticky advice. And that’s the endgame.

A nimble program has its priorities in order, a nimble program learns from itself, a nimble program can adapt, change, and actually works to decrease bribery across the business.

Why I Hate The Case Against Walmart

2 Jul

For long-time readers, this post will take a familiar tone: you’re all wrong.

The FCPA Unit in the Fraud Section has a lot to do.  At last count, there were over 80 companies facing FCPA investigation (all publicly disclosed), including HP, Avon, Weatherford, Ingersoll-Rand, News Corp., Archer Daniels Midland, and lots more.  Household names.  Plus, of course, Walmart.

I’ve advocated harsher penalties for corporations, and I’m second to only one (Alexandra Wrage) in my distaste for bribery.

But I hate the Walmart case.

In my humble opinion, Walmart should get a nominal fine via an NPA.
Maybe $2 million.  Something like that.  I’d prefer less—maybe a declination with undertakings? Totally private?—but I can’t see it happening.

You’d think I’d be salivating over the prospect of Walmart getting a massive fine.  It’s a huge US multinational company which went overseas and bribed government officials in order to gain an improper advantage for the purpose of obtaining or retaining business.  Straight out of 15 USC sec. 78dd-1(a). And like I said, I’ve advocated for larger fines.

Why do I hate the Walmart case so much?  Let’s lay it out.

1. Walmart’s Bribes Were Arguably Facilitation Payments

This is going to be fact-dependent, and no one has all the facts right now.  It’s likely even Walmart doesn’t have all the facts.  But here are some.  It’s an exception to the FCPA—not an affirmative defense; that’s important—when payments are made to secure routine government action.  The exact wording of the statute is:

Subsections (a) and (g) of this section shall not apply to any facilitating or expediting payment to a foreign official, political party, or party official the purpose of which is to expedite or to secure the performance of a routine governmental action by a foreign official, political party, or party official.

What’s important in that quote is what isn’t said: there’s no discussion of amounts, only purpose.  So the fact that some of the payments that Walmart made were high (the number I keep hearing is upwards of $250,000) is neither here nor there.  It’s what the payments were designed to get.

Here, the payments were designed to get building permits. It may be that the issuance of building permits is discretionary, but I’m guessing that it’s not so simple. There’s discretionary meaning that it’s truly a decision in contention. Like the decision to award a contract. Then there’s totally non-discretionary, like postal service. In the middle, there’s an area where something might technically be discretionary, but in reality, it’s either a rubber stamp, or it’s simply always one way. Building permits could be a case like this. It’s always worked out, as long as you wait long enough and do what you’re asked. Remember also that “obtaining permits” is one of the things specifically mentioned in the Act as falling under “routine governmental action.”

And that brings me to reason #2.

2. Walmart Didn’t Bring Its Corruption Into Mexico

There’s a reason that Mexico is #100 on the Transparency International Corruption Perceptions Index. In corporate-speak, it’s a “challenge” to do business there. In regular-person speak, I’m sorry to say that corruption is rampant. Not that I’d use the word “cesspit,” but if someone else were to, I wouldn’t correct them.

Just to give one example: if you want to get a copy of a judgment or filing, you need to tip the court clerk. This person is undeniably a government official, and you’re paying him or her money. No tip, no document. Law firms regularly pay these morditas; (“little bites”) and list them on invoices as “miscellaneous expenses.” [I’m sorry if this comes as a shock to you, and you’ve been paying—and mislabeling in your books and records—these payments].

Like I said, a challenging place to do business. I’ve never dealt with getting building permits and such in Mexico, but I’m ready to believe that there’s a “no payment, no permit” culture there. In other words, Walmart wasn’t a corrupt organization that had bribery in its DNA. It was responding to market conditions.

I can hear the cries now. No, I’m not excusing bribery. But give me a break. I’m an anti-bribery advocate, but I also like to think of myself as a realist. I don’t think a company should ever pay a bribe. But I also recognize that we’re not there yet. There are still places in the world where the wheels of business are greased by money.

Building permits in Mexico might be like that. If the only time a permit is denied is when there’s no payment, I have a hard time working up a visceral anger at the company paying it. Or thinking that the type of payment was for a discretionary benefit. I’m not saying it’s right (remember, I think Walmart should get fined something), but it’s also not the worst thing in the world.

There’s a combination aspect at work here too. I might not accept the “it’s how business gets done here” if it were a true “bribe,” as my gut interprets the word. I have a hard time seeing it as a bribe, so I’m quicker to accept the “it’s the market” excuse.

Again, I’m not saying it’s right, but I am saying that I’m going to save my anger for true bribery cases.

3. Where’s the Harm?

Anyone who has heard me speak on anti-corruption has likely heard my refrain: I hate bribery because it most heavily impacts that segment of the population that can least afford it. The poor, the disenfranchised, the marginalized, all get hit hardest. Roads deteriorate faster, buildings are built with substandard materials (some fall down, on people), small businesses can’t start up, employment rates fall, small bribes become a necessity for people who can’t afford them.

In one market, a new mother can’t get her baby from the nursery without greasing the nurse. As I’ve often said, say what you will about bribery, but can’t we all get together on the idea that “grease the nurse” shouldn’t exist as a concept? That things have gone too far?

So what was the harm to the populace in Mexico? That they can now buy quality goods at cheaper prices? Okay, in a theoretical sense, it perpetuates a culture of corruption that impacts other areas. I get it. But that’s a little too far outside the zone of causation for me to get pissed at Walmart over.

And that’s the bottom line for me. I can’t work up any visceral anger at Walmart. And if I—a person who hates bribery more than most—can’t work up anger at Walmart, I’d submit that their actions weren’t all that bad.

Two other considerations, one in each direction.

First, Walmart’s real problems, in my opinion, were in the corporate governance area rather than the bribery arena. The way the information was handled by Bentonville when it was presented to them is less than satisfactory.

But we haven’t yet criminalized lack of good corporate governance.

The result of Bentonville’s mishandling of the allegations to me should result in Walmart being given no self-disclosure credit. Maybe some undertakings to improve their investigations process. Schedule D stuff. Walmart should also revise their corporate policy to disallow facilitation payments globally.

The second consideration, which plays into why the DOJ should get out now, is something I mentioned up top: facilitation payments are not an affirmative defense, they’re an exception.

Which to me means that the burden of proof is on the government.

This is not an easy case by any stretch for the government. And Chuck Duross—who I’m assuming has taken a personal interest in the case, if not taken it over as one of his cases—is a reasonable guy. He’s not going to bring a case, or even recommend bringing a case, that he knows he can’t prove at trial.

Chuck’s integrity as a prosecutor is Walmart’s ace-in-the-hole.

It’s not going to be an easy case to make. Building permits are specifically mentioned, as I said. Even though there might be a discretionary element, that element is something that Congress had to consider before putting what they did in the statute.

And let’s not forget, for all the political pressure to be harsh on Walmart, there’s got to be a little bit of back-pressure too. After all, no one—especially not a career prosecutor—likes to have their agenda set by a newspaper, even the New York Times.

There’s a possibility there’s more to the story.  The most dangerous thing for Walmart right now, in my opinion, is the investigation they’re forced to conduct.  They might find something.  If they find actual bribery, all bets are off.

Plus, the original article was in the New York Times.  Say what you will about the Times—and I often think of subscribing just so that I can resign my subscription in protest—they set the journalistic agenda for the entire world.  So every reporter in the entire world is looking at Walmart right now. It’s like the world’s most intrusive external auditor poking through your business, without the ethical constraints. So yes, Walmart has incentive to settle. They can’t afford to let it drag on like the News Corp. case.

So both Walmart and the DOJ have good reasons to want to end this soon (like now). Let’s all do the right thing and support a fair conclusion to this fiasco.

I Don’t Understand: Conflicts of Interest, Executive Privilege, and a No-Action Letter

29 Jun

Okay, let me get this straight (via a post at the Blog of the Legal Times):

  • the AG writes a letter to the President saying that the exercise of Executive Privilege to protect the AG would be “legally proper”
  • The President uses that Executive Privilege to excuse the AG from turning over documents to Congress
  • Congress holds the AG in contempt
  • The DOJ then says it won’t prosecute the AG

Forgive me, but this reminds of the old game, how many triangles can you find:

Only this game is, how many conflicts of interest can you find?

The DOJ should not be opining on the use of executive privilege to shield the head of the DOJ.

The DOJ should also not be evaluating whether to prosecute, or not, the head of the DOJ.

I’m just thinking about Mr. Cole’s next evaluation, had he chosen to criminally indict the AG.  “Well, Jim, you did a great job this year, except for that whole thing where you had me indicted.  NO BONUS FOR YOU!!”

This whole situation has gone from the sublime to the ridiculous, in my humble opinion.