Tag Archives: FCPA

Best. Quote. Ever.

13 Aug

Preparing for This Week in FCPA today, I came across this quote in the New York State Department of Financial Services’ Order against Standard Chartered:

You fucking Americans. Who are you to tell us, the rest of the world, that we’re not going to deal with Iranians.

This was from SBC’s Group Executive Director to its head of Compliance in New York.

In the anti-corruption space, we encounter this sentiment probably as often as the Sanctions compliance community does.

But it’s a legitimate question (if phrased, shall we say, indelicately?) Why is it okay for the US to export its foreign policy and mandate compliance by non-US institutions?

The DFS gives its answer a few paragraphs later:

In November 2008, the US Treasury Department revoked authorization for [a previously approved type of transaction] because it suspected Iran of using its banks—including [the banks Standard Chartered transacted with]—to finance its nuclear weapons and missile program. The US also suspected that Iran was using its banks to finance terror groups, including Hezb’Allah, Hamas, and the Palestinian Islamic Jihad, and engaging in deceptive conduct to hide its involvement in vairous other prohibited transactions, such as assisting OFAC-sanctioned weapons dealers. (emphasis mine)

It’s simple (at least to me). Because there’s no such thing anymore as “just in your country.” If what happens in your country stays in your country, you’re right, the US has no business getting involved (absent extraordinary circumstances like genocide etc.)

But honestly, the idea of an Iranian atomic weapon scares the crap out of me. If Iran is funding its program using money illicitly obtained at least partially through stripped wire transfers, whoever does that needs to stop.

Nor, I believe, is the problem exaggerated. When I was in the Bronx DA’s Office, one of the types of cases I was in charge of was video piracy. I’m talking about the counterfeit videotapes they sell on the street. The Bronx is, strangely enough, the counterfeit videotape capital of the United States, and tied for first (with Bangkok) in the World. It’s a big business, and part of what I tried to do was follow the money.

We found the money went to two different places. One was to Nigeria. The other was to Palestinian terror organizations.

So yes, I have no problem believing that Iranian nuclear ambitions are tied to stripped wire-transfer documents. There’s a reason that OFAC talks about the sanctions programs as implicating national security.

I conclude, therefore, that because the US is most certainly directly affected by Iran’s nuclear program, we do have standing to tell you that if you’re a US company, or your non-US company has US citizens in it, or is a subsidiary of a US company, then you can’t engage in certain types of financial transactions with people trying to blow up us and our allies. Sorry.


Counting to 10, Internet Fact-Checkers, and Integrating Acquisitions

6 Aug

My saintly mother used to tell me that when I get upset, I should count to 10 before I opened my mouth. It saves you, she would tell me, from saying something that you don’t mean, or that will make you look stupid. This wisdom applies doubly for a writer. Just like you shouldn’t shop when you’re hungry, you shouldn’t write when you’re riled up. I ignored that advice. But thanks to the wonder that is the Internet, I always have people fact-checking my work.

To this particular fact-checker—and you know who you are—thank you for pointing out what I should have caught the first time.

On Friday, I wrote about the Nordam Group non-prosecution agreement, and how Dan Kahn and Stephen Spiegelhalter at DOJ, along with their boss Chuck Duross, plus Nordam’s counsel Carlos Ortiz all had a brain freeze and included a requirement that Nordam train all their third parties.

Turns out, it was me who had the brain freeze, not them.

I wasn’t wrong: requiring a company to train all their third parties is stupid and unrealistic. Totally unworkable.

And if that’s what the Nordam Group agreed to, that would be ridiculous. This is an example of why it’s so important that you actually read all of the NPA, not just the single paragraph that generated so much ire. If I had bothered to actually research rather than just react, I would have written something entirely different, and much more complimentary.

As it turns out, both DOJ and Nordam’s counsel were actually pretty reasonable about training. More than that…very reasonable, incredibly reasonable, perfectly reasonable. Let’s look at what the Nordam Group NPA actually requires Nordam to do vis-a-vis training.

In paragraph 8, Nordam agrees that its compliance program needs to be communicated effectively both internally and “where necessary and appropriate” to agents and business partners. This requirement comprises training employees and, “where necessary and appropriate,” training third parties. It also requires annual certifications of compliance with the training requirements signed by its internal employees and by its third parties, but again, only “where necessary and appropriate.

In fact, I’d find it difficult to find another place where Dan, Stephen, and Chuck could have included “where necessary and appropriate” without it looking like subliminal advertising. “The company agrees to implement financial [cough…where necessary and appropriate…cough] controls that [cough…where necessary and appropriate…cough] ensure transactions will accurately [cough…where necessary and appropriate…cough] reflect….” You get the idea.

What the DOJ required of Nordam makes perfect sense, and allows for exactly the kind of flexibility I accused the Department of neglecting. I would also argue that it’s a loophole that you can drive a truck through, and I would suggest using the biggest 18-wheeler you can find, but that’s another post.

Upon reflection, and upon doing the work I should have done last Friday, I now think this was just the DOJ suggesting that training third parties is a good practice, but recognizing that third parties present their own challenges.

If I were in Chuck’s seat (or Dan’s or Stephen’s) I would likely take a different approach. I would probably require companies ensure that third parties have their own program; I wouldn’t make Nordam export their training to anyone. But the difference isn’t nearly the chasm that I thought it was on my reading of just the one paragraph—which I’ll get to in a second—that I wrote about in the last post.

We’re much closer together than I thought we were, as it turns out. Just a short hop, as it were. I can’t argue with an approach that doesn’t make it too prescriptive. The DOJ seems to recognize that each company in each market is different, and each company’s risk profile is something that can change over time. And the DOJ seems to be indicating that this is something companies should be thinking about based on what’s practical, the market risk, business risk, transaction risk, and other red flags. The DOJ is trying to thread the needle here, and does a damn fine job of it, IMHO (more H, now that I’ve actually read the thing).

As it turns out, the requirement as it’s actually written seems to prove a different one of my central contentions: that the DOJ is extremely reasonable and measured in how it prosecutes corporations.

So where does the offending paragraph from my last post come from?

In paragraph 13 of the NPA, the DOJ talks about how Nordam should integrate new acquisitions. The NPA requires Nordam to do appropriate due diligence [n.b. is “appropriate due diligence” redundant?]

It also requires that Nordam apply its policies to the new acquisition “as quickly as practicable.” Including requiring Nordam to “train directors, officers, employees, agents….” Even here, it only requires this training “promptly.”

Plus, the DOJ includes a separate qualifier: it only requires training of employees of a new acquisition “who present corruption risk to the Company.” I would suggest that this qualifier has exactly the same effect as “where necessary and appropriate” that we saw above.

I’m actually blown away at how reasonable the DOJ is being in this thing, yes? [One assumption I’m making is that this wasn’t something that the DOJ didn’t want in there, but outside counsel did. It’s possible, but I would think, unlikely]. I hear outside counsel say all the time “train everyone.” Even the DOJ isn’t saying that. The DOJ is saying that companies need first and foremost to think. Where’s the risk? How does that risk impact my operations? What’s the most reasonable way to respond to that risk?

In this context, the requirement to train all employees who present corruption risk makes perfect sense. I would suggest the DOJ could have reasonably gone further and required training every employee in a new acquisition.

This requirement isn’t about training everyone in a third party, it’s training everyone in a new acquisition. One problem that we see over and over is companies not integrating new acquisitions. Watts Water comes to mind. If that new acquisition has or initiates problematic transactions, the DOJ has little pity (and rightfully so). Requiring Nordam to integrate “as quickly as practicable” and “promptly” seems eminently fair and reasonable.

I would love to blame Dick Cassin. After all, he made the same mistake. But what’s written on my site isn’t Dick’s responsibility, it’s mine. As soon as I hit “publish,” it became my error.

So, let’s just get past this little SNAFU, shall we, and back to our regularly scheduled ranting and raving? Just better informed.

Unrealistic Expectations: Training Third Parties

3 Aug

Thanks to the FCPA Blog for pointing this out. I think we covered Nordam on This Week, but I glossed over the piece that Dick Cassin wrote about today.  Buried in Nordam’s non-prosecution agreement is a requirement that the company train its third parties. The company is required to:

train directors, officers, employees, agents, consultants, representatives, distributors, joint venture partners, and relevant employees thereof, who present corruption risk to the Company, on the anti-corruption laws and the Company’s policies and procedures regarding anti-corruption laws.


I’m hoping that the DOJ prosecutors assigned to the case, Dan Kahn (who I know) and Stephen Spiegelhalter (who I don’t), just overlooked this. Or more likely—since I know for sure that Dan is a really smart, reasonable guy, and since they both report to Chuck Duross, who is another really smart, very reasonable guy—this was something that Nordam proposed.

It’s possible that Nordam doesn’t have a whole lot of third parties.  I’m willing to buy into that for two reasons.  First, like I said, Dan and Chuck are reasonable people: they don’t want to put a company in a position of adopting an impossible requirement.  Second, Nordam was represented by LeClair Ryan’s Carlos Ortiz.  Ortiz is the real deal, from what I can tell (I’ve never met the guy…we’re not even connected on LinkedIn), and LeClair Ryan had the incredible intelligence to hire Mike Volkov, so it’s a firm that has its head on straight.

But what Nordam agreed to?  Training everyone?


This is such a misguided requirement. I sincerely hope it doesn’t become a part of DPAs and NPAs going forward.

Let’s take a step back from training third parties for a moment. Let’s talk about audit rights. Because I see in the training requirement the same drawbacks that I see in audit rights.

Audit rights come in two forms, when-something-goes-wrong audit rights, and once-a-year audit rights. The former I’m fine with, the latter, not so much.

Don’t get me wrong, it’s a great story, if you can pull it off. But it’s a classic example of “be careful what you wish for.” Take a moment and think about what it takes to do periodic audits of your third parties. This might actually be easier for smaller companies to pull off than larger ones. Because for larger ones, it’s a nightmare, bordering on impossible. Actually, I’m temporizing. It’s not bordering on impossible, it is impossible.

Some larger companies have literally a hundred thousand third parties. Or more. Putting aside the actual work of sending people to 100,000 companies around the globe, how about just the administrative burden of arranging the audits, collating the results, analyzing the results, deciding on action plans. Just collecting the list takes time, a lot of time.  It took Tyco more than 6 months just to pull together a preliminary list that was 1/8 of the final list.  Plus the follow-up on any management action plans that results from the audits. Consequence management for companies that fail to implement or successfully implement action plans. Or for companies that fail to allow audits. Following up to make sure that issues aren’t recurring. Just think about all the electronic detritus that would be generated from auditing 100,000 companies every year.

Ah…I hear you. If done right, it wouldn’t be 100,000. You’d risk-rate the third parties. No reason to audit the people from whom you buy copier paper, right? First, that assumes you get competent advice from outside counsel on how to properly risk-rate anything. Asking a risk-averse industry how to risk-rate will only lead to agita. Sorry, I’ll end this foray into that particular frustration of mine.

So assuming you get good advice, you’ll actively be auditing maybe 5% of your total number of third parties (Tyco’s program had 5.6% rated high risk). So…5,000 third parties, every year. All of them the highest of the high risk. Or maybe I’m being overly risk averse myself. Let’s say 1%. So…1,000 independent companies to audit, every year. That’s 2 1/2 companies a day, every day, every year (if you go with business days, and national holidays, it’s 4 companies a day).

Oh yes, one other thing: do you have 4-5 people who are competent to even do these types of audits?  Do you have even one?

All of this, by the way, for a totally non-profit-generating activity, which will have the gratuitous side effect of pissing off your suppliers, distributors, and agents.

Now let’s transition the topic back to training. You have 1,000 companies to train. Who do you train in those companies? Everyone? “Directors, officers, employees, agents, consultants, representatives, distributors, joint venture partners, and relevant employees thereof”?  How do you even figure out who the “relevant” employees are?  How do you ensure that your high-risk partner is training the right people?  Who pays?  How do you monitor? What’s the consequence management program? What do you do if the third party says no?

That’s a serious consideration, by the way. Sure, sometimes, it’s a huge corporation whose business is so important to the third party that the huge company can pretty much force the smaller company to do anything they want. Including training.

But sometimes it’s a huge company contracting with another huge party. How do you enforce your training requirement on, say, Hewlett-Packard? Or Siemens, for that matter? Do you require HP to train all of its 300,000 employees? Do you accept their training program? How do you evaluate their training program to see if it meets your standards? Do you require American Express to put their board members through your training? Ursula Burns, the CEO and Chairman of Xerox is on there. What about Microsoft? Are you going to require Microsoft to go through training? Their Board?

The ability to get anyone to train is heavily dependent on your bargaining position. Nordam is a big company in its space, so perhaps it has negotiating power. But what about smaller companies? How are they supposed to get their larger distributors to agree to training?

By the way, the companies you’re required to train are the same companies you’re going to audit.  Control fatigue, anyone?

It’s an impossibly complicated task, just that one little paragraph. The company has overpromised, in my opinion.

Let’s hope this doesn’t become SOP for the DOJ, like the FCPA Blog thinks it’s going to.

Schedule C, Element #5

9 Jul

At this rate, I know, it’ll take quite a while to get through all 13 steps.  But one small step at a time.

Today’s step is all about reviewing your program on a regular basis.

I want to lay out the importance of this element first, then go into the specifics.

Not too long ago, Morgan Stanley got a bye—a total pass—because of their pre-existing compliance program.  The DOJ issued a press release on the case, and listed three things in it about Morgan Stanley’s compliance program that influenced the decision.

The first one:

“…Morgan Stanley maintained a system of internal controls meant to ensure accountability….  Morgan Stanley’s internal policies, which were updated regularly to reflect regulatory developments and specific risks, prohibited bribery….”

Now let’s turn to the language of the DPA itself, and element #5:

Alcatel-Lucent shall review its anti-corruption compliance standards and procedures, including internal controls, ethics, and compliance programs, no less than annually, and update them as appropriate, taking into account relevant developments in the field and evolving international and industry standards, and update and adapt them as necessary to ensure their continued effectiveness.

What does this mean, and how do you implement this in a real way?

Some might take a look at this and see a requirement to pull their policies off the shelf once a year, dust them off, and put a new coat of polish on them.  Then, after their “annual review” they can put their program on the shelf for another year, and check that box.

And don’t think that this description doesn’t apply to you.  I know I stated it a little more bleakly than usual, but if you’re really paying attention to this series, you are probably open-minded about the state of your program.  Think realistically about how you approach your policies and processes.  Because the annual review—and yes, you need to do an annual review—is not what this element is all about.

“Update them as appropriate” is important, and even more important is “taking into account relevant developments.”  Because this is the crucial piece of the program: the ability to be nimble.

This is something that Tom and I talk about all the time.  It’s crucial, but don’t get the impression that it’s easy.  Like all things worthwhile, this is difficult, and it’s going to take effort, willpower, and resources to get it right.  Let’s talk about the most cost-effective way to make this happen.  Because as Morgan Stanley found out, getting it right generates some huge benefits.

So what does it mean for a program to be “nimble?”

It means a few things:

  1. You need lines of sight into your program so you can find information quickly.  For example, when you read new enforcement actions, and see a corrupt third party identified, you should be able to ping your program to see whether you’ve ever had dealings with that third party.  If you do find something, you need to be able to adjust to that fact.  In the case of a third party, you need to adjust your transaction monitoring of that individual, the risk ranking, and potentially start an audit.  (n.b. a lot of attorneys would tell you “terminate the relationship.”  Terminate, terminate, terminate.  That’s their answer to bad news.  I don’t think that’s always—or even usually—the right call.)  Whatever you decide, it should be a decision, not a default.
  2. You need to review your policies and procedures when they fail.  This is also not so easy.  The main reaction to a failure is usually “move on.”  No one wants to dwell on—and certainly not to take ownership of—a compliance failure.  But the failures are where you learn.  And learning from failure is exactly what we’re supposed to do.  Revel in it.  Own it.  And make sure that you figure out what went wrong.  A side note: my practice is to figure out what went wrong, but I rarely dig too deeply into whowent wrong.  That is, why the old process—the one that failed—was like it was.  You must find out—and potentially discipline—the employee who did something wrong.  But figuring out why the old policy was like it was is usually a wasted effort.
  3. You need a line of sight into the business. If you’re doing compliance right, you are a partner to the business. I often say that 80% of compliance is “being in the room.” That is, knowing what the business is doing at any particular time. In this case, it’s knowing what the business is going to be doing. Is the business entering a new market? Developing a new product? Is there a new push toward opening new stores? (Not to think of any company in particular). If you know what the business is up to, you can anticipate new risk.

Recognizing the business priorities and the concomitant risk, and working the new issues into your risk assessment and plan, is what “nimble” is all about.

Notice, by the way, that this is an entirely different effort from the yearly review.

These three things aren’t easy. Developing a relationship with the business takes time and effort. It takes not saying “no” so much. It takes not being the “business prevention department.” Saying “yes” requires more work, on our part. You need to get creative. I used to call myself a creative solutions vendor to the business. You also need the right “ask.” Make sure you’re in the room. Get yourself invited to meetings. Don’t say anything in the meetings. Just listen. Add value where you can. Offer to help. Get one-on-one time with senior leaders. Listen to them.

Getting a line of site into your program is technology. You need the ability to interrogate the data you already have. This means payment data, contract data, salesforce.com data (or whatever CRM system you use). Plus, if you want to get advanced, you can use your eDiscovery technology to search your actual data. I love this convergence, because you already own the technology. Why not get the most out of it? That’s the essence of compliance convergence: using technology you already own in a different silo. I’m sure you have eDiscovery people: get to know them. For payments, talk to your finance people. You need to understand your finance controls to know where, and how, to interrogate your payments data. Plus, remember there are different kinds of payments: wires, ACH, checks, refunds, credits, loyalty point grants, and more.

Being willing to face your program head on takes investment of an entirely different type. Emotional investment. Or emotional humility. Either one. Both, more likely.

I heard Charles Cain at a conference. He was asked what factors in a company’s compliance program he considers important to a decision to decline prosecution. The first answer he gave was the ability of a program to be nimble.

And because I’m a fan of multi-channel return on investment, I’m happy to say that being nimble presents benefits beyond the immediate—and immense—positives for the program. There are controls that look good and there are controls that actually prevent bribery. You need both, but I’d rather have the latter. What you gain from being nimble—a partnership with the business, technology use efficiencies, and an ability to look dispassionately at your own program—actually prevents bribery. When you add value to the business, when the business knows that all you want is their success, you get something valuable: credibility.

We always talk about credibility in terms of your relationship with the DOJ. And we’re right to. It’s among the most important things.

Credibility with the business is more important.

Being nimble, going through what you need to go through to be nimble, leads to credibility, which leads to sticky advice. And that’s the endgame.

A nimble program has its priorities in order, a nimble program learns from itself, a nimble program can adapt, change, and actually works to decrease bribery across the business.

Why I Hate The Case Against Walmart

2 Jul

For long-time readers, this post will take a familiar tone: you’re all wrong.

The FCPA Unit in the Fraud Section has a lot to do.  At last count, there were over 80 companies facing FCPA investigation (all publicly disclosed), including HP, Avon, Weatherford, Ingersoll-Rand, News Corp., Archer Daniels Midland, and lots more.  Household names.  Plus, of course, Walmart.

I’ve advocated harsher penalties for corporations, and I’m second to only one (Alexandra Wrage) in my distaste for bribery.

But I hate the Walmart case.

In my humble opinion, Walmart should get a nominal fine via an NPA.
Maybe $2 million.  Something like that.  I’d prefer less—maybe a declination with undertakings? Totally private?—but I can’t see it happening.

You’d think I’d be salivating over the prospect of Walmart getting a massive fine.  It’s a huge US multinational company which went overseas and bribed government officials in order to gain an improper advantage for the purpose of obtaining or retaining business.  Straight out of 15 USC sec. 78dd-1(a). And like I said, I’ve advocated for larger fines.

Why do I hate the Walmart case so much?  Let’s lay it out.

1. Walmart’s Bribes Were Arguably Facilitation Payments

This is going to be fact-dependent, and no one has all the facts right now.  It’s likely even Walmart doesn’t have all the facts.  But here are some.  It’s an exception to the FCPA—not an affirmative defense; that’s important—when payments are made to secure routine government action.  The exact wording of the statute is:

Subsections (a) and (g) of this section shall not apply to any facilitating or expediting payment to a foreign official, political party, or party official the purpose of which is to expedite or to secure the performance of a routine governmental action by a foreign official, political party, or party official.

What’s important in that quote is what isn’t said: there’s no discussion of amounts, only purpose.  So the fact that some of the payments that Walmart made were high (the number I keep hearing is upwards of $250,000) is neither here nor there.  It’s what the payments were designed to get.

Here, the payments were designed to get building permits. It may be that the issuance of building permits is discretionary, but I’m guessing that it’s not so simple. There’s discretionary meaning that it’s truly a decision in contention. Like the decision to award a contract. Then there’s totally non-discretionary, like postal service. In the middle, there’s an area where something might technically be discretionary, but in reality, it’s either a rubber stamp, or it’s simply always one way. Building permits could be a case like this. It’s always worked out, as long as you wait long enough and do what you’re asked. Remember also that “obtaining permits” is one of the things specifically mentioned in the Act as falling under “routine governmental action.”

And that brings me to reason #2.

2. Walmart Didn’t Bring Its Corruption Into Mexico

There’s a reason that Mexico is #100 on the Transparency International Corruption Perceptions Index. In corporate-speak, it’s a “challenge” to do business there. In regular-person speak, I’m sorry to say that corruption is rampant. Not that I’d use the word “cesspit,” but if someone else were to, I wouldn’t correct them.

Just to give one example: if you want to get a copy of a judgment or filing, you need to tip the court clerk. This person is undeniably a government official, and you’re paying him or her money. No tip, no document. Law firms regularly pay these morditas; (“little bites”) and list them on invoices as “miscellaneous expenses.” [I’m sorry if this comes as a shock to you, and you’ve been paying—and mislabeling in your books and records—these payments].

Like I said, a challenging place to do business. I’ve never dealt with getting building permits and such in Mexico, but I’m ready to believe that there’s a “no payment, no permit” culture there. In other words, Walmart wasn’t a corrupt organization that had bribery in its DNA. It was responding to market conditions.

I can hear the cries now. No, I’m not excusing bribery. But give me a break. I’m an anti-bribery advocate, but I also like to think of myself as a realist. I don’t think a company should ever pay a bribe. But I also recognize that we’re not there yet. There are still places in the world where the wheels of business are greased by money.

Building permits in Mexico might be like that. If the only time a permit is denied is when there’s no payment, I have a hard time working up a visceral anger at the company paying it. Or thinking that the type of payment was for a discretionary benefit. I’m not saying it’s right (remember, I think Walmart should get fined something), but it’s also not the worst thing in the world.

There’s a combination aspect at work here too. I might not accept the “it’s how business gets done here” if it were a true “bribe,” as my gut interprets the word. I have a hard time seeing it as a bribe, so I’m quicker to accept the “it’s the market” excuse.

Again, I’m not saying it’s right, but I am saying that I’m going to save my anger for true bribery cases.

3. Where’s the Harm?

Anyone who has heard me speak on anti-corruption has likely heard my refrain: I hate bribery because it most heavily impacts that segment of the population that can least afford it. The poor, the disenfranchised, the marginalized, all get hit hardest. Roads deteriorate faster, buildings are built with substandard materials (some fall down, on people), small businesses can’t start up, employment rates fall, small bribes become a necessity for people who can’t afford them.

In one market, a new mother can’t get her baby from the nursery without greasing the nurse. As I’ve often said, say what you will about bribery, but can’t we all get together on the idea that “grease the nurse” shouldn’t exist as a concept? That things have gone too far?

So what was the harm to the populace in Mexico? That they can now buy quality goods at cheaper prices? Okay, in a theoretical sense, it perpetuates a culture of corruption that impacts other areas. I get it. But that’s a little too far outside the zone of causation for me to get pissed at Walmart over.

And that’s the bottom line for me. I can’t work up any visceral anger at Walmart. And if I—a person who hates bribery more than most—can’t work up anger at Walmart, I’d submit that their actions weren’t all that bad.

Two other considerations, one in each direction.

First, Walmart’s real problems, in my opinion, were in the corporate governance area rather than the bribery arena. The way the information was handled by Bentonville when it was presented to them is less than satisfactory.

But we haven’t yet criminalized lack of good corporate governance.

The result of Bentonville’s mishandling of the allegations to me should result in Walmart being given no self-disclosure credit. Maybe some undertakings to improve their investigations process. Schedule D stuff. Walmart should also revise their corporate policy to disallow facilitation payments globally.

The second consideration, which plays into why the DOJ should get out now, is something I mentioned up top: facilitation payments are not an affirmative defense, they’re an exception.

Which to me means that the burden of proof is on the government.

This is not an easy case by any stretch for the government. And Chuck Duross—who I’m assuming has taken a personal interest in the case, if not taken it over as one of his cases—is a reasonable guy. He’s not going to bring a case, or even recommend bringing a case, that he knows he can’t prove at trial.

Chuck’s integrity as a prosecutor is Walmart’s ace-in-the-hole.

It’s not going to be an easy case to make. Building permits are specifically mentioned, as I said. Even though there might be a discretionary element, that element is something that Congress had to consider before putting what they did in the statute.

And let’s not forget, for all the political pressure to be harsh on Walmart, there’s got to be a little bit of back-pressure too. After all, no one—especially not a career prosecutor—likes to have their agenda set by a newspaper, even the New York Times.

There’s a possibility there’s more to the story.  The most dangerous thing for Walmart right now, in my opinion, is the investigation they’re forced to conduct.  They might find something.  If they find actual bribery, all bets are off.

Plus, the original article was in the New York Times.  Say what you will about the Times—and I often think of subscribing just so that I can resign my subscription in protest—they set the journalistic agenda for the entire world.  So every reporter in the entire world is looking at Walmart right now. It’s like the world’s most intrusive external auditor poking through your business, without the ethical constraints. So yes, Walmart has incentive to settle. They can’t afford to let it drag on like the News Corp. case.

So both Walmart and the DOJ have good reasons to want to end this soon (like now). Let’s all do the right thing and support a fair conclusion to this fiasco.

FCPA TV: Is Everyone In China a “Foreign Official”

31 May

Further to my piece below on instrumentalities, I recorded this video discussing China, and whether there are 1.3 billion “foreign officials.”


My Issue with the Carson Case: Private, Public, Or Do We Not Care?

7 May

I recently finished reading the Carson briefing—the defendants just filed their reply to the government’s opposition to the motion to dismiss—and it makes for some great reading.

I want to talk out loud, so to speak, about one aspect of the issue.  As my wife says, I want to think it through, out in the open.  One caveat: I’m not an expert on Brady.  I’ve been a state prosecutor, and we had a similar rule, but I’ve never prosecuted a federal criminal case.  So take my invocations of Brady obligations with a large grain of salt.

The issue is whether Control Components, Inc., because it cooperated in the investigation, became a government agent.  If it did, as defense claims, then possibly the government would have a duty to explore CCI’s files for exculpatory information under Brady.  The defendants are arguing that CCI was, that the government didn’t, and therefore there was a constitutional violation requiring dismissal of the indictment.

I don’t know whether 9th Circuit precedent supports defendants’ claims.  It’s fascinating on an intellectual level.  Tinged, for me, with a this-is-an-academic-question aura because I’m pretty well convinced these guys are guilty.  So I’m generally inclined to see a Court deny these motions.

But on an academic level, this is really interesting stuff.  The government charged the Travel Act, and the individual defendants are fighting the case (some of them, anyway; two defendants pleaded guilty recently.)  [ed. note: is it more properly “pleaded guilty” or “pled guilty?”  Please respond in the comments.]

So I don’t know how Judge Selna, or the 9th Circuit if there’s an appeal, will decide this.  But generally?  It’s an interesting thing to think about.

I think it’s possible.  Let’s think it through.

Assume for a moment that if CCI were considered “government,” then the DOJ would have an obligation to search their files for exculpatory information.  I don’t think that assumption is too radical.

The government argues that it’s an easy rule.  The government can’t be responsible for documents in the possession, custody, or control of a third party, no matter how much that third party cooperates in an investigation.

This brings up an interesting side question (I seem to be raising more questions than I can answer, aren’t I?), what about when the government appoints a monitor?  Now all of a sudden, you have a person inside the company, with access, who could arguably be called a government agent.

But the thing that really sticks in my craw is this: under 18 USC § 1001, hasn’t the government said, argued, that lying to a private person who is conducting an internal investigation could be considered lying to the government for purposes of that statute? The US Attorney’s Manual, Criminal Resource Manual § 913 deals with what is a “department or agency,” who can’t be lied to.  The case that’s cited in The Book is US v. Candella.  That was a case where the false statement was made in a form submitted to the New York state government, but it was known by everyone that the program being applied to was a federal program, and the money came from the feds.  That was found to be sufficient.  There are other similar cases (and some too that limit the concept).  But generally, if the feds will be the ultimate recipient of the lie, that could be enough.

This bothers me in reference to the Carson case.  Because how can someone be “government” for purposes of § 1001, and at the same time, not government for purposes of Brady?

Let’s posit this: someone at CCI, during the investigation and knowing that in-house counsel were going to turn the information over to the government, submits two documents to the Company.  The first document is incredibly exculpatory, the second document contains a material falsehood.

As I understand the government’s position, they could argue that they don’t have to search for the first document because CCI isn’t the government, so their Brady obligations don’t attach; and at the same time they could argue that because the documents from CCI’s investigation were government-bound, that the person could be prosecuted for false statements to a federal investigator based on the second document.

I have a problem with that result.

What shocks me is that the Carson defendants never raise this argument.  They talk about bad faith—good luck with that one—and talk about the proper materiality standard, but they don’t talk about the inherent inconsistency in the government’s positions on § 1001 and the charge here.

Am I the only one who sees it like this?  Or am I wrong?  Is it not a problem to say someone is a government agent for one purpose, but not for another?  I keep in mind that the “not for another” here is a constitutional protection for a person whose liberty is at stake.

I don’t have a good answer.  I could be totally off base.

As I said, I’m just thinking out loud.