Compliance Bits and Pieces for Nov. 13

Here are some stories that caught my eye over the past week:

A Morgan Stanley star falls in China By George Chen and Steve Eder for Reuters

His downfall, however, was just as precipitous. Morgan Stanley fired Peterson in December amid suspicions that he had violated the U.S. Foreign Corrupt Practices Act, a law meant to crack down on bribes being paid to public officials overseas.

Morgan Stanley, which voluntarily reported the case to the U.S. authorities, declined to comment on its specifics.

After a nine-month internal investigation, the bank has turned its findings over to the U.S. Department of Justice and U.S. Securities and Exchange Commission, which have opened their own probes, according to an investor letter obtained by Reuters.

Pin the Credit on Someone Else by Charles H. Green for Trust Matters

A willingness to pin the credit on another is a deceptively simple way to achieve several goals. First—as Rebecca’s example perfectly shows—it can often get things done faster, breaking a logjam by bringing in a third party or an appeal to authority.

Second, it signals a willingness to subordinate your own ego—something as valuable as it is rare in consultative and sales and support people. The client picks up that signal very clearly.

Third, it signals something to the credited party too. It says you recognize and value them, and that you’re willing to do them a favor. And favors invite reciprocal favors.

Fourth, that whole favor-giving thing requires a time perspective longer than the transaction at hand. By showing you’re willing to play that game, you suggest a plethora of ways to work together going forward. You can collaborate.

Just because … inspiration can come from my 4th grader by Heather Milligan of The Legal Watercooler

1. Differentiate yourself without tearing down your opponent.

2. Be friendly. People like to hire and work with people who are friendly. Yes, there is always a need for the bull-dog litigator, but be the guy or gal that your client would enjoy having a beer with, taking in a game, or hanging out until 3:00 a.m. in trial preparation.

EPA: Video Takedown order was about ethics, not content by Darren Goode for Congress Daily

The Environmental Protection Agency’s top lawyer says the agency is not censoring two of its California-based attorneys who posted a YouTube video criticizing the Obama administration’s backing of a House-passed climate bill. But the two attorneys were asked to either take down the video or edit out references to their work with EPA because they violated government ethics standards.

Exploring the Ethics of Swine Flu by Lauren Bloom

The answer may be for employers to stop expecting workers to come in when they’re seriously ill with a contagious disease. Unfortunately, the American work ethic (a marvelous thing in many respects) is so strong that any employee who misses more than a day or two risks being permanently branded as a slacker. That attitude needs to change. If diseases like swine flu can’t be prevented, then workers shouldn’t be punished for coming down with them.

Why Insider Trading Is Hard to Define, Prove and Prevent from Knowledge@Wharton

Generally, insider trading means profiting on “material, non-public information.” It can be committed by an insider, such as a company executive, or an outsider who gets information from an insider. Merely obtaining inside information is not illegal. A journalist, for example, can use inside sources to glean earnings data before it is disclosed and legally use it for a story. But the reporter would be breaking the law if he used that knowledge to buy the firm’s stock before an announcement drove the price up.

FCPA: Overcoming the Toughest Issues

FCPA panel

Bruce Carton and SecurtiesDocket presented this informative webinar. The panelists were:

securitiesdocket

Hank Walther, Dept. of Justice
Larry Urgenson, Kirkland & Ellis
– Elliot Leary, KPMG Forensic
– Phil Desing, KPMG Forensic

The panel started of with parallel international investigations. This is a new topic because for years there was no other country enforcing anti-bribery laws. There are some limitations on investigations. In particular, there is the secrecy of grand jury information. The Justice Department is willing to get a court order for the benefit of a foreign government’s prosecution.

As for self-reporting in jurisdictions outside the US, the panelists see instances of disclosures to other governments. Companies want a one stop shop for disclosure.

Due diligence on agents, distributors, and in connection with M&A activity continues to be a challenge, In a KPMG Survey, 82% respondents found performing effective due diligence on foreign agents/third parties “somewhat” to “very” challenging. Two of the three DOJ FCPA opinion releases in 2008 address merger and acquisition due diligence matters: 08-01 and 08-02.

Of course, the current global financial crisis may increase opportunities for corruption, given the greater competitive atmosphere and fewer resources being available.

You want to conduct proactive due diligence. Require the third party to fill out a Questionnaire that will include among other things, FCPA representations and warranties, disclosure of government affiliations, employment information, company ownership. Conduct media and public record searches. Also conduct due diligence evaluations on company personnel. Agreements should contain FCPA specific language, including audit rights.

In high risk countries, be sure to focus on the safety of your employees. If there is a concern for physical safety, pay and get out.

After an acquisition, make sure that you quickly roll out your policies and procedures. Start the monitoring as soon as you can.

References:

The Dark Side of Aggressive Goal Setting in the Workplace: A Shortcut to Unethical Behavior

ordonez

EthicsPoint sponsored a webinar by Dr. Lisa Ordóñez, University of Arizona, Professor of Management and Organizations in the Eller College of Management at The University of Arizona

“Applied managerial experience and hundreds of academic research studies have catalogued the positive impacts of goal setting on performance. Challenging, specific goals compared to instructions to “do your best” have been shown to increase effort, persistence, and performance. Goal setting theory has led to consultants training managers on how to use SMART (Specific, measurable, attainable, realistic, and timely) goals in their organizations. However, as Ordóñez, Schweitzer, Galinsky, & Bazerman (2009a, 2009b) point out, goals can have systematic, negative effects and can focus attention too narrowly, increase risk taking, and lead to unethical behavior.”ethicspoint-logo

These are my notes from the webinar.

Dr. Ordóñez discussed some of the findings from her research where she found that goal-setting can lead to bad results and bad outcomes.

She started with some examples of how goal-setting ended up with bad results.

Why is hard to find a cab on rainy days in New York? The cabdrivers go home early. Their goal each day is to reach 2X their cost. They reach the goal faster on rainy days, so they go home earlier. they could have made money if they worked a full day.

General Motors focused on reaching 29% of the US Market. Executives even wore lapel pins with “29” on them. They focused on hitting the number (for example offering short term incentives) and not the long term goals of the company.

Fannie Mae was looking to expand the home ownership by low-income people. That resulted in them underwriting riskier loans.

Billable hours and ethics. If management sets utilization goals, people are more likely to pad their hours.

They ran a lab experiment in 2004 that tested people on test-taking. participants checked their own work. When the goal was to “do their best” their was less cheating than when their was a specific goal for correct answers.

She raised some questions to ask before setting goals:

  • Are the goals too specific? Narrow goals can blind people to important aspects of a problem.
  • Are the goals too challenging?
  • Who sets the goal? People are more committed to goals they help to set.
  • Is the time horizon appropriate? Short term goals can hurt long term performance.
  • How might the goals influence risk taking? Unmet goals may induce risk taking.
  • How might goals motivate unethical behavior?
  • Can the goals be tailored for individual abilities while preserving fairness?
  • How will the goals influence organizational behavior?
  • Are individual intrinsically motivated? People may not like the activity anymore when their a goal tied to the activity.
  • What type of goal is most appropriate given the ultimate objective? By focusing on the goal, employees may fail to search for better strategies.

So how do you motivate employees without goals?

You don’t. You can only link to what the employee wants to the desired performance.

Goals can be effective for direct effort, they can communicate the values of the organization and are very useful for menial tasks that simply need to be completed.

She ends with a warning:

goals warning

Thanks to EthicsPoint (my company’s hotline provider) for putting on this great webinar.

References:

National Data Privacy Laws Move Forward

I'm just a bill from Schoolhouse Rock

With last week’s further revisions to the Massachusetts Data Privacy Law [Massachusetts Amends Its Strict Data Privacy Law (Yet, Again)], people are wondering if the federal government is going to step into the space and create a national standard. Most states have enacted some form of data breach or data privacy law, crating patchwork of laws across the country.

I found three separate bills moving through the legislative process: Data Accountability and Trust Act (H.R. 2221), Personal Data Privacy and Security Act of 2009 (S.1490), and The Data Breach Notification Act (S. 139)

Data Accountability and Trust Act (H.R. 2221)

This bill was in the House Committee on Energy and Commerce and referred to the Subcommittee on Commerce, Trade and Consumer Protection. They recommended it be considered by the House as a whole on September 30.

This act would requires the Federal Trade Commission to promulgate regulations requiring each person engaged in interstate commerce that owns or possesses electronic data containing personal information to establish security policies and procedures.

Personal Data Privacy and Security Act of 2009 (S.1490)

Last week, the Senate Judiciary Committee approved the Personal Data Privacy and Security Act of 2009 by a vote of 14-5, sending the bill to the full Senate for consideration.

This act would amends the federal criminal code to: (1) make fraud in connection with the unauthorized access of sensitive personally identifiable information (in electronic or digital form) a predicate for racketeering charges; and (2) prohibit concealment of security breaches involving such information.

This law would preempt state regulation in this area.

The Data Breach Notification Act (S. 139)

Last week, the Senate Judiciary Committee approved the Data Breach Notification Act by a vote of 14-2, sending the bill to the full Senate for consideration.

This act would requires any federal agency or business entity engaged in interstate commerce that uses, accesses, or collects sensitive personally identifiable information, following the discovery of a security breach, to notify: (1) any U.S. resident whose information may have been accessed or acquired; and (2) the owner or licensee of any such information that the agency or business does not own or license.  The notice must be given “without unreasonable delay” following discovery of the breach.

It also authorizes civil actions by state attorneys general to enforce the act. This act would supersede any other provision of federal law or any provision of law of any state law relating to notification by a business entity engaged in interstate commerce or an agency of a security breach.

These are just bills, so it’s hard to tell what may happen to them. The clock is ticking. The Massachusetts data security law goes into effect on March 1, 2010.

Another Private Fund Registration Bill

I'm just a bill from Schoolhouse Rock

As expected, Senator Dodd introduced a comprehensive bill for revising the regulatory system for the U.S. financial services industry.
Restoring American Financial Stability Act of 2009.pdf-icon

You can tell its comprehensive because the discussion draft weighs in at 1,136 pages. I have not read all of it, but I did focus in Title IV: Regulation of Advisers to Hedge Funds and Others, also labeled as the Private Fund Investment Advisers Registration Act of 2009. This is apparently the Senate counter-proposal to the House version passed by the House Financial Services Committee at the end of October: Private Fund Investment Advisers Registration Act is Passed by House Committee.

What are some of the differences between the House bill and the Senate bill:

Exemption level. The Senate bill has a threshold of $100m assets under management, the House bill an exemption for “small” funds under $150m.

Venture Capital. The Senate bill exempts both venture capital and private equity funds, the House bill only venture capital funds. Neither bill makes any attempt to define a “venture capital fund” or a “private equity fund.”

Reporting Requirements. Both bills contain similar requirements for funds to regularly report in certain basic information to the SEC, including information about the amount of assets under management, the use of leverage, counter-party risk exposure etc.

Investor Qualifications. The Senate bill contain provisions to continually update the accredited investor qualification standard to keep pace with inflation.

Further Study. The Senate bill provides for a further study regarding the feasibility of a hedge fund self-regulatory agency, the state of short-selling in the market, and the appropriate level for the accredited investor standard.

Independent Custodian Requirement. The Dodd bill calls for an independent custodian to be used by hedge funds to hold client assets.

The Restoring American Financial Stability Act of 2009 would also create a single bank regulator, provide for self-funding the SEC, and establish a new consumer financial protection agency and install plethora of other changes.

What does this mean for the likelihood of mandatory registration of private investment funds? It’s much more likely. But the venture capital exception and private equity exception are potentially very big. Of course that will depend on how the SEC defines these terms.  It also shows that the House and Senate are taking very different approaches to financial regulation. The House is looking at a series of small bills to fix some of the holes. The Senate is looking for a comprehensive change.

(Not to be a cynic, but Senator Dodd is up for re-election in 2010. I would guess that he is looking for a big new law to tie to his name and his re-election campaign. Not that it is bad. Just politics. Critics Question Dodd’s reform proposal.)

References:

Salute a Veteran

Veterans-Day-2009

U.S. President Woodrow Wilson first proclaimed an Armistice Day for November 11, 1919.

“To us in America, the reflections of Armistice Day will be filled with solemn pride in the heroism of those who died in the country’s service and with gratitude for the victory, both because of the thing from which it has freed us and because of the opportunity it has given America to show her sympathy with peace and justice in the councils of the nations…”

The United States Congress passed a resolution seven years later on June 4, 1926, requesting the President issue another proclamation to observe November 11 with appropriate ceremonies. An Act approved May 13, 1938, made the 11th of November in each year a legal holiday:

“a day to be dedicated to the cause of world peace and to be thereafter celebrated and known as ‘Armistice Day’.”

Congress amended this act on November 8, 1954, replacing “Armistice” with Veterans, and it has been known as Veterans Day since.

My thoughts go out to Marine Corps Corporal Jason Cohen

Trust and Financial Regulation

colombo

Ronald J. Colombo of Hofstra University School of Law wrote a great paper on The Role of Trust in Financial Regulation.

Trust is an important part of our financial markets. Scandals, massive incompetence, massive irresponsibility, massive fraud, have shaken trust in the financial markets. Commentators, policy makers, and industry leaders have all recognized the need for trust’s restoration.

Consistent with financial scandals in the past, the public officials are looking for increased regulation to restore trust in the markets. The last round of financial scandals in the Enron-WorldCom era brought us Sarbanes-Oxley.

Professor Colombo thinks the advocates for increased regulation have it half right.

“A critical set of questions should be considered. Can regulation serve to bolster and repair relationships dependent upon trust? And in the absence of trust, can regulation serve as an effective substitute to trust? In short, are there limits to the ability of regulation to resuscitate an economy that has suffocated due to lack of trust?

Conversely, can regulation work to “crowd out” trust, effectively transforming relationships that once were close and trustworthy to arm’s length and legalistic? Could regulation serve to displace relationships of trust with transactions subject merely to the “morals of the marketplace”?”

The Role of Trust in Financial Regulation applies trust scholarship to examine the current U.S. financial regulatory regime and some of the proposed reforms. I focused on a few sections.

Private Offering Regulation

In addressing the difference in treatment between the regulation of public offerings and private offerings, Mr. Colombo thinks the difference can be justified on grounds relating to the issue of trust.

A private offering is more like a personal contract between the issuer and the investor, free of public advertising. Also, a private offering is more likely to have a pre-existing relationship. “Interpersonal relationships and communications are conducive to such trust, and such relationships and communications are often found among the parties to a private offering.”

He concludes that the current regulation of private offering strikes the correct balance from a trust-favoring perspective.

Regulation of Investment Advisers

I found it interesting that Mr. Colombo spends some time focused on the 15 client rule exemption from registration. He finds that much of the investment adviser regulation has developed a heavy band of regulation that “can crowd out trust in a relationship, converting expectations and behavior based upon honor and integrity to those based on the letter of the law.”

Investment advisers with a small number of clients can have “closer, more personal and more lasting relationships with their small number of clients than those advisers with a much larger client base.” The small adviser exemption from regulation when you have fewer than 15 clients facilitates the trust aspect.

The Private Fund Investment Advisers Registration Act, just approved by the House Financial Services Committee, eliminates this exemption.

Hedge Funds

From a trust perspective, Mr. Colombo thinks the lack of hedge fund regulation seems sensible. As with the world of investment advisers, the hedge fund industry is marked by repeat players. Frequent and historical interactions among the parties can “lay the foundation for affective and generalized trust to develop.” After all, the original legislative intent of the U.S. securities laws was to protect the layperson, unfamiliar with the financial markets, with sophisticated investors fending for themselves. Give the high financial thresholds for investment in private funds, the investors are either sophisticated or have easy access to sophisticated investment advice.

Regulatory Reforms

Mr. Colombo does not seem to like the removal of the small adviser exemption from investment adviser regulation. For larger advisers, the increased disclosure and reporting requirements may be a good things.

As for hedge funds he thinks that hedge funds currently operating successfully on the basis of trust, with little regulation, have little to benefit their investors by registering with the SEC  and submitting themselves to the regulatory oversight. However, for funds that have not been able to develop that trust, voluntarily registering and submitting themselves to the regulatory oversight could help develop that trust. (I’m skeptical that investors think SEC registration carries any value in the world of private funds.)

The paper concludes that the existing financial regulatory regimes do a pretty good job with our understanding of trust. Greater regulation is imposed upon those sectors of the financial services industry where such regulation is trust enhancing, and lesser regulation is imposed upon those sectors where such regulation is trust defeating.

“In those areas where high quality trust relationships exists (or have the greatest potential to exist), we have, relatively speaking, the lowest levels of regulation: private offerings, investment advisers, and hedge funds. In those areas where only lower quality trust relationships are likely to exist (that is, relationships of cognitive and specific trust), we witness the highest levels of regulation: public offerings, secondary market trading, and banking.”

He also points out the more important areas of the capital markets are more heavily regulated. After all, we cannot wait to see if trust can be developed if the failure will lead to a systemic breakdown. The turbulence after the Lehman collapse was in part caused by the lack of trust. Nobody was sure if they could trust the stated financial stability of their counterparty.

References:

Colombo, Ronald J., Trust and Financial Regulation (October 1, 2009). Villanova Law Review, Forthcoming; Hofstra Univ. Legal Studies Research Paper No. 09-22. Available at SSRN: http://ssrn.com/abstract=1481327

Some other references from The Role of Trust in Financial Regulation:

Copyright and Compliance

strange maps

I am a big fan of maps. I work for a real estate company, so that should not be surprising. Pictures can usually put information into better context than mere words.

Frank Jacobs, just published a book: Strange Maps: An Atlas of Cartographic Curiosities.

In an interview with Annika Mengisen on the Freakonomics blog, Mr. Jacobs pointed out an interesting compliance technique to deal with copyright and piracy.

When asked about any strange facts about maps that most people might not know?, he replied:

“I don’t know how obscure this fact is, but the London A-Z contains a fictional street on each of its pages, in order to catch out copycats.”

The authors used a little counter-intelligence to ferret out content thieves.

References:

OFAC has Released its Economic Sanctions Enforcement Guidelines

treasury

The final Office of Foreign Assets Control. This rule sets forth the Enforcement Guidelines that OFAC will follow in determining an appropriate enforcement response to apparent violations of the U.S. economic sanctions programs that OFAC enforces.

The final rule will appear as an Appendix to the Reporting, Procedures and Penalties Regulations, 31 C.F.R. Part 501.

These are the new General Factors that OFAC will consider in determining the appropriate administrative response:

  • Willful or Reckless Violation of Law
    • Willfulness
    • Recklessness
    • Concealment
    • Pattern of Conduct
    • Prior Notice
    • Management Involvement
  • Awareness of Conduct
    • Actual Knowledge
    • Reason to Know
    • Management involvement
  • Harm to Sanctions Program Objectives
    • Economic or Other Benefit to the Sanctioned Individual, Entity, or Country
    • Implications for U.S. Policy
    • License Eligibility
    • Humanitarian activity
  • Individual Characteristics
    • Commercial Sophistication
    • Size of Operations and Financial Condition
    • Volume of Transactions
    • Sanctions History
  • Compliance Program
  • Remedial Response
  • Cooperation with OFAC
  • Timing of apparent violation in relation to imposition of sanctions
  • Other enforcement action
  • Future Compliance/Deterrence Effect
  • Other relevant factors on a case-by-case basis

The Guidelines are the final rule and replace the Guidelines previously promulgated as an interim final rule with request for comments on September 8, 2008.

References:

International Fraud Awareness Week

International Fraud Awareness Week

November 8-14, 2009 is International Fraud Awareness Week. This weeklong campaign, sponsored by the Association of Certified Fraud Examiners, encourages business leaders and employees to proactively take steps to minimize the impact of fraud by promoting anti-fraud awareness and education.

Test your knowledge about fraud with this Fraud IQ Test, which includes 20 actual questions from the CFE Exam

Fraud Prevention Check-uppdf-icon
How vulnerable is your company to fraud? Do you have adequate controls in place to prevent it? Find out by using the ACFE’s Fraud Prevention Check-Up, a simple yet powerful test of your company’s fraud health.

Managing the Business Risk of Fraud: A Practical Guide
This guidance paper, developed jointly by the ACFE, IIA and AICPA, provides key principles for proactively establishing an environment to effectively manage an organization’s fraud risks. It also provides tools, recommendations and real-life examples of how fraud risk management principles are applied.