Winding Down From Compliance Week

My head is full of compliance goodness after spending 2.5 days at Compliance Week 2010. The Mayflower Hotel is a great place for a conference this size, with plenty of places to run into people.

Substance

The agenda was full of great substantive information from fellow compliance professionals. There were sessions on metrics, social media, corporate governance, ROI, organizational structures and communications. There were lots of closed door sessions that have not made their way into the blog, where compliance professionals could have more open discussions without the presence of media or vendors.

On top of that, we heard some great perspectives from top government officials, like Lanny Breur, Gary Grindler, Shelley Parratt, Barney Frank and Luis Aguilar.

Of course the best part of any conference is being able to interact with your peers. This was a great gathering of people in the compliance field.

Matt Kelly, Francine McKenna and Me

Old Friends

For me, it was great to once again spend time face-to face with old friends like Scott Cohen, Matt Kelly, Bruce Carton, Francine McKenna, Melissa Klein Aguilar, Bill Piwonka, Carole Switzer, Kathleen Edmond, and Scott Giordano.

New Friends

One of the great things about have a blog, or micro-blogging on Twitter is being able to get in touch with people prior to meeting them in person and then staying in touch with them.

Here are some of the Twitterati I was finally able to meet face-to-face:

tfoxlaw Tom Fox
@tfoxlaw
http://tfoxlaw.com
David Seide
@davidSeide
Scott Mitchell
@mitchell360
Doug Jacobson
@tradelawnews
Doug Chia
@dougchia

Of course, I met more people who don’t blog or use Twitter. It’s just harder to keep those weak ties.

Behind the Scenes

Gina Imperato, Elizabeth Busch, Anne Frey-Mott, Beckie Jankiewicz and the rest of the Event Studio team did a great job of running the conference, getting the attendees where they need to go and making the speakers look good.

Next year

…..

Revisions to U.S. Sentencing Guidelines for Compliance Programs

At their April meeting, the U.S. Sentencing Commission voted to adopt changes to Chapter 8 of the Sentencing Guidelines Manual. That chapter defines an effective compliance and ethics program and has been one of the sacred texts of the compliance profession.

Here is my summary of the changes:

Changes to §8B2.1

In defining an Effective Compliance and Ethics Program, they are inserting a new Note 6 that focuses on the steps to take after the detection of criminal conduct.

First, the organization must respond appropriately to the criminal conduct, including restitution to the victims, self-reporting and cooperation with authorities.

Second, the organization must assess its program and modify it to make the program more effective. They seem to encourage the use of an independent monitor to ensure implementation of the changes.

Changes to §8C2.5(f)

In calculating the culpability score for having an effective compliance and ethics program, they have removed the near automatic disqualification if the bad actor was  a high level executive. You can get credit, provided you meet the new criteria:

  • the head of the compliance program must report directly to the governing authority or appropriate subgroup (for example, the audit committee of the board of directors),
  • the compliance program must discover the problem before discovery outside the organization was reasonably likely,
  • the organization must promptly report the problem to the government, and
  • no person with operational responsibility in the compliance program participated in, condoned or was willfully ignorant of the offense.

Changes to §8D1.4

The amendment simplifies §8D1.4 (Recommended Conditions of Probation – Organizations) (Policy Statement) on the recommended conditions of probation for organizations. The new section consolidates the list of conditions that are appropriate conditions for probation.

Status of Changes

The changes have to be submitted to Congress and won’t take effect until November 1, 2010. (Unless Congress votes to reject the changes.)

Publication of Changes

You would think that the Sentencing Commission would publish this change on their website or publish a press release. No information about the amendment, the submitted comments or meeting minutes have yet made their way to the website for the United States Sentencing Commission.

Fortunately Susan Hackett of the Association for Corporate Counsel and Melissa Klein Aguilar of Compliance Week were able to alert us and publish a copy of the changes.

Sources:

SEC’s New Enforcement Cooperation Initiative

The Securities and Exchange Commission announced a new initiative encouraging cooperation. They put on a big media blitz. Big enough that they even allowed me to ask a question of SEC Enforcement Director Robert Khuzami.

For the first time, the SEC set out how it will evaluate whether, how much, and in what manner to credit cooperation, to serve as an incentive to report violations and cooperate fully and promptly in enforcement cases.

The SEC will have some new cooperation tools at its disposal:

  • Cooperation Agreements — Formal written agreements in which the Enforcement Division agrees to recommend to the Commission that a cooperator receive credit for cooperating in investigations or related enforcement actions if the cooperator provides substantial assistance such as full and truthful information and testimony.
  • Deferred Prosecution Agreements — Formal written agreements in which the Commission agrees to forego an enforcement action against a cooperator if the individual or company agrees, among other things, to cooperate fully and truthfully and to comply with express prohibitions and undertakings during a period of deferred prosecution.
  • Non-prosecution Agreements — Formal written agreements, entered into under limited and appropriate circumstances, in which the Commission agrees not to pursue an enforcement action against a cooperator if the individual or company agrees, among other things, to cooperate fully and truthfully and comply with express undertakings.

One thing that came out of my discussion with Khuzami (I’m not sure I should call him Rob.) is that the SEC is looking towards the Department of Justice and criminal prosecutions on how to use these tools. But the SEC, as a civil enforcement agency, is not used to having the benefit of these tools.

Plus, the enforcement division can only make a recommendation to the Commission with a cooperation agreement. The Commission can ignore the cooperation and still bring down its full hammer on a someone even if they are a whistle blower and cooperating with the enforcement division. The cooperation message I was hearing from the SEC did not give me the warm fuzzies.

Nonetheless, the new tools should encourage cooperation and be beneficial to SEC Enforcement. For individuals, they have the prospect that they may not be prosecuted. Companies may also induced by being able to avoid the filing of the typical SEC complaint, with pages and pages of misconduct.

To publicize the new cooperation initiative, the SEC even assembled a new Enforcement Cooperation Initiative website. The best publicity will be an individual or company benefiting from cooperation.

Sources:

Compliance Bits and Pieces

Here are some interesting stories from the past week:

Compliance Surprises in Cuba’s Closed Economy by Alexandra Wrage on the WrageBlog

Companies enjoying any success in Cuba have partnered with savvy locals who guide them through the dense, opaque bureaucracy. Such companies must convince the government that they are there for the long haul. They cultivate relationships and, invariably, they sponsor charity cigar auctions or kids’ “go-kart” rallies. But, by all reports from many sources, they don’t pay bribes.

Five Common Mistakes in Internal Investigations by Tim Mohr and Nidhi Rao for Directorship

Warren Buffett put it best when he said, “It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you’ll do things differently.” This statement could not be more relevant today. It takes only one person to tarnish an organization’s reputation. Not only is the current turbulent economy affecting the corporate bottom line, but if past history is any indicator, businesses can anticipate it to lead to an increase in incidents of fraud. As a result of the SEC, regulators, stakeholders and the public paying closer attention to the way an organization functions, organizations and corporate directors need to be diligent when conducting internal investigations.

Wall Street Meets the Wire by Gail Shifman on the White Collar Crime Prof Blog

In this case [against billionaire hedge-fund manager Raj Rajaratnam], however, the legal issue regarding the use of wiretaps that immediately jump to the surface is the question about whether The Federal Wiretap Act specifically authorizes the interception of electronic recordings for alleged security fraud violations (Title 15 U.S.C. §§ 78j(b) & 78ff and Title 17 C.F.R. §§ 240.10b-5 & 240.10b5-2) as charged in the criminal complaint. These statutes are not specifically enumerated in Title III, 18 U.S.C. § 2516, which provides the authorization for electronic interception. Wire and mail fraud (18 U.S.C. §§ 1341 & 1343) anti-trust violations, money laundering and numerous other offenses are listed, but not securities fraud. Chances are good that the government could have charged these defendants with wire fraud but were they scared away by the fact that the Skilling, Weyrauch, and Black cases are on review before the Supreme Court? One would think (hope?) that the government has preliminarily determined that section 2516 provides them with the authorization they need lest they find themselves licking self-inflicted wounds.

Facilitation Payments Still Leave Companies Vexed By Melissa Klein Aguilar for Compliance Week

A survey conducted by TRACE International shows some companies are prohibiting facilitation payments—colloquially known also known as “grease payments”—which are given to induce foreign officials to perform routine functions they’re already obligated to perform, such as issuing licenses or permits and installing telephone lines. In theory, such payments simply nudge foreign officials to do their jobs more promptly.

In practice, however, the line between a permissible facilitation payment and an illegal bribe can be very blurry. And to complicate matters, while the United States, Canada, Australia, New Zealand, and South Korea allow their citizens to make facilitation payments, they are illegal under local law in every country in which they are actually paid.

Bits and Pieces on Compliance

Here are a few stories and items that caught my eye recently, but I have not had time to build-out to a full post:

Role of Federal Sentencing Guidelines in FCPA Cases from the WrageBlog

Given the tremendous fines imposed upon Siemens AG and Kellogg Brown & Root LLC (“KBR”) in the past 10 months, many have asked how the DOJ calculates criminal fines in FCPA cases and how statutory penalties and the United States Sentencing Guidelines (“U.S.S.G.”) interact in that calculation.

Behind the Numbers: The Anatomy of a Ponzi Scheme from The Fraud Guy

Many articles have been out in the press since Ponzi schemes have begun unraveling over the course of the last year which either describe Ponzi schemes inaccurately or really don’t help the public understand how the schemes actually work and what happens with the money.  This article (publication pending), “The Anatomy of a Ponzi Scheme” may help people understand how Ponzi schemes and their orchestrators work.

Complying With Mass. Data Security Regs Proves Costly from Melissa Klein Aguilar for Compliance Week

For those organizations already tackling the task of complying with a new Massachusetts data security regulations that are currently slated to take effect March 1, compliance is proving costly, a recent survey shows. . .  A joint survey of more than 200 members of the International Association of Privacy Professionals conducted by the IAPP and the law firm Goodwin Procter found that 33 percent of the organizations polled have already spent more than $50,000 on complying with the rules.

Massachusetts Holds Public Hearing on Information Security Regulations — Regulators Contemplating Additional Revisions in Final Rulemaking from Security, Privacy and The Law

The Massachusetts Office of Consumer Affairs and Business Regulations (OCABR) held a public hearing in connection with its promulgation of revisions to the Commonwealth’s information privacy regulations, 201 CMR 17.00. The standing-room-only crowd endured a modest, unventilated conference room in the Transportation Building to make comments on the stringent regulations. OCABR Undersecretary Barbara Anthony led the meeting with OCABR Deputy General Counsel Jason Egan and Assistant Attorney General Diane Lawton. The principal author of the original regulations, OCABR General Counsel David A. Murray, could also be seen in the audience.

Due Diligence Failure Leads to SEC Enforcement Action? from Mark J. Astarita of SECLaw.com

The SEC has charged Detroit-area stock broker Frank Bluestein with fraud, alleging that he lured elderly investors into a $250 million Ponzi scheme.

Lehman Bankruptcy Court Declares “Bankruptcy Default” Under Swap Agreement To Be Unenforceable from Goodwin Procter

On September 17, in one such closely watched matter, U.S. Bankruptcy Judge James Peck ordered Metavante Corporation (“Metavante”), a counterparty to Lehman Brothers Special Financing (“LBSF”) in an interest rate swap transaction in which Lehman Brothers Holdings, Inc. (“LBHI”) is the credit support provider, to perform its obligations to pay quarterly fixed amounts owing under the transaction, notwithstanding the bankruptcies of LBSF and its parent. Judge Peck concluded that Metavante could not rely solely on the filing of the Lehman bankruptcy cases to refuse to make payment to Lehman while also not terminating the agreement.

Some of these have been in my personal Twitter feed (@dougcornelius) or my Posterous (Compliance Building’s Posterous).

In-House Counsel as Whistleblowers under SOX

whistleblower

Section 806 of the Sarbanes-Oxley Act (18 USC §1514A) expressly authorizes any “person” alleging discrimination based on protected conduct to file a complaint with the Secretary of Labor and, thereafter, to bring suit in an appropriate district court. There is no exception for lawyers or in-house counsel.

Recently, the Ninth Circuit tackled this issue in the case of Van Asdale v. International Game Technology.

Shawn and Lena Van Asdale were in-house counsel for IGT. As part of the merger of IGT with another company, the Van Asdales raised some issues regarding the validity of a valuable patent owned by IGT. They thought the patent issue should be disclosed in connection with the merger. Their bosses thought otherwise and fired them instead.The Van Asdales sued, asserting a whistleblower claim under the SOX because they were terminated for reporting possible shareholder fraud in connection with that merger.

What About Legal Ethics Restrictions?

IGT argued that the Van Asdales were prohibited from filing suit because of  their ethical obligations as Illinois-licensed attorneys. There is some Illinois law that “in-house counsel do not have a claim under the tort of retaliatory discharge.” Balla v. Gambro, Inc., 584 N.E. 2d 104 (Ill. 1991). However, this case is based on federal law, not Illinois law. So the court rejected that argument.

What About Attorney-Client Privilege?

The Van Asdale’s case is based on a conversation the two had with their boss regarding a pending litigation matter involving the company. To bring the case, they have to disclose information subject to the attorney-client privilege.

The Court looked at Section 806 of the Sarbanes-Oxley Act (18 USC §1514A) which expressly authorizes any “person” alleging discrimination based on protected conduct to file a complaint. Since there is no exception, in-house counsel should not be prevented from bringing a claim. There are ways to protect information. The trial court should “use the many ‘equitable measures at its disposal’ to minimize the possibility of harmful disclosures, not to dismiss the suit altogether.”

What About the Substance of the SOX Claim?

Beyond the attorney-client privilege in the case, there was also a disagreement of the standards for the claim under the whistleblower protections of SOX.

The plaintiffs only needed to show that they reasonably believed that there might have been fraud and were fired for suggesting further inquiry. Section 1514A prohibits discriminating  against an employee for “provid[ing] information . . . regarding any conduct which the employee reasonably believes constitutes a violation of” a listed law. So an employee “must have (1) a subjective belief that the conduct being reported violated a listed law, and (2) this belief must be objectively reasonable.”

References:

Image is by HughElectronic: Whistleblower. http://www.flickr.com/photos/hughelectronic/ / CC BY 2.0

New Liability Under the FCPA: Control Person Liability

natures-sunshine

The SEC charged Nature’s Sunshine Products Inc. with violating the Foreign Corrupt Practices Act after its Brazilian subsidiary made cash payments to customs officials to get their products imported into the country. The SEC also included two officers of the company in those charges. That part of the case was fairly standard.

What was new was that that the officers were not accused of being directly involved in creating the false books and records or authorizing the payment of the bribes. Instead, the SEC used Section 20(a) of the Exchange Act, which provides for control person liability.

Every person who, directly or indirectly, controls any person liable under any provision of this title or of any rule or regulation thereunder shall also be liable jointly and severally with and to the same extent as such controlled person to any person to whom such controlled person is liable, unless the controlling person acted in good faith and did not directly or indirectly induce the act or acts constituting the violation or cause of action.

It sounds like the SEC really wanted to get these two officers but did not have enough evidence to show their direct involvement in the bad acts. It really shows the SEC’s willingness to use all the tools at its disposal to hold individuals liable for acts within a company. They want corporate officers to know that there is personal liability associated with their bad acts.

This case may foreshadow broader SEC enforcement against corporate officers who fail to adequately supervise employees.

References:

Updates to Compliance and Disclosure Interpretations

sec-seal

The staff of the Securities and Exchange Commission’s Division of Corporation Finance has updated a bunch of Compliance and Disclosure Interpretations.

Here are a few questions that caught my eye, with a snapshot of the answer. Follow the question’s link for the complete answer.

There are many more new and revised questions under the Securities Act Sections, Rules and Forms, Regulation S-K, Exchange Act Sections, Section 16 and Regulation FD.

Securities Act Sections

Question 103.04: Where the offer and sale of convertible securities or warrants are being registered under the Securities Act, and such securities are convertible or exercisable within one year, must the underlying securities be registered at that time?

Answer: Yes. . . .

Question 139.28: Must offers and sales be suspended during the waiting period of a post-effective amendment to an effective registration statement?

Answer: Offers and sales must be suspended if the post-effective amendment is filed for the purpose of a Section 10(a)(3) amendment and the prospectus is already stale for Section 10(a)(3) purposes. . . .

Securities Act Rules

Question 212.05: Can a registration statement under Rule 415 be declared effective without an opinion of counsel as to the legality of the securities being issued when no immediate sales are contemplated?

Answer: No. However, . . .

Securities Act Forms

Question 130.14: The Item-by-Item instructions for Item 7 of Form D indicate that an issuer must enter the date of the first sale of securities in the offering if the issuer is filing a “new notice.” If an issuer is filing an amendment to a Form D filing, must the issuer provide current information about the date of first sale in the amendment?

Answer: Yes. Rule 503(a)(4) provides that an issuer that files an amendment must provide current information in response to all requirements of the form, regardless of why the amendment is filed. For example, if, in the original Form D, the issuer indicated that the first sale has “Yet to Occur” and if, by the time of the amendment, the date of first sale is known, then the issuer must disclose the actual date of first sale in the amendment.

Regulation FD

This is an all new collection of CD&’s for Regulation FD.

References:

California Adopts e-Discovery Rules

California

Never mind the budget crisis or handing out IOUs, California has passed its own Electronic Discovery Act. California joins the 30 other states that have decided to include provisions in their rules aimed directly at the discovery of Electronically Stored Information.

The Act amends the California Code of Civil Procedure by expressly permitting discovery of electronically stored information. The goal is to improve discovery measures during litigation and to avoid undue involvement by the court in resolving e-discovery disputes. The Act defines Electronically Stored Information as “information that is stored in an electronic medium” and defines “electronic” as “relating to technology having electrical, digital, magnetic, wireless, optical, electromagnetic, or similar capabilities.”

California’s new e-discovery rules closely parallel the federal version. The Act primarily applies the existing rules in the California Civil Discovery Act to ESI and establishes procedures to request and respond to e-discovery.

California’s Electronic Discovery Act is similar to the Federal Rules. The California act also has  Federal Rules safe harbor for the failure to produce Electronically Stored Information.  “Absent exceptional circumstances, the court shall not impose sanctions on a party or any attorney of a party for failure to provide electronically stored information that has been lost, damaged, altered, or overwritten as a result of the routine, good faith operation of an electronic information system.” Cal. Code of Civil Procedure 1985.8 (l)

California Governor Arnold Schwarzenegger signed the Act on June 29 and it goes into effect immediately.

References:

Code of Civil Procedure

Associational Retaliation Claims

retaliation

Most companies have some form of non-retaliation policy for employees who make a good faith report of a problem. But what if the company retaliates against someone else instead? That was the situation presented in a recent court case: Thompson v. North American Stainless. A woman and her fiancee worked at the same company. She complained and they fired him.

Factual Background:

The plaintiff, Eric Thompson, claimed he was fired in retaliation for his fiancee’s discrimination charge. Thompson met the woman, Miriam Regalado, at work. In 2002, Regalado filed a charge with the EEOC alleging that she was discriminated against because of her gender. At the time of Thompson’s termination, he and Regalado were engaged to be married, and their relationship was common knowledge at North American Stainless.

The Problem

Title VII of the Civil Rights Act says an employer may not fire, demote, harass or otherwise “retaliate” against an individual for filing a charge of discrimination. Most companies have a policy that takes the same position for reporting other violations of company policy or illegal acts.

Clearly if the company had fired Regalado, the fiancee, they would have broken the law. But is it still “retaliation” if you fire a close friend or relative? (That’s associational retaliation.)

The Result

No, at least under Title VII of the Civil Rights Act. The Court relied on the plain language of the statute limiting the class of persons authorized to sue for retaliation to those who opposed an unlawful employment practice; made a charge; or testified, assisted, or participated in any manner in an investigation, proceeding, or hearing. The statute does not authorize a retaliation claim by a plaintiff who did not himself engage in protected activity.

But . . .

The Court did note that Thompson’s fiancee, who filed the original discrimination charge, could have filed a retaliation complaint herself alleging that the termination of Thompson in response to her protected activity was an adverse employment action against her. There is no background on why she didn’t do that.

Companies should be careful of these potential associational retaliation claims when dealing with its complaint process

Resources: