Joe Murphy – Compliance & Ethics Professional – July 2017
Every day, it seems, we read about another major company facing criminal charges or committing other types of improper actions. We hear about large fines, maybe individual managers being charged, and, perhaps, a tough compliance program being imposed. We may read the details of how the misconduct occurred. From this we get important information about missteps our own clients need to avoid. We also hear about how a company may have cooperated with the government, and how this resulted in reduced penalties.
Too often, though, we hear nothing about the specifics of the company’s compliance program and whether there was some law that allowed the violation. In today’s environment, when trouble strikes a major company, it is highly likely that this company had a compliance program. But, while we may learn the details of the violation and how the company cleaned house and cooperated, we also need to learn about any laws in the compliance program that tied in with the violation.
Let’s say, for example, a company engages in bribery in South America. We may know who handled the bribes, what contracts were affected by the corrupt practices, and how the company reacted when it learned of the violation. We may read that the government required the company to implement a revamped compliance program. But there is much more we need to know. Were there any compliance managers in the South American subsidiary? Did they report to a chief ethics and compliance officer who was empowered and reported directly to the board? Were the managers’ incentives tied into the compliance program? Was there a system for monitoring corruption red flags at this location? Were disciplinary cases publicized throughout the company so employees knew what conduct was not tolerated?
In the business literature, there is coverage of the major corporate failures. Thus there were over a half dozen books about Enron. There are stories about the specifics of managers’ wrongdoings and case studies for business students to learn the ropes. But it seems none of this addresses how compliance programs may have failed and what lessons should be learned.
On the positive side, in the Morgan Stanley Foreign Corrupt Practices Act case, compliance managers could see what steps impressed the government. Certainly this made it easier for us to urge our managers to take these types of compliance steps. But, as is true in life generally, there is also a great deal to learn from failures.
It is likely that no one has much appetite for this. Companies want to put their violations “behind them,” with no further attention to what happened. Prosecutors want to bring the guilty parties to justice and move on. But we would all bene t from a forum that described those instances where compliance programs failed, as lessons for our own programs.
This article first appeared in Compliance & Ethics Professional.