This week I have been exploring the General Cable Corporation (General Cable) Foreign Corrupt Practices Act (FCPA) enforcement action. It was settled with the Department of Justice (DOJ) via a Non-Prosecution Agreement (NPA) and the Securities and Exchange Commission (SEC) via a Cease and Desist Order (General Cable Order). There was also the resolution of a civil charge by the SEC against a former General Cable executive, Karl Zimmer, via a Cease and Desist Order (Zimmer Order). The fines and penalties paid by General Cable were not insignificant. The company paid a $20MM fine based upon its criminal conduct and paid another $51MM in profit disgorgement. Finally, based upon the conduct laid out by the SEC in the General Cable Order, the company was assessed another $6.5MM for violations of the FCPA’s accounting provisions. The $20MM figure reflects a 50% discount off the bottom of the US Sentencing Guidelines fine range, demonstrating that as bad as the underlying bribery and corruption may have been, the DOJ will give significant credit when the company meets the requirements under the FCPA Pilot Program.
In Part II, I considered how General Cable obtained such a positive result in the light of multiple bribery schemes in multiple jurisdictions and corporate awareness or conscious indifference to them. Today I want look at some of the lessons to be learned by the compliance practitioner.
However, before I get to the lessons to be garnered, I want to briefly discuss the SEC enforcement action against Karl Zimmer (Zimmer). Per the Zimmer Order, he was a Senior Vice President of General Cable who approved improper commission payments to a third-party Agent on sales by General Cable’s Angolan subsidiary to Angolan state-owned enterprises. At the time, Zimmer knew that policies prohibited excessive commissions to third parties on sales to state-owned enterprises. For his violations, Zimmer agreed to a $20,000 fine. The Zimmer action should stand as a stark reminder that individuals who violate the FCPA stand to lose as much or even more than corporations as it is difficult to believe any reputable company would hire someone who blatantly violated the FCPA.
The first obvious lesson is that the FCPA Pilot Program provides significant benefits for companies which meet it strictures. Even with the odious conduct of General Cable, the company made a stunning comeback. As much as the other enforcement actions announced since the implementation of the Pilot Program, this enforcement action has changed the calculus around self-disclosure. If the call is anywhere close, a company should self-disclose. Yet that is only the first step, as the other prongs must also be met to obtain the discount offered.
Regarding the second prong of significant cooperation, a couple of things stand out. The first no doubt warms the heart of Mr. Translations (Jay Rosen) by specifically stating that General Cable produced voluminous documents, including translations. Next was the manner of production, performed in way, “that did not implicate foreign data privacy laws; collecting, analyzing, and organizing voluminous evidence and information for the DOJ”. Jonathan Armstrong once said on a podcast that it was his experience there were usually numerous ways to produce documents and other evidence in a manner that did not violate certain countries’ data privacy. General Cable would seem to have found a way to do so. This may require the compliance practitioner to use some creativity or bring in experienced data privacy counsel but the clear import is the DOJ expects such efforts in document and other evidence production. Finally, was the notation that General Cable disclosed “conduct to the DOJ that was outside the scope of its initial voluntary self-disclosure.” This sets an expectation for companies to continue their investigations and turn over new or additional findings.
Next, there were several remediation areas that stood out. The first was termination of recalcitrant employees and those third-party agents and distributors who participated in the misconduct. Next a Chief Compliance Officer (CCO) was hired who reported to both the Chief Executive Officer (CEO) and the Audit Committee of the Board.
Interestingly was the requirement for operationalization of compliance into the business units of the company. The NPA stated, the company developed a “comprehensive compliance program that integrates business functions into compliance leadership roles, is designed to deliver clear and consistent communications and expectations Company-wide through policies and procedures, and includes frequent leadership communications to all employees.” This final clause speaks to the importance of not only tone at the top but continued communications from the senior management of the organization.
This operationalization also went down to the revamped third party program. The NPA specifically noted the company had built “a system for third-party due diligence that assigns ownership to business personnel to shepherd prospective third parties through a comprehensive risk assessment, review, and approval process.” This step clearly requires business unit involvement at the beginning and, indeed, all the way through the lifecycle of third party management.
Finally, remediation Step 10, which specified that the company would be “Delivering tailored face-to-face compliance training, including training on the FCPA, to the Board of Directors and senior executives, Internal Audit personnel, sales leaders, and all salaried employees.” [emphasis supplied]. The word tailored communicates the DOJ’s expectation for training far beyond the standard out of the box compliance training. It means you must put on training which is not only designed for the risk group it is being presented to but you must have some thought into the different risks for each discipline within an organization and their respective role in any compliance program.
As the final enforcement action of 2016, the General Cable matter may well be one of the most significant for the compliance practitioner as it clearly states the need to operationalize a compliance program. From the FCPA enforcement year for the record books, it could be the case which portends the most significant step in doing compliance forward. Finally when Hui Chen speaks through the vehicle of a FCPA resolution, the compliance profession should listen.
[View source.]
