Leader's Edge logo Legal Ease by Scott Sinder Tell the Editor
Legal Ease by Scott Sinder Complicit or Compliant?

Implement a compliance program that is more than just words on paper--or pay a hefty price.

By  Scott Sinder, Lucinda Low, Owen Bonheimer and Negar Katirai

Recently, we have outlined some of the regulatory exposures your firm may have to the Foreign Corrupt Practices Act and with the Treasury Department’s Office of Foreign Assets Control. Recognizing these exposures and other regulatory requirements, more companies are investing in regulatory compliance programs. Investing in compliance often reaps returns by mitigating the significant fines and negative publicity that can accompany legal violations. Perhaps, even more important, it helps to avoid those legal violations in the first place. And there are compliance success stories out there.

For example, General Electric’s compliance program is credited with mitigating the negative repercussions during due diligence into InVision Technologies, a company it agreed to acquire in 2004. GE discovered InVision’s agents and distributors in China paid money to foreign officials to secure contracts for airport security machines. InVision voluntarily disclosed the possible violations to the Justice Department and SEC and paid $1.89 million to settle charges of violating the Foreign Corrupt Practices Act. GE, however, made its acquisition contingent upon a mutually satisfactory resolution of InVision’s liabilities. GE was not charged with any violations and was not required to take on any additional obligations.

An effective compliance program is tailored to the size, resources and operations of a company. It is implemented from the ground up. For a company facing legal violations, a compliance program that is stellar on paper but otherwise ignored, could be worse than no policy at all. Under U.S. sentencing guidelines, an “Effective Compliance and Ethics Program” has two components: due diligence exercised through a program reasonably designed, implemented and enforced to be generally effective at preventing and detecting criminal conduct; and promotion of an organizational culture that encourages ethical conduct and compliance with law.

A memorandum by Deputy Attorney General Paul McNulty on the principles of federal prosecution cautions that “general policy statements” are insufficient to establish an effective compliance program. Rather, he recommends:

· Establishing corporate governance mechanisms that effectively detect and prevent misconduct, such as independent review rather than rubberstamping proposed corporate actions;

· Providing directors with information sufficient to exercise independent judgment;

· Conducting internal audit functions at a level sufficient to ensure their independence and accuracy;

· Establishing an information and reporting system to provide management and the board of directors with timely and accurate information sufficient to allow informed decisions regarding compliance;

· Sufficient staff to audit, document, analyze and utilize the results of the corporation’s compliance efforts; and

· Effective dissemination of the compliance program among the corporation’s employees.

While the memo is relevant to assessing the risk of prosecution, the sentencing guidelines set out seven minimal elements companies should consider to reduce their risk of penalties if they are successfully prosecuted:

  • Standards and procedures to prevent and detect criminal conduct, including those for specific processes and scenarios the company frequently encounters;
  • The role of a governing body, high-level personnel and specific individuals in oversight of the program, as well as reporting mechanisms, such as an anonymous hotline;
  • Exclusion of risky individuals from positions of substantial authority;
  • Training and dissemination of the program at all levels of the organization, including senior management, employees who interact with government officials, and employees in accounting, auditing or with other oversight responsibilities;
  • Steps to monitor, audit and evaluate the program;
  • Consistent implementation and enforcement through appropriate incentives and discipline, and;
  • Reasonable response to criminal conduct.

Experienced auditors like to say that if you don’t find some fraud or other problem, it means you’re not looking hard enough. The steps listed above are not guaranteed to prevent a breach in compliance. However, they can have a substantial effect in mitigating enforcement and liability risks.

< Prev1 2 Next >
(2 pages)
 Return to Table of Contents

Email PagePrint PageArticle reprintsArticle tools sponsored by

Full Leader's Edge Archive. Previously published articles, listed by subject below.

arrow Industry Leaders    arrow Wholesalers    arrow Legal Issues   arrow Regulatory Issues  
arrow International Risk arrow Management    arrow Industry News    arrow Regulatory News
arrow Market News   arrow Cartoons

Council Edge
Your weekly online update of broker news and analysis

The Council Calendar

Wholesale Insurance Leadership Forum, May 10-12 2010

Employee Benefits Leadership Forum, June 1-4 2010

CFO Workshop/Leadership Development Conference, June 16-18