Michaela Ahlberg on building a compliance program amid an FCPA probe

Ahlberg created a compliance program from scratch when she was hired in 2013 by Swedish telecommunications firm Telia (then known as TeliaSonera) following allegations of corruption in its foreign business dealings.

She gained unusually direct access to the board and involvement with the legal team as it negotiated with U.S. regulators in a case eventually settled by Telia with the Securities and Exchange Commission (SEC) and Department of Justice (DOJ), plus Swedish authorities.

“It was unchartered territory for the business,” Ahlberg said of designing the compliance program. “I developed a team to create from the ground up a new regime that would have the policies, procedures, and internal controls needed, plus work in practice and not just on paper. There had been nothing of the sort, which is why I came in with brand-new executive leaders and a totally new board of directors. The company had that much work to do from scratch.”

You read that correctly: The company really had no functioning compliance department in place before bringing Ahlberg in following its alleged violations of the Foreign Corrupt Practices Act (FCPA).

“The compliance duties had been scattered among different departments at Telia, with many of them landing in the legal department, which could not handle a lot of the issues that ended up being big problems for the business,” she said. “They did not know the nuances of compliance and ethics policies and procedures, and they really didn’t have the time to deal with a lot of them.”

How was Ahlberg able to reconstitute the compliance program and get buy-in from the new CEO at Telia and its new board of directors?

“I believe the way we measure companies and corporate leaders today actually hampers people from being better people and companies from being better companies.”

Michaela Ahlberg at CW’s Financial Crimes event

“I reported directly to the new CEO, although I also had direct access to the ethics and sustainability committee of the board,” she said. “I communicated my findings, initiatives, and queries to them.

“Also, I was given substantive resources to work with in building the program and never got a ‘no’ when it came to spending to support it. Having resources is critical to the success of a compliance department: When you are merely seen as a cost center and not a cost-saver and reputation-protector, your ability to move quickly, harness the right technology, and hire the right people is compromised. So too are your tangible results.”

“I was also able, after some initial hesitancy by the new head of legal, to attend many meetings he was having with the DOJ and SEC, along with my close colleague Anna Romberg,” said Ahlberg. Romberg also spoke at CW’s Financial Crimes event as part of a whistleblower panel. “This really helped me directly interface with regulators and tell them what I was doing on the ground, so to speak,” Ahlberg said.

Ahlberg said her team started with a country-based risk assessment of where Telia was doing business and conducted leadership training on bribery and other financial crimes.

They established a whistleblower hotline that included 18 languages, tapped the skills of a project manager hired from within Telia to help with the hotline and new policy tools for employees to easily access, and implemented a new code of conduct.

What all the training in the world won’t solve

In her work at Telia, Ahlberg looked to the “Hallmarks of Effective Compliance Programs” outlined by the DOJ and SEC in 2012 as part of their FCPA resource guide. These had not really been introduced in Sweden, even though businesses were subject to the FCPA by having their securities listed on U.S. stock exchanges.

She brought in outside experts to reinforce what she was saying and was candid that she could not do everything for the organization. “I hired a special investigator to set up a new due diligence program and hired vendors to receive whistleblower reports while also keeping some expertise in-house, reassigning people in the procurement department to assist in that due diligence effort,” she said.

Ahlberg strongly believes the best-written compliance programs and training modules for employees and managers cannot enact the same type of change that a truly compliance-focused leadership team can.

That is one in which compliance metrics are built into remuneration schemes; sales practices; and corporate growth strategies, so compliance and ethics goals have equal weight to traditional profit-seeking ones.

She warns compliance professionals about the level of exhaustion that can set in after all the investigations; media attention; and remediation work is over, and that it is easy to want to return to simpler, prior practices. But if the new infrastructure is firmly in place, has the correct checks and balances, and is reinforced with vocal backing from top executives, it has a fighting chance to make it through that challenging period.

‘The Grey Zone’

Ahlberg and Romberg together wrote a book, “The Grey Zone: A Practical Guide to Corporate Conduct, Compliance and Business Ethics,” about using compliance methodology as a tool to make unethical business dilemmas visible, enabling and empowering leaders to tackle them.

“Dilemmas are rarely black or white—there’s often a grey zone of right and wrong,” Ahlberg said. “Leaders must step up and learn to navigate the grey zone to make decisions, defining who they and their companies truly are and thereby putting words into action.”

Ahlberg said because the way corporations reward individuals—for bigger deals and certain sales practice techniques—metrics that did not include ethics and compliance goals limited her effectiveness, just as those things do for every corporate compliance executive.

“I believe the way we measure companies and corporate leaders today actually hampers people from being better people and companies from being better companies,” she said. We must find a way to counter this, she advised.