Every Thursday, Compliance Week puts a snarky spotlight on individuals, companies, and governments that “Failed It” in the areas of ethics and compliance during the week and gives out kudos to those that “Nailed It.” If we missed any or if you have any nominations for next week, let us know on Twitter (@ComplianceWeek) or in the comments section below.

Nailed It


Volkswagen: The German automaker this week completed its 3-year independent compliance monitorship, officially fulfilling the conditions of its 2017 plea agreement with the U.S. Department of Justice. Volkswagen famously pled guilty to three criminal felony counts relating to Dieselgate, “a long-running scheme to sell about 590,000 diesel vehicles in the U.S. by using a defeat device to cheat on emissions tests,” a 2017 DOJ press release states. The court-appointed monitor, former U.S. Deputy Attorney General Larry D. Thompson, certified that Volkswagen had satisfactorily designed and implemented a compliance program that would prevent and detect violations of anti-fraud and environmental laws. VW board member in charge of integrity and legal affairs Hiltrud Werner told the Financial Times that “fraudulent activities, I’m absolutely certain, cannot creep into processes and the organization for 10 years as it was with [Dieselgate].” The “people’s car” is in the clear! —Aly McDevitt

FCC Construcción: We’re not usually in the business of handing out congrats to a giant Spanish construction company on news it was disbarred from bidding on World Bank Group construction projects for two years, and ordered to pay back $5.5 million to the government of Colombia, all for its “fraudulent and collusive practices during two bidding processes.” So why are we patting FCC Construcción on the back? For one, the company “does not contest culpability,” which is so refreshing and, sadly, unusual. And two, FCC’s compliance program kicked into high gear when the World Bank launched its investigation. The World Bank lauded FCC for its “extraordinary cooperation and voluntary remedial actions” that included a corporate restructuring, an internal investigation, actions against responsible parties, and a corporate commitment “to continue developing and enhancing an integrity compliance program” consistent with the World Bank’s compliance guidelines. Buen trabajo, FCC. —Aaron Nicodemus

Jane Fraser: The Scottish-American Citigroup veteran will make history as the first female CEO of a major U.S. bank when current CEO Michael Corbat retires in February. Fraser, a former partner at McKinsey & Co., rose through the ranks at Citigroup beginning in 2004, according to her LinkedIn profile. Wife and mother of two, Fraser has said that women can have it all—they just can’t have it all at the same time: “I think of my life in different chunks. When the kids were little, I needed to be around more, but it’s different now,” Fraser said in a 2014 interview with CNN. “Don’t feel you’ve got to be perfect all the time. It just holds you back from doing your best because you don’t put yourself into a more stretching situation.” Huge congratulations to Fraser for breaking the glass ceiling. —Aly McDevitt

Department of Justice: The DOJ has charged five Chinese residents and two Malaysian businessmen in a widespread hacking effort that infiltrated more than 100 companies in the United States and abroad, according to an announcement Wednesday. Federal prosecutors said the cyber-criminals hacked into software development companies, computer manufacturers, telecommunications providers, social media companies, gaming firms, nonprofits, universities, think-tanks, and foreign governments, as well as pro-democracy politicians and activists in Hong Kong. The Malaysian businessmen, who conspired with the Chinese nationals to profit from computer intrusions in the video game industry, were arrested in Sitiawan, Malaysia, on Monday and extradited to the United States. In conjunction with the arrests, the FBI seized hundreds of accounts, servers, domain names, and command-and-control “dead drop” web pages used by the defendants to conduct their malicious cyber-attacks. —Aly McDevitt


Failed It 


Deloitte: The Big Four firm received plaudits for its 16-week paid family leave policy, but at least one former employee says in a lawsuit that the policy “comes with a huge catch.” Former Deloitte Touche Tohmatsu employee Saxon Knight filed a class-action lawsuit Sept. 1 in U.S. District Court in the Southern District of New York. “Any individual who actually takes the 16 weeks of leave offered to them by Deloitte loses the right to actually return to their prior positionor to any job at Deloitte at all,” the suit alleges. Knight worked for Deloitte for three years, including a year heading up a cyber-security threat assessment team in New York. In 2019, she left for 16 weeks on maternity leave. Upon returning, she found her job had not been held for her. Despite “dozens of conversations” with management, she only found a position “that was not commensurate” with her skills and experience, according to the complaint. She was eventually terminated, a decision the company told her was “related to COVID,” the lawsuit said. If the allegations against Deloittewhich did not respond to a request for commentprove true, the firm is pulling a nasty bait-and-switch with its generous perk. —Aaron Nicodemus

Nikola: The electric truck startup is on the defense after a short-seller report alleged fraud and misrepresentations by the company to investors. “The report from Hindenburg … contains a number of false and misleading statements regarding the Company’s operations and multi-year, groundbreaking R&D efforts,” Nikola said in a response statement. Not only is Nikola now in a war of words with Hindenburg, but the Securities and Exchange Commission is investigating the alleged claims, along with the Department of Justice, reportedly. Even if the probes turn up nothing, damage has already been done: Nikola stock has dropped nearly 50 percent in just over a week.  —Kyle Brasseur

NS8 Inc.: The Securities and Exchange Commission recently charged the former chief executive officer of fraud prevention platform NS8 Inc. with—you guessed it—defrauding investors. Former CEO Adam Rogas allegedly altered the company’s bank statements to show millions of dollars in payments from customers. The SEC alleges that the company raised $123 million in 2019 and 2020 by providing false financial statements to investors and prospective investors and that Rogas personally collected about $17.5 million in investor funds. —Aly McDevitt