What are red flags and what does it mean when one appears? For The Man From FCPA the term is about as ubiquitous as "tone from the top." However simply because a phrase is well-worn does not mean it is not without value. Indeed, it may be that the simple fact it is so frequently used that in and of itself, denotes how significant the phase is in the compliance arena.

The questions and others have been swirling around in the context of National Security Agency employee Harold Martin and his alleged theft of classified documents from his employer. An article in the New York Times, focus on those red flags around Martin’s life. Some of the red flags raised in Martin’s employment, where he initially obtained and then renewed his top-secret security clearance, included “drinking problems, a drunk-driving arrest, two divorces, unpaid tax bills, a charge of computer harassment and a bizarre episode in which he posed as a police officer in traffic dispute.” In addition to all of the above, the highly publicized protections the NSA put in place after l’affaire Snowden to prevent employees from simply walking out of their office buildings with classified information seems to have failed.

All of this clearly demonstrates that the NSA was not doing compliance. If you have rules around obtaining and maintaining security clearances, you must actually follow and enforce. While no one of the above actions or even character traits might be enough to deny a person a top secret clearance, taken together they would seem to fit a pattern of instability which would put a person who does have such a security clearance at high risk.

In the FCPA world, companies need to be aware of red flags when they begin due diligence but also they need to update and continue the investigation during the course of any relationship. But most importantly if a red flag pops up it must be cleared.