Current and former enforcement officials took part in a candid debate last week about the real-world implications of recent pronouncements made by the Department of Justice, and how directors and officers are responding.
A key part of the Directors Roundtable event in Boston on May 10 focused on self-disclosure in the wake of potential violations of the Foreign Corrupt Practices Act. “I’m starting to see a trend that there is a little more reluctance to self-disclose,” said Pravin Rao, a former assistant U.S. attorney and SEC Enforcement branch chief and now a partner at law firm Perkins Coie.
There’s no need to disclose every small bribe, Rao said. Where companies and boards are having to make close calls, they’re feeling “a little more emboldened to say, ‘you know what, let’s just fix it, and if it blows up down the road, we’ll explain it then.’ ”
Others in the panel discussion recommended taking a more cautious approach. “Of course, there are going to be situations where the company wants to roll the dice or, perhaps, they don’t consider it quantitively material [to self-disclose],” said Kyla Curley, a partner with forensic accounting, corporate compliance, and expert services firm StoneTurn. “My personal opinion is that it’s always in the best interest of the company to self-report.”
Where Curley and other panelists agreed, however, is that the “Yates Memo,” first announced in September 2015, has clearly changed the calculus for companies and boards when deciding whether to self-disclose a potential FCPA violation. The crux of the Yates Memo is this: If a company wants cooperation credit, it must give up the individuals, no matter where they sit within the company. Furthermore, to qualify for any cooperation credit, companies must provide “all relevant facts” relating to the individuals responsible for the misconduct.
“Whenever you’re dealing with corporate misconduct, the appetite to prosecute those responsible has always been there,” said Jordi de Llano, deputy chief of the Economic Crimes Unit of the U.S. Attorney’s Office, District of Massachusetts. “In the wake of the Yates Memo, it was made a priority—and still is today.”
“Whenever you’re dealing with corporate misconduct, the appetite to prosecute those responsible has always been there. In the wake of the Yates Memo, it was made a priority—and still is today.”
Jordi de Llano, Deputy Chief, Economic Crimes Unit, U.S. Attorney’s Office, Massachusetts
The intensified pressure to hold individuals accountable, however, only adds to the complexity of deciding whether to self-disclose. The question that companies and boards are facing, Curly put candidly, is this: “Who are we going to line up in front of this bus?”
Sometimes, pinpointing individual wrongdoers is clear, which might make the decision a little easier. Other times, you have people in the C-suite who might not be directly involved but because of their position might be indirectly culpable for the misconduct—a chief compliance officer or chief financial officer, for example, who are responsible for the compliance program or internal controls—if the action resulted due to lapses in those controls. “Do you put forth information on these individuals and include them in that bus lineup?” Curly said. “The risk there is if that is the trend, then that might disincentivize people to serve in those roles.”
The Department of Justice’s enhanced focus on individuals also means that the insurance protections directors and officers have are more important than ever. “D&O insurance doesn’t always pay for all liabilities,” said Donald Glazier, senior vice president and claims counsel at insurance broker Lockton. Anybody who sits on a board and feels like they’re protected by directors and officer liability policy should have a trusted D&O insurance broker who is knowledgeable about these policies, he advised.
DoJ: Six key steps to strengthen pursuit of corporate wrongdoing
(1) in order to qualify for any cooperation credit, corporations must provide to the Department all relevant facts relating to the individuals responsible for the misconduct;
(2) criminal and civil corporate investigations should focus on individuals from the inception of the investigation;
(3) criminal and civil attorneys handling corporate investigations should be in routine communication with one another;
(4) absent extraordinary circumstances or approved departmental policy, the Department will not release culpable individuals from civil or criminal liability when resolving a matter with a corporation;
(5) Department attorneys should not resolve matters with a corporation without a clear plan to resolve related individual cases, and should memorialize any declinations as to individuals in such cases; and
(6) civil attorneys should consistently focus on individuals as well as the company and evaluate whether to bring suit against an individual based on considerations beyond that individual’s ability to pay.
Take, for example, information investigations. “An informal investigation may not be considered a claim under your directors and officer liability policy,” Glazier added. It might only become a claim when a subpoena is issued, or a formal investigation is launched.
“Those trigger points are key for getting this insurance policy paid,” he said. “That insurance protection is going to be real important, because those costs are going to be coming fast and furious.”
Another important consideration concerning D&O insurance comes into play during a cross-border FCPA investigation. Countries like Brazil and China, for example, do not recognize a U.S.-based insurance policy, Glazier added.
Typically, many large insurance companies will have a locally placed policy provider with a U.S. nexus. “They may have already baked into their coverage worldwide coverage,” he said.
Directors can also face the risk of personal liability if a potential FCPA violation does not get reported to the board at all. “I don’t think that shields a board,” Rao said. Even if the Department of Justice or Securities and Exchange Commission don’t pursue individual board members, you could still face a shareholder class action or other legal action as a collateral consequence once the company makes the decision to self-disclose an FCPA violation and the company gets whacked with a multimillion-dollar fine, Rao said.
Savvier boards have dotted-line reporting from the compliance officer or general counsel, who keep the board apprised if there is a potential FCPA violation or other significant issue, Rao added. “Unless you have that reporting function, even when there is a whistleblower claim that could be material, the board doesn’t know.” Moreover, “the savvier boards I’ve seen immediately set up a special committee or put in place an audit committee, and they get their own counsel,” he said.
De Llano commented that he has seen the same trend start to develop: “What I’ve been seeing in my cases now is that we are meeting with both company counsel and audit committee counsel,” he said.
Another important message to come from the Directors Roundtable is that the Justice Department’s FCPA enforcement priorities have not waned since the beginning of the Trump administration.
The aim of the FCPA Corporate Enforcement Policy was not just to provide additional benefits to companies based on their corporate behavior once they learn of misconduct, as the policy states, “but also to show that FCPA enforcement is still a priority,” de Llano said. In fact, FCPA cases “are now being staffed with assistant U.S. attorneys in the different divisional districts and trial attorneys from the FCPA Unit in the Fraud Section,” he said.
In addition, he believes the FCPA Corporate Enforcement Policy has encouraged—not discouraged—companies and boards to come forward. “We’re seeing more investigations and more disclosures,” he said. “We’ve seen that trend continuing, and I expect we’ll see that trend keep going.”