The Multimillion Dollar Question: When to Self-Report?

The mantra from regulators when uncovering a potential violation of the Foreign Corrupt Practices Act is clear: self-report early and often. In innumerable speeches and other guidance, the Justice Department and Securities and Exchange Commission stress that self-reporting and cooperation with an investigation is always in a company’s best interests and will reduce punitive costs.

Less clear are the answers to a few awkward questions that spring from the regulators’ mantra. When exactly is the right time to call a regulator? And is self-reporting always worth it?

At a recent event in Boston sponsored by the Directors Roundtable Institute, a panel of lawyers, accountants, and auditors shared their thoughts on the most appropriate time to make a voluntary disclosure. They came up with three possible thresholds:

As soon as the company becomes aware of credible allegations of misconduct;

When the internal investigation has progressed enough that the company understands the nature and scope of the conduct;

When the company has completed its investigation, disciplined responsible employees, and implemented remedial measures.

Expressing the view of regulators, John Dugan, associate regional director in Boston for the SEC’s Enforcement Division, stressed that—wait for it—earlier is always better. “I would want to know,” he said. “It could be a situation where we just sit back and let the company do an internal investigation, but I would want to know up front that there is something potentially wrong that you are looking into.”

From the company’s perspective, however, that immediacy may not always be wise. Early disclosure might trigger an internal investigation that could cost millions of dollars, burden shareholders with the cost of that investigation and subsequent penalties, and garner bad media attention.

“If a company has an indication that a whistleblower has already gone to the government, that could be a factor in going to regulators before concluding an investigation, saying you have an issue, are looking into it, and will report back with complete findings,” says Wally Dietz, chair of the law firm Bass Berry & Sims’ compliance and government investigations practice.

The U.S. Sentencing Guidelines, Dietz notes, give credit to companies that report misconduct within a “reasonably prompt” time frame. In his view, if a company quickly launches an internal investigation, reviews all financial records and documents, and conducts witness interviews, that should still meet the “prompt” standard even if the process takes several months.

“Once you go to the government with a voluntary disclosure, the company loses control over the situation and loses control over what, exactly, the government will ask you to do.”
Wally Dietz, Chair, Government Investigations Practice, Bass Berry & Sims

“Most companies make the decision that they will look at it themselves, handle it through counsel, then go in and present the complete package to the government, including all remedial measures taken and assurances that those remedial measures will actually take effect,” he says.

Once you go to the government with a voluntary disclosure, however, “the company loses control over the situation and loses control over what exactly the government will ask you to do,” he warns.

A critical factor for a company to consider before bringing in regulators is whether it “fully has its arms around the situation,” Dietz says. Are other compliance problems still open and unresolved? “It would be a mistake to go in with a disclosure thinking it is going to be isolated on one particular topic or situation,” he says.

Another factor that might temper voluntary disclosure is regulators’ recent emphasis on providing specific, credible evidence on culpable individuals inside the company. A company deciding whether or not to disclose needs to assess whether it is ready to put the spotlight on individuals, “because that clearly will be part of the deal once the disclosure is made,” Dietz says. “That could be anyone from low-level managers to senior leadership.”

Feel the Joy of Cooperation

“In practice what I think is more relevant is that when you do come in, under whatever circumstances, is how you cooperate,” says Michael Huneke of the law firm Hughes Hubbard & Reed. “It was very helpful that Justice Department officials recently emphasized that cooperation does not mean conducting a scorched earth global review. It can be something that is reasonable under the circumstances and based on the information known. Those comments allow internal company personnel and external counsel to feel comfortable in focusing their resources, using their own judgment, and responding appropriately as circumstances develop.”

Unfortunately, a company can only take that approach, and decide to self-report, when it has the luxury to do so. Once a matter reaches the desk of a regulator, all bets are off. This makes anything other than immediate reporting a bit of a gamble—and the stakes are all the higher these days, in the age of whistleblower rewards and international regulators alerting each other to misconduct in other jurisdictions.

DON’T LISTEN TO CRITICS

The following is an excerpt from an April 17 speech by Assistant Attorney General Leslie Caldwell. In it she addresses concerns many have raised with the ultimate value of self-reporting.
All too often, criticism is leveled against the Justice Department for purportedly causing companies to spend years, and many millions of dollars, investigating potential violations.  This is particularly true in the FCPA context where the need for international evidence can add to the expense and burden of an investigation.  Critics wrongly question the wisdom of disclosing misconduct and cooperating with the government in light of what they perceive to be the department’s requirement that companies then must conduct unnecessarily costly, time consuming and widespread investigations.
There is no question that some cooperating companies spend large sums of money investigating potential misconduct and correcting internal controls issues that allowed the misconduct to occur.  The decision to incur those costs, however, is one made by those companies, not a requirement of the department.  When a company chooses to cooperate with the government, the manner in which the company approaches its cooperation, and its own investigation of the conduct, can significantly affect the length of the investigation and the costs incurred by the company.
Although we expect internal investigations to be thorough, we do not expect companies to aimlessly boil the ocean.  Indeed, there have been some instances in which companies have, in our view, conducted overly broad and needlessly costly investigations, in some cases delaying our ability to resolve matters in a timely fashion.
For example, if a company discovers an FCPA violation in one country, and has no basis to suspect that violations are occurring elsewhere, we would not necessarily expect it to extend its investigation beyond the conduct in that country.  On the other hand, if the same people involved in the violation also operated in other countries, we likely would expect the investigation to be broader. 
As is their right, corporations may also choose not to cooperate with the government.  But, they too must understand the consequences of their decisions.  The lack of timely and complete cooperation, which effectively frustrated the prosecution of culpable individuals, was one of the tipping points leading to charges, guilty pleas and landmark monetary penalties in the BNP Paribas and Credit Suisse cases last year … Likewise, a company’s decision not to cooperate may delay, but rarely thwarts, our investigation.
We recognize that information about the bases for our corporate guilty pleas and resolutions is an important reference point for companies that are evaluating whether to self-disclose a violation or cooperate.  Corporations may wish for a formula or definitive matrix that could be applied in this context.  But, while a rote formula might bring certainty and consistency, it would do so at the expense of the individualized justice that comes with thoughtful and nuanced prosecutorial decision-making.
Source: Justice Department.

“You are no longer in a world where you can patiently evaluate any investigation,” Huneke warns. “In an ideal world you would like to walk into the regulator when they are ready to receive you, and when you are ready to give them concrete evidence that would support their prosecution of individuals involved. It’s rare that the timing of all those different pieces coalesces at the same time.”

And what about the toughest choice of all: deciding not to self-report?

“A company’s ability and willingness to self-report to and cooperate with the government is not always strategically wise in the context of FCPA enforcement,” says Peter Reilly, law professor at Texas A&M University. He points to the SEC’s 2013 non-prosecution agreement with Ralph Lauren Corp. for bribes paid to government officials in Argentina. The SEC decided not to charge the company due to its prompt reporting of the violations and cooperation during the SEC investigation.

While the SEC touted “substantial and tangible” benefits, Reilly wonders whether it was ultimately a good deal from a business perspective because of the costs accrued during an expanded investigation, plus the ongoing compliance demands.

“The government says, ‘Hey, we will let you off the hook if you sign this non-prosecution agreement but these are our demands,’ ” Reilly says. “Companies are not in a strong position and pretty much go along with everything the government says. The question to ask is whether these obligations are unreasonably burdensome.”

If regulators really wanted to encourage self-reporting, Reilly says, they would end the practice of deferred-prosecution agreements and, with clear-cut tables and charts, inform companies of exactly what benefits they can expect from cooperation.

“Right now, I don’t think Corporate America has enough incentives to self-report,” he says. “If we figure out what the calculation is, and we can do so accurately, let’s figure it out and make the rules of the game so that companies want to self-report.”

Will there be reviewable metrics and calculations to consider any time soon? Reilly isn’t optimistic. “It’s a negotiation, and I don’t think the government wants to change that because they have all of the power in those negotiations and can essentially do whatever they want,” he says. “Once they start writing down exactly what will happen and what the rules are, they are giving away some of their power.”