Culture and Compliance Programs: Practical Advice Compliance and a Culture of Integrity Conference Hofstra University October 29, 2014 Matthew Heiman Vice President, Chief Compliance & Audit Officer Thomas S. DiLeonardo Principal/Chief Compliance Officer 1
Agenda I. Understanding Your Business II. Elements of an Effective Compliance Program III. The Benefits of a Robust E&C Program 2
Understanding Your Business! If you are responsible for implementing or changing a compliance program, you should be asking:! What is the business model?! Manufacturing with a supply chain! Delivery of services with subcontractors! Professional services provider with affiliates, networks! Joint ventures, minority interests, limited partnerships! Who are the employees?! Professionals, hourly, subcontractors, temporary labor, Board of Directors! Where do you do business?! Geography matters
Understanding Your Business (Cont d)! What kind of data do you handle and where does it go?! Customer data! Employee data! Flow patterns! What have been the trends in your industry?! Areas of regulatory focus! Changes in the law! Competitive landscape! Public opinion! What changes in the business model can you anticipate?
Elements of an Effective Compliance Program
Established Standards and Procedures Code of Conduct! Identify Core values! Raise your Hand Requirement Clear Policies! Expenses! Conflicts! Gifts/Donations (to and from) Provide Ongoing Training re Ethics & Compliance Content! How often? At least every other year. Establish and Maintain an Adequate Detection System! Reasonably designed to detect criminal acts and other misconduct by employees and other agents! Hotline! Full and complete investigations 6
Established Standards and Procedures (Cont d) Establish and Maintain Procedures for Adequate Background Checks Establish and Maintain an Adequate Tracking System (i.e., Issues and Events Manager)! Historical data for trend analysis, due diligence Impose Fair and Uniform Sanctioning for offenders, and discipline of individuals responsible for insufficient action. Prevent further similar offenses! Publicize results -- Ethics Stories! Create or amend policy as necessary! Retaliation monitoring KPMG 7
The Benefits of a Robust Compliance Program
Why Spend Money on Compliance? It s the Ethically Right Thing to Do Cost Effective! Increased efficiency.! Better employee morale.! Productivity improvement.! Liability avoidance. In re Caremark Int l Inc., Derivative Lit. (Delaware,1996) Affirmed 10 years later by Delaware Supreme Court in Stone v. Ritter, 911 A.2d 32 (Del. 2006) 9
Why Spend Money on Compliance? (Cont d) Legislation:! Sarbanes-Oxley Act of 2002 (Section 404)! Requires companies and their auditors to evaluate the effectiveness of their internal controls over financial reporting.! Establishment of tone at the top! Existence of codes of conduct! Ensure internal control systems are working! Establishment of reporting channels! Appropriate remedial action! Federal Disclosure Rule (FAR 52.203-13 Effective 12/12/08)! Applies to contracts exceeding $5 million and 120 days duration! Requires Code of Conduct and Robust Compliance Program for federal contractors! Requires timely disclosure of credible evidence of fraud, conflict of interest, bribery, and illegal gratuities and civil false claims in connection with award, performance, or closeout of the contract! Knowing failure to timely disclose is grounds for suspension and debarment 10
Why Spend Money on Compliance? (Cont d)! Federal Sentencing Guidelines! Organizations, like individuals, can be found guilty of criminal conduct whenever an employee commits an act within the apparent scope of his or her employment, even if the employee acted directly contrary to company policy and instructions.! While organizations cannot be imprisoned, they can be fined, sentenced to probation for up to five years, ordered to make restitution! Most commonly occurring offenses are (1) fraud; (2) environmental waste; (3) tax offenses; (4) antitrust violations; and (5) food and drug violations.! November 1991 Organizational Sentencing Guidelines became effective. Designed to further:! Just Punishment; and! Deterrence -- Incentives are offered to detect and prevent crime.! The guidelines require not only promoting compliance with laws, but promoting a "Culture of Compliance.! An Effective Compliance Program can mitigate and in some cases eliminate this exposure. 11
Morgan Stanley Managing Director FCPA Violation (April 2012)! Morgan Stanley Managing Director bribed a Chinese government official to win business and enrich himself.! DOJ concluded that Morgan Stanley s internal controls and compliance procedures provided reasonable assurance that its employees were not bribing government officials.! Regularly updated policies to reflect regulatory developments and specific risks to the firm;! Provided FCPA training and reminders to comply; and! Required employees to certify compliance! Once Morgan Stanley discovered the problem, it took decisive actions:! shut down the office;! disciplined the Managing Director (fired);! Self-reported the incident; and! Cooperated with the government investigation.! SEC/DOJ TOOK NO ACTION AGAINST MORGAN STANLEY 12
Morgan Stanley Managing Director (Cont d)! Managing Director admitted that he actively sought to evade Morgan Stanley s internal controls in an effort to enrich himself and the Official.! SEC SANCTIONS-Managing Director:! Permanently barred from the securities industry;! Must pay over $250,000 in disgorgement;! Must relinquish all ill-gotten real estate (valued at approx. $3.4 million)! DOJ filed related criminal charges! Managing Director pled guilty! Sentencing set for July 17, 2012! Maximum prison time of 5 years; and! fine of $250,000 (or twice his gain from the offense) 13
Top Corporate Fines (1) Bank of America paid a fine of $16.65 billion to resolve fraud allegations regarding its mortgage-backed securities. Although advertised as high yield, low risk AAA bonds, the assets were not low risk and many of the mortgages in these securities were in default or in immediate threat thereof. (August 2014)* (2) JP Morgan Chase reached a tentative deal to pay $13 billion to end a number of civil investigations into its sale of mortgage securities prior to the financial crisis. (2013)** (3) GlaxoSmithKline pleaded guilty to criminal charges it illegally marketed drugs and failed to report safety data. The company agreed last July to pay $3 billion to the government in what could be the largest health-care fraud settlement in the U.S. (2013)** (4) HSBC Holdings Plc agreed to pay $1.9 billion in fees and penalties to resolve charges that the London-based bank s weak oversight of transactions helped Latin American drug cartels launder billions of dollars. (2012)** (5) Federal Court approved a $1.8 billion settlement for Billionaire Steven Cohen s affiliate company SAC Capital Advisors regarding charges related to insider trading by its employees. (April 2014)*** Sources: * raybounmulligan.com/16-65-billion-boa-securities fraud (August 22, 2014) ** marketwatch.com/5-of-the-biggest-corporate-penalties (October 21, 2013) *** money.cnn.com/cohen-sac-capital-point72 (April 10, 2014) 14
Financial Industry Aggregate Fines Paid Source: blogs.marketwatch.com/bank-fines-top-$142-billion (August 20, 2014) 15
Thank You This presenta,on is not intended to contain legal advice, and does not contain the views of KPMG LLP and/or Tyco. The informa,on contained herein is of a general nature and is not intended to address the circumstances of any par,cular individual or en,ty. Although we endeavor to provide accurate and,mely informa,on, there can be no guarantee that such informa,on is accurate as of the date it is received or that it will con,nue to be accurate in the future. No one should act on such informa,on without appropriate professional advice acer a thorough examina,on of the par,cular situa,on.