Few people have encountered the corporate criminal law enforcement (including in the FCPA context) and compliance from three vantage points: enforcer, in-house counsel, and lawyer in private practice. Larry Thompson is one of them having served as DOJ Deputy Attorney General, a lawyer in private practice, and a general counsel of a major multinational company (PepsiCo).
Thus, when Thompson speaks or writes about the Foreign Corrupt Practices Act or related topics we should pay attention.
Recently Thompson testified at a House hearing  and stated that “the shared commitment [between the government and industry] to prevention and incentivizing investment in compliance is not the current reality.”
Thompson further stated:
“The relationship between the government and industry has become unduly adversarial as a result of this emphasis on post-hoc enforcement, which is regrettable. This approach can also lead to an antagonistic relationship between a company and its employees, which can undermine efforts over time to identify and remediate misconduct. There are also basic fairness concerns implicated in the current approach, which makes no distinction between companies that have detected, stopped and self-disclosed violations, and companies that in no way seek to do the right thing.”
The remainder of this post excerpts portions of Thompson’s recent testimony.
“Before my tenure as Deputy Attorney General, I was a law firm partner representing clients facing investigations of potential wrongdoing; after my tenure, I worked in the private sector as the General Counsel of a major corporation. My service in the private sector left me firmly persuaded of not only the importance of companies investing in first-class ethics and compliance programs designed to prevent and mitigate fraud and other wrongdoing, but also of the need for incentives for companies to do so. In my experience, the vast majority of companies want to do the right thing with respect to ethics and compliance, but, particularly in times of tight budgets, concrete incentives are needed for the companies to do so.
My decades of experience have persuaded me that the best way forward in terms of preventing and mitigating fraud is to focus on the development of first-class ethics and compliance programs across industries.
Both the company and the public benefit from incentivizing investment in ethics and compliance: prevention increases; wrongdoing is more likely to be identified, stopped, and disclosed; and the government can focus its efforts on the truly bad actors that are not committed to first-class compliance.
From a company’s perspective, misconduct is increasingly expensive. For example, over just a two year period (2012-2014), the average total of monetary resolutions in corporate Foreign Corrupt Practices Act enforcement actions rose from $22 million to $157 million. So as a business matter, not just a moral and legal imperative, preventing wrongdoing is in the interests of a company. Moreover, the public benefits from less wrongdoing, whether it is a bribe that results in an uneven playing field, or fraud that takes funds directly from the public fisc.
At the same time, effective compliance programs allow the government to focus their resources and efforts on the bad actors-and there are bad actors. As noted above, one component of a high quality ethics and compliance program is that it encourages accountability-both internally and externally. In other words, a company with an effective ethics and compliance program is more likely to appropriately disclose wrongdoing to the government. This benefit allows the government to identify and investigate companies that do not demonstrate a commitment to “doing the right thing,” and to levy commensurate penalties.
But this shared commitment to prevention and incentivizing investment in compliance is not the current reality. Instead, enforcement agencies rely more on post-hoc enforcement-leveraging significant penalties largely irrespective of a company’s investment in compliance and prevention on the front end. The government comes into investigations and enforcement negotiations with tremendous power. Companies often face potentially astronomical penalties; debarment from contracting with the United States; exclusion from federal health care programs; present responsibility determinations that effectively function as a regulatory regime; or criminal indictments that can by themselves destroy a company. Companies are rarely, if ever, in a position to risk fighting the charges in court given the potential consequences (and the immediate reputational harms that occur when and if an investigation or allegation is made public), leaving the decision-making as to the appropriateness or fairness of a particular outcome in the hands of only one party-the government.
The relationship between the government and industry has become unduly adversarial as a result of this emphasis on post-hoc enforcement, which is regrettable. This approach can also lead to an antagonistic relationship between a company and its employees, which can undermine efforts over time to identify and remediate misconduct. There are also basic fairness concerns implicated in the current approach, which makes no distinction between companies that have detected, stopped and self-disclosed violations, and companies that in no way seek to do the right thing. Perhaps worse, the failure to put heads together to see if there is a better way-a prevention-based way-represents a missed opportunity to increase ethics, compliance and prevention across the board, rather than at specific companies under the microscope.
That said, I welcome recent signs that the Government may recognize the need for greater creativity to incentivize ethics and compliance. Earlier this month, the Department of Justice announced a new pilot program aimed at targeting foreign corruption. Pursuant to this pilot program, if companies self-disclose wrongdoing to the government; cooperate with the government; remediate the misconduct; and satisfy the requirements of the Yates Memorandum (which, in turn, sets forth conditions for obtaining credit for cooperation with the Department of Justice) the Department will consider up to a 50 percent penalty reduction below the low end of the guidelines as well as no requirement for a corporate monitor.
Almost a year ago, the head of the DOJ Criminal Division gave a speech emphasizing that when the Criminal Division decides whether and how to prosecute a company, the Division considers the adequacy of the company’s compliance program and internal investigation. As part of this speech, she also described the characteristics of effective compliance programs for which the Department is looking. Late last year, the Department of Justice hired a full-time compliance expert in its Fraud Section, who will provide assistance to prosecutors in evaluating the adequacy of compliance programs and in developing benchmarks for evaluating corporate compliance and remediation measures as part of resolution.
But these steps, while laudable, are missing a critical feature: certainty. Concrete incentives are needed in civil as well as criminal fraud programs, and these programs still have yet to offer that. It is important for government to be clear about what constitutes a top-notch compliance program and define it in ways that are achievable. Because achieving this will require substantial investments and proactive disclosure requires leaps of faith, the beneficial consequences must be concrete and certain. I do not believe that a focus on prevention and compliance is a process that can or will happen overnight. And we will not see a greater across-the-board commitment to formalized, first-class compliance/ethics programs until the government provides concrete, predictable, incentives for companies to do so.”