Top Menu

Delaware Court Once Again Rejects “The Conclusory Allegation That Because Illegal Behavior Occurred, Internal Controls Must Have Been Deficient, And The Board Must Have Known So”


In my non-FCPA life, I teach a variety of courses such as corporations and securities regulation.

Because of this, I continue to scratch my head as to the seeming inability of certain FCPA commentators to grasp certain basic aspects of the legal framework regarding corporate law and governance.

For instance, this recent post is titled “When Will Shareholders Force Boards to Do Compliance” and the commentator asserts: “[with] any of the companies which were embroiled in Foreign Corrupt Practices Act (FCPA) matters which recently settled, where was the Board when the company was busy paying out millions in bribes, in some cases literally across the globe?”

Continue Reading

Requiring The DOJ or SEC To Prove Its Case Is Not “Criminal”

It is truly a sorry state of affairs that have come to define government enforcement of criminal (or even civil) laws against business organizations.

Exhibit A is this recent CNBC video clip of Andrew Ross Sorkin’s interview of JPMorgan CEO Jamie Dimon.

As you likely know, JPMorgan recently resolved a variety of criminal and civil matters brought by various government enforcement agencies for approximately $20 billion.

“SORKIN: So, you look at these big numbers. And they are big numbers. And so the public looks at them and they are trying to grasp and understand what to make it. Do you think ultimately, that it was fair?

DIMON: No. I think a lot of it was unfair, but I’m not going to go into the details.”

No surprise there as the various JPMorgan resolution documents contained a so-called “muzzle clause.”  (See paragraph 17 of the JPMorgan DPA).

Dimon continued:

“And I’m grateful to have it behind us. Because the most important thing for a company is you do your job. Serving clients and communities around the world. And this is a huge negative for the company – a huge distraction of management time, board time, when we should really be helping our clients, which includes cities and schools. So we just wanted to get back, do what we’re good at and what we are supposed to be doing.”

The interview then continued as follows.

“SORKIN: On the stuff you think was wrong, do you think you fully remedied it?

DIMON: I guess at one point it doesn’t matter who you think is wrong or right, so we can debate all day long whether we should have paid. […] You know, again, you’re really caught between two bad choices. We made the one that was better for the company.

SORKIN: Right.

DIMON: Whether it should have been high or low, I don’t care anymore. I’ve moved on. That was last year. I’m looking forward to 2014.

SORKIN: One more question on that, which though is, was there a moment – what was the moment for you when you said to yourself, “ok. Pay it. I want to put this behind me.” And was there something that happened? Was it a conversation with the board? Was it a conversation with Eric Holder? What was that moment for you?

DIMON: First of all, the board was involved every step of the way in this. It was this kind of unprecedented, kind of – you know we have multiple regulators and multiple U.S. attorneys and district – Department of Justice. And it was just, thinking it through, looking at our options and realizing there are two really bad options. And that the wrong thing to do is to complain, fight and then you could have said, well why not go to court all those years? So if you are my board, you would have said, why would you do that and subject your company to three or four more years and the outcomes could be worse. Then wouldn’t even necessarily be better. So a lot of people said fight – if you think you are right, fight – banks have a very tough time doing that. It would really hurt this company and that would have been criminal for me to subject our company to that kind of – those kinds of issues.”

Obviously, one can assume that Dimon did not literally mean it was criminal to put the DOJ and/or SEC to its burden of proof.

However, the notion that an individual with fiduciary duties to a corporation and its shareholders would speak in those terms about something so basic and fundamental to the rule of law and our legal system is truly troubling.

But then again, can you blame Dimon?  He was perhaps simply acting consistent with those fiduciary duties and in the best interest of shareholders.   After all, should JPMorgan have put the DOJ (or SEC) to its burden of proof and thus been criminally indicted (or merely charged in a civil case) the hit to JPMorgan’s market capitalization (approximately $215 billion) likely would have been greater than $20 billion.  Viewed this way, the decision of JPMorgan’s board and it executives seems like a rationale corporate decision in the best interest of shareholders.

But here is the problem as I recently highlighted in my article “Why You Should Be Alarmed By the ADM FCPA Enforcement Action.”  While the specific risk-averse business decisions of a specific company may seem minor in isolation, the aggregate effect of these numerous decisions contributes to a facade of enforcement of any law – whether it is the Foreign Corrupt Practices Act (see here) or otherwise.

As former U.S. Attorney General Alberto Gonzales rightly noted in the FCPA context:

“In an ironic twist, the more that American companies elect to settle and not force the DOJ to defend its aggressive interpretation of the [FCPA], the more aggressive DOJ has become in its interpretation of the law and its prosecution decisions.”

For more on this dynamic see “Prosecutorial Common Law” by Michael Levy –  one of best guest posts in the history of FCPA Professor.

It truly is a sorry state of affairs.

And there is more.

As highlighted at the end of this video (around the five minute mark), Senator Elizabeth Warren chides government regulators for not exploiting this imbalance even more to extract even more shareholder money from risk averse corporations.


The New York Times returns, once again, to JPMorgan’s FCPA scrutiny concerning alleged hiring practices in China.  This article states:

“[A] confidential email has emerged that shows a top Chinese regulator directly asked Jamie Dimon, the bank’s chief executive, for a “favor” to hire a young job applicant. The applicant, a family friend of the regulator, now works at JPMorgan.  […]  JPMorgan said Mr. Dimon had nothing to do with the decision to hire the young woman, described within the bank as well qualified. And like the C.E.O. of any large company, Mr. Dimon can be expected to meet with many people in a given day. According to a person briefed on the investigation, he is not suspected of any wrongdoing. Still, the episode underscores the dual forces driving JPMorgan and other Wall Street banks to hire the family and friends of China’s ruling elite. The banks sought to build good will with Chinese officials, who, in turn, expected favors from the banks.”


Related to the above issue, this article states:

“UBS has suspended two staff members, including its top capital markets banker in Asia, as the Swiss bank investigates its hiring of the daughter [Joyce Wei] of the chairman of a Chinese chemicals company that is considering a $1 billion share sale the bank has sought a role in.  […]  Ms. Wei is the daughter of Wei Qi, the chairman of Tianhe Chemicals, a privately owned Chinese company that is considering a potential $1 billion initial public offering in Hong Kong this year. UBS is one of the banks positioned to secure a role in the deal.  […]  “It’s not a ‘princeling’ issue, because Joyce Wei is not a princeling,” [a person familar with the matter] said, referring to the children of senior Chinese government officials. “Tianhe is not a state-owned company,” the person added. Instead, the investigation is focused on “whether internal processes were adhered to or not.”

Even so, UBS remains part of the SEC’s industry sweep of the financial sector regarding hiring practices in China.

What Is A Board’s Responsibility For Compliance?

A guest post today from Thomas Fox who runs the FCPA Compliance and Ethics Blog.


“The nightmare of every corporate director is to wake up to find out that the company of the Board he or she sits on is on the front page of the New York Times (NYT) for alleged illegal conduct. This nightmare came true for the Directors of Wal-Mart when the New York Times, in an article entitled “Vast Mexico Bribery Case Hushed Up by Wal-Mart After Top-Level Struggle”, alleged that Wal-Mart’s Mexican subsidiary had engaged in bribery of Mexican governmental officials and that the corporate headquarters in Bentonville, Arkansas, had covered up any investigations into these allegations.

Recently the NYT reported that shareholders were asking questions of the Wal-Mart Board regarding its response these allegations. In a story, entitled “More Dissent in a Store Over Wal-Mart Bribery Scandal”, Stephanie Clifford reported Wal-Mart shareholders are still asking questions of the Board regarding its role in the ongoing scandal. Some of these questions include “whether the company is holding current and former executives financially responsible for breaching company policies” and concerns about the company’s supply chain vendors. This shareholder dissatisfaction led several groups of large shareholders to indicate that they would vote against the company’s current Board of Directors at its annual shareholder meeting.

Clifford quoted from a report by Institutional Shareholder Services (ISS), a proxy advising firm, which said that investors have also complained about “being in the dark about the nature and extent of the alleged violations (and knowledge of them within the company)” and the company’s “timetable for completion of its investigation and disclosure of its results.”  There were also questions raised about the remediation efforts of Wal-Mart. The ISS report went on to add that “Shareholders should vote against these directors to send a clear message to the board that such poor oversight does not come without repercussions.”

The publicity and costs to Wal-Mart have been well documented.  On his FCPA Professor website, Professor Koehler has consistently stated that he views this scandal as largely a failure of corporate governance. In a post entitled, “Wal-Mart One Year Later” he said, “corporate governance, or lack thereof, is what made the NY Times April 2012 remarkable.  This is the reason why Wal-Mart generated all the buzz it did a year ago this week and I’ve consistently held the view that the Wal-Mart story is a corporate governance sandwich with the FCPA as a mere condiment.” I thought about Professor Koehler’s observations on this failure in light of Clifford’s article and wondered what the Board’s legal obligations might be.

I.                   Some Case Law

As to the specific role of ‘Best Practices’ in the area of general compliance and ethics, one can look to Delaware corporate law for guidance. The case of In Re Caremark International Inc. Derivative Litigation 698 A.2d 959 (Del.1996) was the first case to hold that a Board’s obligation “includes a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate, exists, and that failure to do so under some circumstances may, in theory at least, render a director liable for losses caused by non-compliance with applicable legal standards.” The Corporate Compliance Blog, in a post entitled “Caremark 101”, said that the Caremark case “addressed the board’s duty to oversee a corporation’s legal compliance efforts. As part of its duty to monitor, the Board must make good faith efforts to ensure that a corporation has adequate reporting and information systems. The opinion described this claim as “possibly the most difficult theory in corporation law upon which a plaintiff might hope to win a judgment,” with liability attaching only for “a sustained or systematic failure to exercise oversight” or “[a]n utter failure to attempt to ensure a reporting and information system.”

In the case of Stone v. Ritter 911 A.2d 362, 370 (Del. 2006), the Supreme Court of Delaware expanded on the Caremark decision by establishing two important principles. First, the Court held that the Caremark standard is the appropriate standard for director duties with respect to corporate compliance issues. Second, the Court found that there is no duty of good faith that forms a basis, independent of the duties of care and loyalty, for director liability. Rather, Stone v. Ritter holds that the question of director liability turns on whether there is a “sustained or systematic failure of the board to exercise oversight – such as an utter failure to attempt to assure a reasonable information and reporting system exists.”

Andrew J. Demetriou and Jessica T. Olmon, writing in the ABA Health Esource blog, said that “This standard aims to protect shareholders by ensuring that corporations will adopt reasonable programs to deter, detect and address violations of law and corporate policy, while absolving the Board from liability for corporate conduct so long as it has exercised reasonable responsibility with respect to the adoption and maintenance of a compliance and reporting system. Although the standard protects the Board, consistent with most jurisprudence under the business judgment rule, it also requires that the Board follow through to address problems of which it has notice and this may include adopting modifications to its compliance program to address emerging risks.”

Lastly, I recently heard Jeff Kaplan discuss the oversight obligations of the Board regarding the compliance function. In addition to the above cases, he discussed the case of Louisiana Municipal Police Employees’ Retirement System et al. v. David Pyott, et al., 2012 WL 2087205 (Del. Ch. June 11, 2012) (rev’d on other grounds, No. 380, 2012, 2013 WL 1364695 (Del. Apr. 4, 2013), which was a shareholder action that went forward against a Board based upon a claim that the Board knew of compliance risk based on the company’s business plan. The Delaware Court pointed out the possibility that “the appearance of formal compliance cloaked the reality of noncompliance, and directors who understood the difference between legal off-label sales and illegal off-label marketing continued to approve and oversee business plans that depended on illegal activity.” Kaplan believes that this case more generally, supports the need for risk-based oversight by a Board.

II.                FCPA Guidance and US Sentencing Guidelines

A Board’s duty under the Foreign Corrupt Practices Act (FCPA) is well-known. In the Department of Justice / Securities and Exchange Commission FCPA Guidance, under the Ten Hallmarks of an Effective Compliance Program, there are two specific references to the obligations of a Board.

The first in Hallmark No. 1, entitled “Commitment from Senior Management and a Clearly Articulated Policy Against Corruption”, states “within a business organization, compliance begins with the board of directors and senior executives setting the proper tone for the rest of the company.”

The second is found under Hallmark No. 3 entitled “Oversight, Autonomy and Resources”, where it discusses that the Chief Compliance Officer (CCO) should have “direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors (e.g., the audit committee).”

Further, under the US Sentencing Guidelines, the Board must exercise reasonable oversight on the effectiveness of a company’s compliance program. The DOJ’s Prosecution Standards posed the following queries: (1) Do the Directors exercise independent review of a company’s compliance program? and (2) Are Directors provided information sufficient to enable the exercise of independent judgment?

Board failure to head this warning can lead to serious consequences. David Stuart, a senior attorney with Cravath, Swaine & Moore LLP, noted that FCPA compliance issues can lead to personal liability for directors, as both the SEC and DOJ have been “very vocal about their interest in identifying the highest-level individuals within the organization who are responsible for the tone, culture, or weak internal controls that may contribute to, or at least fail to prevent, bribery and corruption”. He added that based upon the SEC’s enforcement action against two senior executives at Nature’s Sunshine Products, “under certain circumstances, I could see the SEC invoking the same provisions against audit committee members—for instance, for failing to oversee implementation of a compliance program to mitigate risk of bribery”. It would not be a far next step for the SEC to invoke the same provisions against audit committee members who do not actively exercise oversight of an ongoing compliance program.

There is one other issue regarding the Board and risk management, including FCPA risk management, which should be noted. It appears that the SEC desires Boards to take a more active role in overseeing the management of risk within a company. The SEC has promulgated Regulation SK 407 under which each company must make a disclosure regarding the Board’s role in risk oversight which “may enable investors to better evaluate whether the board is exercising appropriate oversight of risk.” If this disclosure is not made, it could be a securities law violation and subject the company, which fails to make it, to fines, penalties or profit disgorgement.

From the Delaware cases, I believe that a Board must not only have a corporate compliance program in place but actively oversee that function. Further, if a company’s business plan includes a high-risk proposition, there should be additional oversight. In other words, there is an affirmative duty to ask the tough questions. The specific obligations set out regarding the FCPA drive home these general legal obligations down to the specific level of the statute.

The Wal-Mart case has driven home the need for focused Board of Directors oversight of a company’s compliance program.  But it is more than simply having a compliance program in place. The Board must exercise appropriate oversight of the compliance program and indeed the compliance function. The Board needs to ask the hard questions and be fully informed of the company’s overall compliance strategy going forward. If the Wal-Mart Board had fulfilled its legal obligations regarding compliance, the company might not have found itself on the front page of the New York Times.”

Where Was The BizJet Board?

Many assume that my article “The Facade of FCPA Enforcement” is all about over-enforcement of the FCPA based on untested and dubious legal theories not subjected to judicial scrutiny.  To be sure, these topics are discussed in great detail in the article.

However, also discussed in great detail in the article is the opposite end of the spectrum.  That being, despite seemingly clear-cut instances of corporate bribery per the government’s own allegations, a corporate enforcement action is resolved without FCPA anti-bribery charges.  The 2010 article discussed the most pertinent cases at the time – Siemens and BAE.

In this April 2012 post, I first commented on the egregious nature of the BizJet corporate enforcement action and noted that when conduct giving rise to corporate liability involves senior executive misconduct and apparent knowing acquiescence by the Board, the entity – simply put – should not be offered an alternative resolution vehicle.  Yet, BizJet was allowed to resolve the enforcement action via a deferred prosecution agreement, meaning that should it abide by the terms and conditions of the agreement, BizJet will never be required to plead guilty to anything.

The following was known in 2012 about the BizJet enforcement action.

  • The conduct giving rise to the enforcement action was engaged in by various executives at the highest levels of the company.
  • The Board of Directors was specifically informed by certain of the executives that the company “would pay referral fees in order to gain market share.”

Information revealed in connection with the recent unsealing of the former BizJet executives enforcement action (see here and here for prior posts) adds the following relevant information.

  • The scope of the improper conduct engaged in by the various executives was not just limited to Mexico and Panama as suggested by the 2012 corporate enforcement action.  Rather, according to the DOJ, improper conduct also related to BizJet business in Brazil and Chile.
  • According to the DOJ, the scope of the improper conduct was not just limited to foreign business conduct, but domestic business conduct as well.  The recently unsealed information states that customers or potential customers BizJet bribed “included customers both in the United States and abroad.
  • Regarding the above referenced Board of Directors meeting, the DOJ asserts that in response to a question by a director about how BizJet would survive the next six months without ‘burning cash,’ a senior executive stated that BizJet expected to gain market share by paying ‘referral fees’ just as the competition was doing.

In short, and per the DOJ allegations, BizJet was an egregious instance of corporate bribery, broad in scope. conceived of and executed by senior executives, with board knowledge and acquiescence.

The question ought to be asked – where was the BizJet board and what, if anything, did it do in November 2005 upon learning that senior executives were engaged in bribery?

Per the DOJ’s allegations, this was not a situation in which the Board of Directors needed to engage in any detailed inspection of the company’s books and records or have sophisticated knowledge to discover the bribery scheme.  Rather, the Board was specifically told by senior executives that the company was engaged in bribery.

In a notable case in the corporate director context (Francis v. United Jersey Bank) the court stated that “the sentinel asleep at his post contributes nothing to the enterprise he is charged to protect […] Shareholders have a right to expect that directors will exercise reasonable supervision and control over the policies and practices of a corporation.  The institutional integrity of a corporation depends upon the proper discharge by directors of those duties.”

The egregious BizJet enforcement action also raises the question of whether corporate criminal liability means anything?

Many, including myself, believe that corporate criminal liability principles need revisiting.

For purposes of this post however, the important perspective is that of the DOJ which has long maintained that corporate criminal liability is a fundamentally sound legal doctrine not in need of revision.

If that is the DOJ position, then it must be asked – does corporate criminal liability actually mean anything if a company like BizJet – given the DOJ’s allegations – is not actually criminally prosecuted or required to plead guilty?

In short, the resolution vehicles the DOJ has created and championed has again lead to a “facade of enforcement” – albeit an instance on the opposite end of the spectrum that I normally highlight.

Powered by WordPress. Designed by WooThemes