A New York federal district judge handed down a significant decision dismissing much of the SEC's securities fraud enforcement action against SolarWinds arising from its claims relating to SolarWinds' cybersecurity policies and disclosure of a significant cyberattack against the SolarWinds' network. In this episode of Corruption, Crime, and Compliance, Michael Volkov discusses the significant dismissal of most of the SEC's securities fraud claims against SolarWinds by a New York federal district court. The case highlights the ongoing challenges in balancing cybersecurity disclosures with regulatory requirements, and the implications this ruling might have for future SEC enforcement actions.



You’ll hear him discuss:

• Judge's Decision: The court ruled that the SEC's claims were overly reliant on hindsight and speculation, particularly regarding SolarWinds’ early-stage disclosure during the investigation of cyber incidents.
• Pre- and Post-Sunburst Disclosures: While the court upheld charges related to SolarWinds' pre-Sunburst cybersecurity statements, it dismissed the SEC’s claims about the company’s post-Sunburst disclosures, finding them not misleading under the circumstances.
• Internal Controls vs. Cybersecurity: The court rejected the SEC's attempt to apply internal accounting controls provisions to cybersecurity policies, marking a significant limitation on the SEC's enforcement scope.
• Implications for SEC's Approach: This decision contradicts the SEC's previous stance in cases like R.R. Donnelly, potentially influencing future SEC actions regarding cybersecurity and internal controls.
• Broader Impact: The ruling may affect how cybersecurity risks are reported and how companies manage their disclosure obligations, particularly in light of potential appeals and further litigation by the SEC.

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Have you heard of the recent controversies around Boeing 737 MAX and its safety? Have you wondered what is being done about the concerns around it? In this episode of Corruption, Crime, and Compliance, Michael Volkov delves into the latest developments in the Boeing 737 MAX case, highlighting the recent plea agreement proposed by the Department of Justice (DOJ). The Boeing 737 MAX case took another dramatic turn. On July 24, 2024, the Department of Justice filed with the United States District Court for the Northern District of Texas a proposed plea agreement with Boeing. Under the Plea Agreement, Boeing will plead guilty to the original Information filed in 2021 with the Deferred Prosecution Agreement ("DPA"). The discussion focuses on Boeing's alleged failure to implement adequate compliance measures, leading to significant risks and violations, and the ongoing legal and ethical implications of the case. Tune in to hear a detailed analysis of the complexities and legal ramifications of Boeing’s recent plea agreement and what it means for corporate compliance and accountability.

You’ll hear him talk about:

• Certification Issues: Boeing failed to ensure its 737 MAX certifications were accurate, risking false certifications to the FAA.
• DOJ Plea Deal: Boeing agreed to plead guilty to conspiracy to defraud the U.S., facing opposition from victims' families who find the resolution insufficient. The plea agreement, which has been filed under Federal Rule Criminal Procedure 11(c)(1)(C), requires the Court to approve and accept the deal. The Court can reject the plea deal and require the parties to renegotiate the terms.
• Victims’ Rights: The proposed resolution has been controversial because of the opposition of the families of the victims, who have opposed the plea agreement and general disposition of DOJ's investigation and prior resolutions as insufficient to vindicate the public interest and their rights as victims of Boeing's malfeasance
• Compliance Failures: Boeing breached its DPA by not implementing effective compliance controls, particularly in safety and quality processes.
• Independent Monitor: Boeing will be monitored for three years and must invest $455 million in compliance and safety improvements.
• Ongoing Challenges: Boeing’s anti-fraud measures still have gaps, with broader implications for industries where safety is critical.

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

With the beginning of the “New FCPA” era coined by DOJ’s Deputy Attorney General Lisa Monaco, we now need to focus on third-party risk and sanctions enforcement. The law, the practice, and the risks are important and not just the same as FCPA legal requirements. As we embark on a new criminal enforcement era surrounding sanctions violations, companies have to address this issue and do it correctly. 

In this episode, Michael Volkov takes a comprehensive look at third-party risks from the distribution and supply sides and outlines appropriate strategies to manage these risks.

• Epsilon Electronics serves as a stark reminder of the financial consequences of non-compliance. The company faced an OFAC enforcement action due to a shipment to Iran, resulting in a staggering penalty of over $4 million.
• Apollo Aviation Group settled with OFAC for $210,600 for leasing aircraft engines which ultimately ended up being placed in to aircraft of a prohibited entity, Sudan Airways, violating sanctions regulations.
• ELF Cosmetics settled with OFAC for $996,000 for importing false eyelash kits containing materials sourced from North Korea, highlighting supply chain due diligence failures.
• The ELF Cosmetics case underscores the crucial role of supply chain due diligence in preventing sanctions violations. Instead of sticking their heads in the sand, companies must undertake basic supply chain due diligence when sourcing products from regions close to high-risk countries or regions.
• “Reason to know” is now the key phrase guiding the New FCPA era. OFAC does not need to prove goods ultimately end up in a sanctioned country. When you see red flags, you must resolve them or they could be considered a “reason to know” in OFAC’s eyes.
• Seven essential elements to boost your compliance program and effectively mitigate third-party sanctions risks include risk assessment, varying levels of due diligence, end-user documentation, monitoring, training, and red flag identification.

Resources

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

The Justice Department ended its FCPA enforcement drought by announcing its first corporate settlement in 2022. In a parallel action, the SEC announced its settlement with Stericycle for $28 million for FCPA violations. The SEC’s settlement was its second with a company for 2022 (the first was KT Corp.).

Under the settlement, Stericycle resolved investigations being conducted by the Department of Justice, the Securities and Exchange Commission and Brazil. Stericycle agreed to enter into a three-year deferred prosecution agreement and pay more than $84 million. Stericycle will pay $52.5 million in criminal penalties, $28 million to the SEC in civil penalties and disgorgement, and approximately $9.3 million to Brazilian authorities. DOJ agreed credit up to one-third of the criminal penalty against fines the company pays to Brazil authorities.

Significantly, the DPA requires Stericycle to obtain an independent compliance monitor for a two-year period and then submit a self-report for the rest of the DPA term. 

Stericycle is a global waste management company which is headquartered in Illinois. In its factual admission, Stericycle admitted a wide ranging scheme involving payment of bribes to foreign officials in Brazil, Mexico and Argentina. In total, Stericycle paid approximately $10.5 million in bribes to foreign officials in Brazil, Mexico and Argentina to secure business contracts from which Stericycle profited by at least $21.5 million.

In this Episode, Michael Volkov reviews the Stericycle FCPA enforcement action.

In this Episode Tom Fox and Mike Volkov review recent DOJ trial successes and stumbles -- Tom and Mike review DOJ trial strategy, successes and failures and approach of the antitrust division.

OFAC recently announced a settlement with OFAC for $78,750 for violations of the Ukraine-Russia Sanctions Program. The enforcement action provides important reminders relating to compliance with various "deby" maturity restrictions and how OFAC construes this restriction.

In this Episode, Michael Volkov reviews OFAC's enforcement action against S&P Global.

The SEC is a very busy agency. While promising more aggressive enforcement of securities rules, the SEC has issued two set of comprehensive rule amendments. The first proposes new rules governing cyber incident reporting, disclosures and governance. In the second major policy action, the SEC issued its long-awaited rules governing climate change and greenhouse gas emissions.

in this Episode, Michael Volkov reviews the two proposals.

The Antitrust Division’s Assistant Attorney General Jonathan Kanter promised a new era in antitrust enforcement. He won bi-partisan support from both Republicans and Democrats. Across the antitrust field, he promised aggressive merger enforcement, civil enforcement against digital markets, and constraint of market power in numerous industries. AAG Kanter promised a new approach and he is delivering.

In this Episode, Michael Volkov reviews two recent speeches and enforcement efforts by DOJ's Antitrust Division.

In another indication of DOJ's aggressive approach to enforcement of sanctions against Russia, DOJ announced the indictment of a TV producer for violations of the Crimea-Related Russian sanctions program. As outlined in the indictment, Jack Hanick, a former Fox News executive, was indicted for a sanctions violations stemming from his long-time relationship with a prohibited Russian oligarch (Specially Designated National) relating to the creation and promotion of the Russian Television Network.

In this Episode, Michael Volkov reviews DOJ's indictment and the facts surrounding Hanick's conduct.

The continuing crisis in Ukraine has resulted in additional sanctions and export controls. It is hard to keep up with new developments each day. In recent steps, the United States has adopted a comprehensive set of export controls and implemented a ban on import of Russian oil, gas and coal.

In this Episode, Michael Volkov reviews the recent changes to the Russia sanctions and export controls.

In an unprecedented and sweeping set of actions, the United States in coordination with its Allies and partners has implemented a robust set of sanctions and export controls against Russia designed to cripple Russia's economy. The unprecedented actions against Russia are intended to deter Russia from continuing its violent invasion of Ukraine and attacks against the Ukrainian people.

The Department of Treasury Office of Foreign Asset Control and the Department of Commerce Bureau of Industry and Security have issued comprehensive sanctions against Russia's financial industry, government investment funds, and oligarchs. In scope and complexity, the Russia sanctions and export controls raise significant compliance challenges for U.S. and global companies conducting business in Russia.

In this Episode, Michael Volkov surveys the sanctions and export controls.

The SEC announced the first FCPA enforcement action in 2022. South Korean telecommunications company, KT Corporation, agreed to pay $6.3 million to settle FCPA violations. As part of the settlement, KT Corp. agreed to pay $3.5 million in civil penalties and $2.8 million in disgorgement. KT Corp. is South Korea’s largest telecommunications company. 

KT Corp. violated the FCPA’s books and records and internal accounting controls provisions stemming from its activities in South Korea and Vietnam. As explained in the SEC’s Order, KT lacked sufficient internal accounting controls over its expenses, including executive bonuses and purchases of gift cards, which resulted in KT Corp. managers and executives generating slush funds for illegal purposes. Additionally, KT Corp. failed to adopt anti-corruption policies and procedures with respect to donations, employment candidates, vendors, subcontractors or third-party agents. As a result, KT Corp. employees were able to provide improper benefits to government officials and potential government customers.

In this Episode, Michael Volkov reviews the KT Corp. settlement.

Susan Divers, LRN Senior Advisor, reviews LRN's 2022 Ethics and Compliance Program Effectiveness Report. LRN conducts an annual Ethics and Compliance Program Effectiveness Report (“LRN Report”) that is a must-read for business leaders, managers, investors, compliance professionals and other stakeholders. LRN’s annual report has addressed key issues surrounding the impact of the COVID-19 pandemic on companies and ethics and compliance programs. 

Carlos Villagrán is the Director of Compliance at CMPC, a 100-year-old Chilean-based holding company, one of the worldwide leading pulp, paper, packaging, personal care, and other forest products manufacturers. With more than 20,000 employees, CMPC has industrial operations in 9 countries (LatAm and the US) and commercial offices in the US, Europe, and China, selling and distributing its products to more than 45 countries around the world. Carlos joined CMPC to remediate and rebuild CMPC's culture and compliance program after a devastating scandal -- CMPC was prosecuted for its involvement in a decade-long conspiracy to fix prices in Peru and Chile for consumer paper products. Carlos discusses the challenges he faced in rebuilding CMPA's culture and commitment to compliance. His story is an inspiration to all legal and compliance professionals and provides important instructive lessons to corporate leaders and compliance professionals.

You'll hear Michael and Carlos discuss:

• The importance of rebuilding and rediscovering the values and purpose of CMPC after a major corporate crisis.
• The effects on market share quotas and sales prices when CMPC faced an investigation and found to be the leader of a cartel in Chile and Peru.
• How the crisis significantly impacted CMPC's reputation, leading to public protests and consumer backlash in Chile and Peru.
• CMPC’s compliance team addressed the company’s complex nature because of its diverse workforce, including data analytics experts, IT professionals, and engineers.
• How the compliance program at CMPC shifted from a traditional approach to a more cultural and system-thinking perspective, aligning with the company's values and operations.
• Success for the compliance program at CMPC is defined by the number of critical tables the team is seated on, indicating their value and integration within the business operations.

Resources

Carlos Villagran on the Web | LinkedIn

Email: carlos.villagran@cmpc.cl or cfvillagran@gmail.com

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Ethics and compliance professionals believe in their mission – if they did not, they would not be in the field. E&C professionals believe in the power of positive thinking, ethical conduct, and in the overall ability of an organization to operate as an “ethical” company. They work for their mission and it is a positive mission. 

The New Year is a great time for E&C professionals to take stock on their compliance programs and to plot out a path forward. Luckily for most compliance professionals, there are lots of opportunities to advance their objectives. E&C is poised for another big jump on the corporate governance ladder, and this is a big year for E&C professionals to push their respective companies to support such efforts.

There are three significant trends that will continue to play out this year that create opportunities. These three trends, which I will discuss in greater detail are: (1) the continued emphasis on the importance of corporate culture; (2) the importance of ESG and in particular the “G” element; and (3) the current Administration’s aggressive enforcement and regulatory initiatives.

In this Episode, Michael Volkov reviews these important ethics and compliance trends.

Even with the absence of any major DOJ FCPA enforcement actions, DOJ issued an interesting FCPA Opinion Letter last week addressing application of the FCPA in circumstances where organizations face imminent serious bodily harm. While the situation may appear to be unique, it is a factual scenario that occurs more often than DOJ recognizes.

In October 2021, a Requestor submitted an Opinion Letter application that presented compelling circumstances. The Requestor, an owner of a vessel, explained that a Foreign Country’s Navy had seized its vessel. Arrested and detained the captain and detained the vessel and its crew. Given the captain’s mental and physical health, the captain’s incarceration created an immediate threat of serious physical harm. A third-party acting on behalf other Country’s Navy demanded a cash payment of $175,000 to release the captain, the crew and the vessel. DOJ acted quickly and approved the Opinion Letter request. The payment was made and the captain and crew were released.

The Requestor submitted additional information to DOJ, and a more formal Opinion Letter was released last week containing the full story and analysis. While the circumstances are relatively unique, DOJ’s analysis provides additional clarity surrounding the definition of “corrupt intent” and the “business purpose” test.

In this Episode, Michael Volkov reviews this interesting FCPA Opinion Letter.

Economic sanctions enforcement is a fast-rising risk for global companies. For many years, the Treasury Department’s Office of Foreign Asset Control (“OFAC”) focused primarily on financial institutions. Over the last ten years, OFAC has stretched its enforcement eyes towards software, manufacturing, telecommunications and technology companies.

With this growth in sanctions enforcement, OFAC has embraced an aggressive view of third-party risks. Like the FCPA, under OFAC’s regime, third parties are not permitted to do what the primary company cannot do. As a result, we have witnessed a steady increase in OFAC enforcement actions against global companies for failing to ensure compliance by third-party agents, distributors and other intermediaries.

In this Episode, Michael Volkov takes a deep dive into third party sanctions risks and strategies to mitigate such risks.

One of my favorite New Year's reviews is under the title of “Person” of the Year. In the past, I have singled out Chief Compliance Officers, Chief Ethics Officers, Prosecutors, and Whistleblowers.

For 2021, the choice is obvious – the most important trend is the rise of Environmental, Social and Governance (“ESG”) programs. In second place, I would choose Supply Chain Management and Risks, given the importance of supply chain management in the post-pandemic world. 

In the end, ESG dominated the headlines and earned the annual recognition as the issue of the year. 

The Department of Justice secured a guilty plea from NatWest Markets, the newly-named Royal Bank of Scotland, for trade manipulation, referred to as “spoofing,” in U.S. Treasury markets. The NatWest resolution reflected new changes in DOJ’s white collar enforcement policies, including acknowledgement and consideration of NatWest’s prior misconduct (criminal and civil) and appointment of an independent compliance monitor. NatWest was not offered a deferred or non-prosecution agreement; instead it was required to plead guilty to a criminal charge of securities fraud and another charge of wire fraud.

Under the plea agreement, NatWest agreed that during the period of 2008 to 2014, traders in its Stamford and London offices spoofed the market for Treasury futures contracts. In addition, two traders at NatWest’s Singapore branch spoofed the secondary cash market for Treasury securities in 2018. The spoofing scheme violated a 2017 non-prosecution agreement between the United States and NatWest’s broker-dealer subsidiary, and occurred while NatWest was on probation for a separate conviction for manipulation of the foreign currency exchange market.

DOJ cited NatWest’s status as a repeat offenders as justification for requiring a criminal guilty plea to two counts. Under the plea agreement, NatWest Markets will pay $35 million in restitution, forfeiture and a criminal fine, serve three years’ probation and take on an independent compliance monitor.

In this Episode, Michael Volkov reviews the NatWest prosecution and settlement agreement.

In a major development, the Antitrust Division returned an indictment against six executives from aerospace engineering firms for an illegal conspiracy to restrict competition in the labor market for aerospace engineers.

After warning U.S. businesses, DOJ started bringing criminal cases against businesses that restrict competition for labor through illegal price-fixing or no-poach agreements. The Connecticut criminal case represents a major step in the Justice Department's focus on illegal agreements in labor markets.

In this Episode, Michael Volkov reviews the criminal case and the specific allegations.

The Biden Administration announced a new, comprehensive anti-corruption initiative, the United States Strategy on Countering Corruption. The new anti-corruption initiative is the follow on to the earlier announcement elevating the global anti-corruption battle to a national security concern. After that announcement, the Biden Administration conducted a 200-day inter-agency examination to develop a comprehensive government-wide anti-corruption initiative.

The 38-page plan released last week outlines steps for cracking down on criminal actors and their networks while improving cooperation among federal agencies and law enforcement. The Biden Administration announced plans to increase financial transparency and new regulations on U.S. real-estate purchases to prevent money laundering.

In this Episode, Michael Volkov reviews the new initiative and the important issues raised.

The Delaware Chancery Court is continuing its trend of permitting Caremark claims against corporate board members who fail to exercise proper oversight and monitoring of compliance programs. Over the past few years, the Delaware Chancery Court has consistently raised the stakes and expectation for Board member performance on corporate boards.

In this Episode, Michael Volkov reviews the current board member liability cases and the Court's recent rulings.

Tom Fox is a leader in the ethics and compliance field. He is regularly referred to as the "Compliance Evangelist."

Tom recently just released the Second Edition of The Compliance Handbook, a comprehensive review and guide to the elements of an effective ethics and compliance program. Tom is known for his practical and efficient approach to difficult ethics and compliance issues. His new Handbook is a must-have for ethics and compliance professionals but more importantly for business leaders and managers who understand the importance of implementing an effective ethics and compliance program.

In this Episode, Michael Volkov interviews Tom Fox about the Second Edition of The Compliance Handbook and the important issues addressed in the Handbook.

The Boeing 737 MAX scandal is a troublesome and disturbing case where corporate board oversight and responsibility was lacking. The implications of the board’s failure resulted in the killing of innocent passengers and the grounding of Boeing’s 737 MAX. Add to that a $2.5 billion settlement, a criminal case against a Chief Technical Pilot, and continuing safety and technical problems, and you have recipe for continuing disaster at Boeing.

The Delaware Chancery Court's recent decision denying Boeing's motion to dismiss shareholder derivative claims outlines a devastating picture of Board governance failures relating to Boeing's response to the Lion Air crash in October 2018 and the Ethiopian Airlines crash in March 2019. 

In this Episode, Tom Fox and Michael Volkov discuss the implications of this recent decision.

Over the last ten years, we have seen a marked shift from the Delaware Chancery Court chipping away at corporate board member liability claims. In a number of seminal cases involving Boeing airplane crashes (In re the Boeing Co. Derivative Litig., No. 2019-0907 (Del. Ch. Sept 7, 2021)), and deadly listeria outbreaks from tainted ice cream (Marchand v. Barnhill, 212 A.3d 805 (Del. 2019)), Delaware Courts have upheld plaintiffs' cases against claims of failing to adequately plead violations of the standards set forth in Caremark, 698 A.2d 959 (Del. Ch. 1996), (establishing basic pleading requirements to withstand motions to dismiss). 

In this episode, Mike Volkov provides a comprehensive update on the recent Caremark decisions issued by the Delaware Chancery Court, underscoring their importance for accountability and governance in the corporate world.

• Caremark oversight duties stem from the well-established duty of loyalty and its subsidiary duty of good faith. To plead a Caremark claim, a plaintiff is required to put forth adequate facts from which a factfinder can make a reasonable inference that the fiduciary acted in bad faith. 
• Under Caremark, bad faith can be established when a fiduciary: “(1) utterly fail[s] to implement any reporting or information system or controls," or (2) having implemented such a system or controls, consciously fail to monitor or oversee its operations, which results in a failure to act or attend to a risk or problem requiring their attention or response. 
• Last year, the Chancery Court made a groundbreaking decision, extending the so-called Caremark oversight obligations and governance requirements to senior management in the McDonald's case. In re McDonald’s Corp. S’holder Derivative Litig., 289 A.3d 343 (Del. Ch. 2023). This ruling is one of the most significant developments in recent years, advocating for increased accountability for oversight and governance failures.
• Recent cases, such as the Boeing 737 MAX crashes and the Listeria outbreak from tainted Blue Bell ice cream, have highlighted failures in proper board governance and oversight responsibilities.
• In a case involving Segway, the Chancery Court dismissed a motion against an officer for failing to detect financial discrepancies, emphasizing the need to demonstrate a lack of good faith in monitoring central compliance risks.
• The trend in Delaware Chancery Court decisions is moving towards holding directors and officers accountable for failures to act in response to indications of potential illegal conduct, with a focus on bad faith actions.
• The Boeing case exemplifies the consequences of board members ignoring safety concerns and focusing solely on the bottom line, leading to tragic outcomes that could have been prevented with proper oversight and accountability.

Resources

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Credit Suisse Group AG (“Credit Suisse”), a global financial institution, and its London-based European subsidiary, Credit Suisse Securities (Europe) Limited (“CSSEL”) resolved a wide-ranging bribery and fraud scheme involving investments and financing arrangements for an $850 million loan for a tuna fishing project in Mozambique. To resolve the violations, Credit Suisse agreed to pay a total of $547 million in penalties, fines and disgorgement as part of comprehensive criminal and civil resolutions in the United States and the United Kingdom.

In this Episode, Michael Volkov reviews the Credit Suisse global fraud and bribery enforcement action.

As companies focus more on ESG, it is obvious that companies will achieve a significant number of benefits beyond that defined in the ESG acronym. A well-designed and tailored program will bring significant benefits to the overall company’s operations.

There are a number of important issues that design and implementation of an ESG program entail. It is hard to fill in many of the important issues given the SEC’s ongoing rulemaking on ESG disclosure issues. Obviously, SEC regulations will have a significant impact and everyone is anxiously awaiting the regulations. In the meantime, many companies are moving forward with planning and implementation. That is a good thing because it is unlikely that the SEC will alter the landscape to which many companies are moving.

Here is a list of issues, which I will explore in this podcast:

·     Who should conduct oversight of the ESG program? A specific committee or the overall board?

·     Who should be responsible for design and implementation of an effective ESG program?

·     

·     How should ESG reporting and disclosure occur? How should the talismanic standards of “materiality” be applied in this context?

How can technology be used to ensure proper oversight and reporting of ESG issues?

The Justice Department announced the indictment of Mark Forkner, a former Chief Technical Pilot for Boeing for his role in the 737 MAX scandal. Specifically, Forkner is charged with deceiving the FAA’s Aircraft Evaluation Group (“FAA AEG”) relating to Boeing’s 737 MAX airplane and defrauding Boeings U.S.-based airline customers to earn millions of dollars for Boeing.

Boeing’s 737 MAX scandal is tragic and disturbing. In January 2021, Boeing settled with the Justice Department and agreed to enter into a Deferred Prosecution Agreement in exchange for total payments of $2.5 billion. As you will recall, Boeing’s 737 Max was involved in two crashes in 2018 and 2019 before being grounded. 

In October 2018, Lion Air flight 610 crashed in the Java Sea, killing 189 people, and in March 2019, Ethiopian Airlines flight 302 crashed shortly after takeoff, killing 157 people. The United States ordered the planes grounded shortly after the Ethiopian Airlines crash.

In this Episode, Michael Volkov reviews the criminal indictment against Mark Forner and his role in the Boeing 737 MAX scandal.

The Biden Administration announced its commitment to the global battle against corruption as a new, national security issue. This policy represents a significant transformation in the U.S. commitment to the battle against corruption.

In this Episode, Scott Greytak from Transparency International USA joins us to discuss the current policy initiatives surrounding the global commitment to fight corruption.

The Justice Department’s Antitrust Division has targeted collusion in labor markets for criminal prosecution. This was not unexpected. Indeed, the Antitrust Division gave plenty of warning to the high-tech industry and other companies that criminal prosecutions were on the horizon.

DOJ handled initial prosecutions of labor market collusion in the high-tech sector by civil prosecutions and resolutions. Out of an abundance of caution, DOJ recognized that it wanted to provide “fair warning” of its intention. While it may not have been clear that the Sherman Act prohibition on cartel activity applied to labor markets, DOJ and the private sector should have realized that collusion, wage-fixing and agreements not to compete were illegal collusion agreements. It is hard (if not impossible) to identify procompetitive justifications for such blatant anti-competitive conduct. 

In this Episode, Michael Volkov outlines antitrust risks and compliance strategies to avoid DOJ enforcement actions in the labor market.

In a pair of enforcement actions, OFAC settled two separate actions involving Schlumberger Limited subsidiaries – the first involving Cameron International Corporation, and the second, Schlumberger Rod Lift, Inc., a former subsidiary, that was acquired by Lufkin Rod Lift, Inc.

In this Episode, MIchael Volkov reviews the two OFAC enforcement actions.

WPP, the Largest Global Advertising Group, Settles FCPA Charges with SEC for $19.2 Million. After a long hiatus, the SEC announced a settlement with WPP plc, the world’s largest advertising group, for FCPA violations in India, China, Brazil and Peru for $19.2 million. The SEC’s resolution charges WPP with violations of the anti-bribery, books and records and internal accounting controls provisions of the FCPA.

In this Episode, Michael Volkov reviews the WPP SEC FCPA settlement.

An internal investigation is like reading a good novel. You begin the journey with a general expectation of what the novel or the “investigation” is about. As you learn more, the investigation gains momentum filled with moments of discovery, surprise and ultimately a basis for understanding.

In some cases, the end of the story (e.g. an oil well explosion) or dramatic event is known. In others, for example, a hotline report of alleged misconduct is substantiated after a thorough investigation involving a slow but steady understanding of what occurred, who was involved and how the scheme was executed.

In this Episode, Michael Volkov reviews the 5 common pitfalls in conducting an internal investigation.

The Department of Treasury's Office of Foreign Asset Control ("OFAC") continues to bring sanctions enforcement actions. At the same time, OFAC is reiterating the importance of sanctions compliance program. Building on its May 2019 Framework for Sanctions Compliance Program, OFAC is sticking to its word -- setting forth sanctions compliance program requirements and holding companies accountable for sanctions program violations.

In this Episode, Michael Volkov reviews recent enforcement actions, expanded Belarus sanctions, and continuing compliance expectations.

Chief compliance officers recognize the importance of conducting robust audits of their compliance programs. The audit process requires a delicate balance between qualitative and quantitative measures.

As corporate compliance programs build data analytics and technological capabilities, CCOs have to tailor the audit program to incorporate data as an effective measure of a compliance program.

In this Episode, Michael Volkov reviews strategies for conducting compliance program audits.

Directive 2019/1937 of the European Parliament and Council dated 23 October 2019 on the “protection of persons who report breaches of Union law” (the “Directive”) is currently being implemented by EU Member States. The directive has broad applicability to organizations operating in the EU internal market and applies to both public and private sector organizations alike. Whistleblowers are guaranteed legal protection to the extent: (1) they have reasonable grounds to believe that the information reported was true at the time of the report; and (2) the whistleblower reported either internally to the organization, externally to a competent authority, or publicly. Private sector organizations with 50 or more workers are legally required to establish channels and procedures for internal reporting of EU law breaches and conduct appropriate follow-up. 

In this episode, Mike Volkov is joined by Daniela Melendez and Alex Cotoia from the Volkov Law Group, who bring their expertise to the table as they delve into the EU Directive and its implementation by several member states. Listen to this discussion to understand and navigate the complexities of the EU Whistleblowing Directive.

• The EU Whistleblower Directive shifts the burden of proof on retaliatory actions to the person taking the detrimental action, requiring them to demonstrate it was not linked to reporting concerns.
• Global companies are taking a proactive stance by increasingly focusing on robust ethics and compliance programs. This strategic move is aimed at mitigating risks and promoting positive corporate citizenship in today's economy, where adherence to legal and ethical standards is paramount.
• France signed the EU Directive into law on March 21, 2022, outlining protocols for gathering and handling whistleblower reports, including a two-month deadline for imposing disciplinary sanctions.
• Germany enacted the EU Directive on May 12, 2023, allowing anonymous reports and setting a three-month investigation deadline after receiving the report.
• Spain addressed the EU Directive on February 2023 by covering additional topics like occupational health and safety breaches. The directive established a three-month deadline for investigations and allowed anonymous reports.
• Italy transposed the EU Directive on August 4, 2022, including administrative, financial, civil, and criminal offenses not covered by the Directive, with a 30-day deadline to conduct investigations upon receipt of reports.
• Companies are advised to make resources available to conduct investigations quickly due to the short timeframes set by various countries' whistleblower protection laws.

Resources

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Alex Cotoia on LinkedIn 

Email: acotoia@volkovlaw.com

Daniela Melendez on LinkedIn

Email: dmelendez@volkovlaw.com

The culture bandwagon is picking up steam.  Everyone is citing its organization’s “culture” as the foundation for its activities in the hope of meeting a rapidly evolving standard for organizations.  In its latest corporate compliance guidance, the Justice Department, along with numerous regulatory agencies continue to cite the importance of a company’s  “culture of compliance.”

But when it comes to defining the terms, how to manage a company’s culture and how to measure, monitor and measure a company’s culture – everyone responds with a blank stare.  That is when we hear the Justice Potter Stewart famous definition of obscenity, “I know it when I see it.”

To provide my own perspective on some of these issues, I am dedicating this podcast episode to corporate culture.  My answers may not be “correct” or even “persuasive,” but the dialogue has to begin.  I have long advocated for practical approaches to defining, managing and maintaining a company’s culture.  As I often write, culture is a company’s most important “internal control.”  

LRN recently issued its second of three annual reports on ethics and compliance program effectiveness.  The second report focuses on board engagement with ethics and compliance and lessons learned from the COVID-19 pandemic.

David Greenberg, a Special Advisor to LRN, joins us to discuss the interesting results of the LRN report.

The LRN report can be downloaded at https://lrn.com/

In two separate enforcement actions, OFAC announced settlements with Alfa Laval Middle East Ltd., a Dubai, UAE company (AL Middle East), and Alfa Laval, Inc., a Virginia-based company (AL US) for violations of OFAC’s Iran Sanctions Program. AL US enlisted its then subsidiary (now operating unit), Alfa Laval Tank, Inc, based in Exton, Pennsylvania (AL Tank), to participate in the scheme.

The Alfa Laval enforcement action underscores the dangers for global companies in compliance with US-based sanctions programs as part of global operations.  The parent company, Alfa Laval AB is based in Sweden (AL Sweden). AL Middle East agreed to pay OFAC $415,695, and AL US agreed to pay OFAC $16,875.

In this Episode, MIchael Volkov reviews the OFAC enforcement action and points out interesting aspects and trends.

The False Claims Act is a powerful enforcement tool.  The Justice Department with its partner agencies are ramping up enforcement efforts.  The Biden DOJ is preparing to implement an aggressive FCA program across healthcare, defense industries and other government contractors.

The False Claims Act stands as a major risk – businesses that depend on government business, including healthcare, defense and other contractors, have to address proactively the risks associated with False Claims Act liability.  Compounding this situation is an active and major whistleblower bar that generates qui tam relators needed to fuel Lengthy and costly government investigations.

In this Episode, Mike Volkov reviews the flurry of recent False Claims Act cases brought by the Justice Department.

The Justice Department and the Securities Exchange Commission are back in business.  The first corporate FCPA enforcement action in 2021 came after a six-month hiatus in 2021.

The first case against a corporate entity in 2021 is an interesting one because it reflects a coordinated settlement not only between DOJ and the SEC but the U.K.’s Serious Fraud Office and Brazil’s Ministério Público Federal (MPF), the Controladoría-Geral da União (CGU) and the Advogado-Geral da União (AGU) in Brazil.

Amec Foster Wheeler Energy, a subsidiary of the U.K. global engineering company, Wood Group, agreed to pay the United States $18.375 million to resolve criminal charges for bribery payments made in Brazil to win a $190 million contract to design a gas-to-chemicals facility.  Amec Foster entered into a three-year deferred prosecution agreement (DPA) in exchange for its payment of $18.375 million.

In related settlements, Amec Foster agreed to pay the SEC approximately $22.7 million in disgorgement and prejudgment interest to the SEC to resolve FCPA charges.  The SEC agreed to offset up to $9.1 million paid to Brazil and $3.5 million to the SFO in the United Kingdom, leaving a minimum payment of approximately $10 million to the SEC.

In this Episode, Michael Volkov reviews the Foster Wheeler FCPA enforcement action.

Under Armour settled its long-pending SEC investigation by agreeing to pay $9 million surrounding misleading statements and practices relating to its revenue growth and uncertainties as to future growth. As part of the settlement, the SEC declined to bring charges against its CEO, Kevin Plank, and its CFO, David Bergman. The Justice Department inquiry appears to have lost steam since the middle of last year, and DOJ likely declined prosecution.

Under Armour had been the subject of a long-running probe since 2019 when Under Armour disclosed the DOJ and SEC investigations into its accounting practices. The SEC’s case eventually focused on its revenue projections and accounting practices.

In this Episode, Jonathan Marks from Baker Tilly and Michael Volkov discuss the Under Armour case and financial accounting fraud.

In a far-reaching action, the Biden Administration elevated the global fight against corruption as a national security interest.  In an Executive Memorandum, the Biden Administration made a strong statement against corruption, citing the devastating impact that corruption has on democratic institutions, democratic governments, economic development, and other public interest objectives.  The Administration launched a robust inter-agency review of the anti-corruption battle, including increased international cooperation, anti-money laundering enforcement, increased support of the Anti-Kleptocracy Initiative, and increased focus on beneficial ownership.

In this Episode, Michael Volkov reviews the Biden Administration anti-corruption initiative.

LRN and NAVEX Global recently released two important annual surveys.  LRN issues a yearly report on ethics and compliance program effectiveness.  NAVEX Global issues an important annual report on incident management trends based on its large database of hotline data.

In this Episode, Michael Volkov review these two reports and the important ethics and compliance trends.

The NAVEX Global report can be downloaded here.

The LRN survey is here.

The ransomware attack on Colonial Pipeline demonstrated yet again the failure of government and business to anticipate cybersecurity issues through traditional tools – risk and vulnerability analysis, implementation of technology and planning to minimize a cyber event, and crisis response protocol.  In the aftermath of this debacle, the public lined up to purchase gallons of gasoline because of a short-term shortage in gasoline.  These scenes of panic were a reminder of the impact that poor government and business risk management can have on public reaction.

The Biden Administration issued a response quickly to update the government’s cybersecurity practices.  Federal agencies were directed to take a variety of actions to share information, strengthen cybersecurity practice and use new technologies to reduce cyber vulnerabilities.

All of that is well and good but until the private sector is subject to various requirements relating to cybersecurity, not much is going to change. For example, there still is no actual federal corporate disclosure requirement to notify law enforcement and the public after a company suffers a cyber-attack or suffers a cyber incident.  Similarly, there are no specific standards set for any industry sector that companies must meet to protect against cyber-attacks.

Companies and corporate boards have to address the cyber risk situation.  To do so, careful planning, assessments and coordinated strategies have to be designed and implemented.

The Biden Administration is expected to increase antitrust enforcement against criminal cartels and bid-rigging conspiracies.  Global companies have to address this significant risk by implementing a compliance program that meets the Justice Department's 2019 Guidance on Antirust Compliance Programs.

In this Episode, Michael Volkov reviews the Antitrust Division's Guidance and compliance program requirements.

NAVEX continues to produce high-quality compliance reports, many of which are a must-read in the compliance industry. Its annual Whistleblower Report is of particular note -- NAVEX is the leading provider of hotline services in the world, and its data is invaluable as a source of trends in this industry. This year --2024 -- is no exception. NAVEX combed through the data from 3784 organizations for 2023. Its headline conclusion -- 2023 was a busy year, with a record level of use and the substantiation rate reaching an eleven-year high. More reports came in, and more were found to be true. 

Listen in as Michael discusses the findings of these reports and why the increase is a good sign, not a bad sign. It means that employees trust their respective hotline reporting systems to produce results.

• NAVX's 2024 Whistleblower Report revealed a record level of use and an 11-year high substantiation rate, indicating increased trust in employee reporting systems.
• Accounting-related reports, comprising approximately 4.3% of all reports in 2023, had a significant impact. With a median substantiation rate of 50%, these reports often led to employment separation events, underscoring the seriousness of the issues raised.
• Third-party reports were more likely to focus on business integrity and financial misconduct issues, accounting for 50% of reports compared to employees' 17%.
• Reports of imminent threats had a high substantiation rate in 2023, with nearly 9 out of 10 reports proven to be substantiated, highlighting the seriousness of such issues.
• Workplace civility complaints increased to 18% of reported cases, reflecting a growing concern within organizations about maintaining a respectful work environment and culture.
• HR issues, a significant portion of all reports in 2023, accounted for 55% of the total. This underscores the importance of addressing internal workplace issues, such as workplace discord, discrimination, harassment, and retaliation, to maintain a healthy and productive work environment.
• Clear Channel's extensive cooperation with the investigation, prompt sharing of facts, document production, and employee interviews demonstrated a commitment to transparency and accountability in addressing compliance issues.

Resources

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

The Justice Department and the SEC have a long history of focusing FCPA enforcement on pharmaceutical and medical device companies.  Starting with a broad "industry sweep" nearly a decade ago, DOJ and the SEC have brought numerous enforcement actions.  In response, drug and device companies have attempted to implement effective compliance programs.

In this Episode, Mike Volkov discusses FCPA enforcement trends and compliance strategies.

Compliance programs are rapidly evolving.  One of the key drives of this transformation is the increased reliance on automated compliance functions that generate substantial data.  Relying on data analytic strategies, compliance officers are quickly identifying key ares for measurement, monitoring and assessment as an important means to intervene and prevent serious misconduct.

In this Episode, Michael Volkov reviews the rapid movement toward proactive compliance and strategies built on data monitoring and intervention.

In a precedent-setting agreement, the Justice Department, OFAC and the Bureau of Industry Security announced a settlement with SAP SE for more than $8 million for numerous violations of the Iran Sanctions program.

While the Justice Department’s National Security Division (“NSD”) has settled prior export control and sanctions cases against corporations for violations of the North Korea Sanctions program, the SAP case is the first in which DOJ’s NSD flexed its new Export Control and Sanctions Enforcement Policy for Business Organizations, crediting voluntary disclosure, cooperation and remediation. Further, the SAP settlement provides important insights into DOJ’s export control and sanctions compliance expectations.

The SAP case pushes DOJ’s views and expectations for export control and sanctions compliance programs.  Like the past history of enforcement actions and compliance program requirements involving the FCPA, DOJ’s SAP settlement is the beginning of a new, aggressive approach to export and sanctions compliance standards beyond those required by OFAC and BIS.

In this Episode, Michael Volkov review the SAP settlement and outlines new export control and sanctions compliance expectations.