Stringent enforcement and significant criminal and civil penalties make the FCPA a powerful weapon in the global war on corruption. The Foreign Corrupt Practices Act of 1977 (FCPA) (15 U.S.C. §§ 78dd-1, et seq.) is a United States federal law known primarily for two of its main provisions, one that addresses accounting transparency requirements under the Securities Exchange Act of 1934 and another concerning bribery of foreign officials.
The False Claims Act (FCA) (31 U.S.C. §§ 3729–3733)
The U.S. Securities and Exchange Commission (SEC) adopted, by a 3-2 vote on May 25, 2011, a rule creating a whistleblower program that was mandated by Section 922 of the Dodd-Frank Act, which added Exchange Act, new Section 21F.
The final rule states, “we are not requiring potential whistleblowers to use internal compliance and reporting procedures before they make a whistleblower submission to the Commission. Among our concerns was the fact that, while many employers have compliance processes that are well-documented, thorough, and robust, and offer whistleblowers appropriate assurances of confidentiality, others do not.”
Federal health care regulators, frustrated with repeat violations, have recently become more aggressive. By some estimates, health care fraud costs taxpayers $60 billion a year. Violations can include submitting false claims, paying kickbacks to doctors, or marketing drugs which have not been tested for safety and efficacy.
Now, on top of fines paid by a company, senior executives can face criminal charges even if they weren't involved in the scheme but could have stopped it had they known. Furthermore, they can also be banned from doing business with government health programs, a career-ending consequence.
Investigators and lawyers at the Health and Human Services Department (HHS) inspector general's office, the Department of Justice (DOJ) and the Food and Drug Administration (FDA) started moving more or less independently toward holding executives accountable. Lewis Morris, chief counsel for the inspector general of HHS, outlined the inspector general's position in congressional testimony recently, saying his office will use its power judiciously.
Effective internal communication offers publicly traded and investment companies a viable solution regardless of whether the FCPA, FCA or Dodd-Frank is the governing law.
Aggressively upbeat company-wide outreach, which encourages reporting and promotes un-compromised corporate commitment to compliance and good citizenship, will motivate a crucial sector of managers and employees who could someday be whistleblowers.
Because they are conscientious employees, it is reasonable and realistic to expect that they will respond to such outreach before they feel compelled to take their concerns to the SEC, especially when corporate programs bear the persuasively personal stamp of the C-suite and Board.
To be sure, there will always be those who are primarily motivated by the pot of gold at the end of the qui tam rainbow – but they are by definition the least credible of corporate informers and therefore the ones about whom you should worry least. The whistleblowers who are most credible, and who can therefore hurt you the most, are genuinely appalled by whatever misprision they’ve learned about. Their driving intent is to see the problem corrected.
Cheryl Eckard is a case in point of someone who wound up a multimillionaire only after she first tried to take her concerns through channels. Cheryl Eckard received a $96 million award Department of Justice, an employee who blew the whistle on GlaxoSmithKline over systemic abuses at a facility in Puerto Rico, helping the government secure a $750 million settlement. That award is now discussed in the same context as Dodd-Frank but, in fact, there are two separate arenas here. The GSK case was brought under the False Claims Act, to which significantly enhanced whistleblower awards were added in 1986, nearly 25 years ago.
The very people who are most effective as whistleblowers for the government are simultaneously most amenable to credible internal reporting alternatives. If you communicate corporate integrity, the honest ones won’t hurt you. If you don’t, they will.
For global businesses, the ethics and compliance program should go beyond employees and extend to all foreign third-parties in their complex value chain. This includes institutional investors that rely on investment professionals to manage their global portfolio of assets.
Rather than dismissing the efficacy of internal compliance in the face of the opportunity to do an end around, it's time to re-think how internal compliance programs work and how they may be made to work better with the new Dodd-Frank whistleblower program in place.
To achieve effective internal compliance assurance, publicly traded corporations and investment companies must be willing to voluntarily disclose the fundamental data required to substantiate the fitness of their internal compliance system, with relevant, reliable, and sufficient information such as:
1) ETHICS CODE CERTIFICATIONS - A searchable index of records granting public access to the signed, acknowledged, and certified Code of Ethics for each Director, Officer, and Employee.
2) ETHICS ACTION REPORTING - A searchable index of records granting public access to the Code of Ethics incident reports and opinions, including concurring and dissenting opinions, as well as orders, made in connection with the adjudication of matters relating to the Code of Ethics. Such records include, but not be limited to, the following:
- Official incident report number (unique identifier)
- Date incident first reported
- Description of incident
- Official title(s) of person(s) involved.
- Supporting documents/summary findings
- Official opinion(s) rendered and its reasoning
- Date incident closed and made available to the public
- Person (and department) responsible to ensure proper handling of the incident report
This fundamental data is essential to form valid opinions regarding the adequacy of design and effectiveness of operations within a “robust” internal compliance system. In addition, this fundamental data serves as a significant basis to judge the duties of care and loyalty.
# # #
zEthics is a premier consulting firm based in Phoenix, Arizona that takes a holistic view of risk, integrating External Risk Assessments with Enterprise Risk Management (ERM) systems. zEthics, Inc. offers an innovative new approach to provide publicly traded corporations and investment companies internal compliance assurance to safeguard against FCPA, FCA and the Whistleblower Provisions of Section 21F of the Securities Act. zEthics provides publicly traded corporations, investment companies as well as federal and State agencies a holistic view of risk. zEthics provides the diagnostic tools to align risk and performance to create a risk intelligent organization.