A compliance program is not available as a formal affirmative defense.
Recently, Garth Peterson, a former managing director of Morgan Stanley’s real estate business in China, was criminally prosecuted for spearheading a multi-million dollar bribe to a major government official. Peterson is expected to face jail time and while he was not a low level functionary but a person far up the food chain, neither the DoJ nor the SEC invoked the doctrine of Respondeat Superior in any enforcement action against Morgan Stanley.
A compliance program is not available as a formal affirmative defense. It is clear that the banking giant was able to use not only its written compliance program but its ongoing maintenance, communication and due diligence aspects to shield the employer from liability.
So what can you as a corporate secretary do with the lessons learned from this enforcement action? I suggest you put before the board of directors the following questions for consideration:
(1) When was the last time that your FCPA compliance policies and procedures were updated? The DoJ has said over and over, and has included in Schedule C - its description of an effective anti-corruption compliance program - that companies must update programs, and have several areas of compliance mentioned. Morgan Stanley took that lesson and did exactly what the DoJ expected.
(2) What is the frequency of your FCPA training? Peterson was trained on the FCPA seven times and over a seven-year period Morgan Stanley trained its Asia-based employees 54 times on anti-corruption. This clearly shows that training is important and the documentation of training is critical. How else was Morgan Stanley able to demonstrate to the DoJ how many training sessions Peterson sat through?
(3) Does your company engage in sufficient due diligence, including transaction monitoring? Morgan Stanley had a robust due diligence program. The program included transaction monitoring – a sure sign that a company really cares about diligence is the extent it realizes diligence is ongoing – and included random audits of employees and partners. Ongoing due diligence and monitoring is becoming the new normal so I suggest you get ahead of the curve.
These are only a few of the questions you can pose but it will give you a start on some of the areas which you need to explore in your role in corporate oversight. In next week’s post, I will be discussing how corporate secretaries can enhance their FCPA knowledge.