Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Government-imposed corporate monitors — once a rare occurrence in the U.S. — are now commonplace, not only with domestic regulators, but also with regulatory agencies in various other countries, in connection with enforcement proceedings and prosecutions for criminal offenses such as anti-corruption violations and other misconduct.
In 2016, the Department of Justice (DOJ) imposed monitors in nine of the 35 deferred or nonprosecution agreements. James R. Copeland, Rafael Mangual, “The Shadow Regulatory State at the Crossroads: Federal Deferred Prosecution Agreements Face an Uncertain Future,” Manhattan Institute for Policy Research (June 27, 2017). These recent cases indicate, however, that by taking appropriate steps, companies can avoid a government-appointed monitor.
Even though government-imposed monitors help organizations restore trust, recover from past misdeeds, and help prevent future legal and reputational damage, no company volunteers for a government-appointed monitor.
With that in mind, here are five practical ways to avoid or narrow the scope of a government-imposed corporate monitor.
1. Assess the Likelihood of the Government Demanding a Monitor
The DOJ and Securities Exchange Commission (SEC) consider six factors when determining whether to impose a compliance monitor:
See, DOJ and SEC, A Resource Guide to the U.S. Foreign Corrupt Practices Act, p. 71 (2012).
As they involve historical events, counsel and companies cannot alter the seriousness, duration and pervasiveness of the misconduct. Nevertheless, as the investigation unfolds, counsel and company should anticipate the government's perspective on these issues.
Similarly, the pre-existing corporate compliance program is historical in nature. As to this issue, counsel and companies should consider and develop candid responses to the DOJ's guidance on questions the government will ask when it evaluates the effectiveness of the program at the time of the incident. See, DOJ, Criminal Division, Fraud Section, “Evaluation of Corporate Compliance Programs” (February 2017).
2. Perform Timely and Comprehensive Remediation
Timely and comprehensive remediation is perhaps the most important step that counsel and companies can take to avoid a monitor. Effective remediation coupled with implementation of an effective ethics and compliance program increase the chances that prosecutors and regulators can conclude that a monitor is not needed.
Speed is important. The government expects the company to undertake remediation efforts immediately upon learning of misconduct. Companies too often delay remediation until after the investigation is completed. To address privilege concerns, many companies create separate investigative and remediation work streams. As a practical matter, the remediation team does not have access to privileged information.
As to remediation, expect the prosecutors and regulators to consider: 1) the competence and independence of remediation team; 2) timeliness; 3) the quality and depth of the root cause analysis; 4) efforts to root out other misconduct by the perpetrators or similar misconduct by others in the organization; 5) adequacy, design and operating effectiveness of corrective measures; 6) discipline of primary and secondary actors; and 7) independent assessment of the remediation program and corrective measures. See, Jonny Frank, “'Remediation,' Litigation Services Handbook: The Role of the Financial Expert,” 5th Ed., Chapter 13A, Roman L. Weil, Wiley (October 2015).
3. Obtain Pre-Settlement Third-Party Assessment or Certification
It's one thing for the company to self-certify; it's significantly more compelling when an independent third party evaluates the design, audits the operating effectiveness and opines on the company's efforts to remediate its misconduct by implementing an effective ethics and compliance program designed to prevent and detect future violations. The third-party team, of course, needs to be independent and enjoy credibility with the relevant prosecutors and regulators. While the team need not be large, it should be multidisciplinary and include experts in audit, data, ethics and compliance, and the industries and markets in which the company does business. The team should also follow an established framework and methodology familiar to the prosecutors and regulators.
In the United States, for example, it is common to apply the 2013 COSO Internal Control-Integrated Control Framework and relevant Public Company Accounting Oversight Board (PCAOB) and American Institute of Certified Public Accountants (AICPA) audit standards. Like remediation efforts, pre-settlement, third-party certification provides for a sense of assurance to prosecutors and regulators in concluding against the appointment of a compliance monitor.
4. Appoint a Self-Imposed Monitor
As the old adage goes, “If you can't beat 'em, join 'em.” The seriousness, duration, and pervasiveness of the misconduct are sometimes so severe that remediation and even a third-party pre-settlement certification will not save the organization from a government-appointed monitor. In those situations, counsel and the company should consider voluntarily appointing a monitor — a strategy that seems to be gaining popularity outside the United States. Barclays Capital, Daimler and Rolls Royce all successfully implemented this strategy when confronted with corruption-related investigations. In these matters, in lieu of appointing a new monitor, the government permitted the companies to retain independent third parties that were engaged previously by the companies to review ethics and compliance programs. More recently, Petrobras and Airbus have made similar moves, appointing independent third parties to handle investigations into allegations of corruption.
The terms of the self-imposed monitor should model terms that the prosecutor or regulator ordinarily requires. The DOJ, for example, typically requires that the compliance monitor be independent and have demonstrated expertise with respect to the particular industry, applicable laws, corporate compliance, and the ability to access and deploy appropriate resources. The DOJ also requires its monitors to develop work plans and, ultimately, certify whether the company has reasonably designed and implemented effective remediation and ethics and compliance programs and controls. In selecting a self-imposed monitor, companies should require similar terms to avoid the government insisting upon a post-settlement monitor.
5. Seek to Manage the Scope of the Monitorship
If the company cannot avoid a monitor, it may be able to control who is appointed, and the scope of the monitorship. DOJ policy, for example, allows the company to submit three candidates to serve as monitor. Companies should nominate candidates who:
Ask candidates to submit a draft of work and staffing plans to gauge their experience and approach.
An inevitable, but often hidden, cost of a monitorship is the internal disruption of working with a monitor — anticipating what they'll need and ensuring they get it as efficiently as possible. While retaining an internal monitor liaison, a leader of the PMO, may seem a superfluous cost burden, the savings on internal disruption, miscommunications and time spent in the monitor's learning curve should easily offset such costs.
Finally, if possible, tailor scope to the nature of the misconduct. In corruption cases, for example, try to focus the monitor's scope on the specific incentives and means that the company employed.
Conclusion
Recent DOJ speeches and news reports indicate there is a growing sense among prosecutors and regulators that companies want to “do the right thing” when it comes to corporate compliance. The DOJ has indicated it will continue to reward companies for implementing effective compliance programs. While it is unlikely that regulators will move away from imposing monitors altogether, it is important for companies to undertake proactive efforts to ensure that they are doing everything possible to prevent misconduct and to remediate any incidents that do occur. If recent examples are any indication, these actions can make a significant difference in the
outcome.
*****
Jonny Frank is a partner with StoneTurn and leads the firm's New York office. Simon Platt co-founded StoneTurn in 2004 and is the firm's chairman. This article also appeared in the New York Law Journal, an ALM sibling publication of this newsletter.
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
In June 2024, the First Department decided Huguenot LLC v. Megalith Capital Group Fund I, L.P., which resolved a question of liability for a group of condominium apartment buyers and in so doing, touched on a wide range of issues about how contracts can obligate purchasers of real property.
With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.
Latham & Watkins helped the largest U.S. commercial real estate research company prevail in a breach-of-contract dispute in District of Columbia federal court.
Practical strategies to explore doing business with friends and social contacts in a way that respects relationships and maximizes opportunities.