October 16th is the anniversary of John Brown's Raid on Harper's Ferry. For those of you not familiar with this episode of American history, abolitionist John Brown led a raid on the US Arsenal at Harper's Ferry, Virginia, the raid was intended to foment an armed slave revolt in 1859. Brown's raid was defeated by a detachment of US Marines led by Col. Robert E. Lee. Brown was wounded in the recapture of the Arsenal and he was tried by the state of Virginia for treason and murder and was found guilty on November 2nd. Brown went to the gallows on December 2nd, 1859. Before his execution, he handed his guard a slip of paper that read, "I, John Brown, am now quite certain that the crimes of this guilty land will never be purged away but with blood." It was a prophetic statement indeed.
I thought about Brown's radical attempt to destroy slavery in the context of one of the Keynote Speakers at this week at the Society of Corporate Compliance and Ethics (SCCE) 2012 Annual Conference, which I attended. Stephen Cohen, Associate Director, Division of Enforcement of the Securities and Exchange Commission (SEC), provided remarks to our convention over lunch on Monday. He began by emphasizing that we are "all in this together" in seeking to prevent illegal conduct before it occurs. His presentation consisted of three over-arching themes: (1) The importance of a good compliance program; (2) Hallmarks of a good whistleblower program; and (3) Some examples of bad or inadequate compliance programs.
Regarding the importance of a good compliance and ethics program, Cohen noted that "good ethics is good business". Moreover, if a company simply creates the impression that it does not concern itself with compliance and ethics, there is usually reputational damage in the fallout. He specifically noted that in any SEC enforcement action, the Commission will give credit to a company for a robust compliance program. The cooperation tools available to the SEC, in enforcement actions, are reserved only for those companies that display robust compliance programs. He cautioned that, as with all regulators, the SEC will be skeptical of claims that a company has a robust compliance program without the documentation to back it up. He said that "deeds, not words make an effective compliance program." A level of trust is important in dealing with regulators and if you cannot back up in documentation the claims you make about your compliance program, you may well lose the trust of regulators.
I found Cohen's remarks around whistleblowers and whistleblower programs most interesting. Initially he noted that whistleblower programs compliment compliance programs as the purpose of a whistleblower program is to compliment rather than supplant compliance programs. He also noted that there are incentives to entice company employees to first go to the company internal reporting line rather than directly to the SEC Whistleblower program because employees can obtain a greater bounty if they go to the company first.
Cohen also said that company's now have to "compete for the trust" of their employees. I would have to say this is very different than anything I have ever experienced at a law firm or company. Maybe it is due to the fact that I have worked in a 'Right-to-Work' state all my professional career where you can be fired for "good reason, bad reason or no reason at all" but I have never worked for a company that made any pretense of trying to win the trust of its employees. The situation was actually the opposite, the employee had to win the trust of the company and it was a very 'my way or the highway' culture where it was made clear to you that you were lucky to simply have a job. Of course, maybe that is why Foreign Corrupt Practices Act (FCPA) prosecutions have hammered the energy industry and why Houston is the epicenter of the FCPA world of enforcement.
Cohen provided some warning signs for a compliance program. He said that it is a clear red flag if a company is "pushing the envelope of legal and ethical compliances". He cautioned companies to stay in the middle of the field and not try and go right up to the line of unethical conduct. The warning sign he noted was what he termed "technical compliance" and which he defined as those compliance programs which are overly technical but seem to defy common sense. Next he cautioned against lack of empowerment to the Chief Compliance Officer (CCO), particularly in the context where he or she does not have access to the Board of Directors and they do not hear from the compliance professional due to lack of access. He ended this section of his remarks by saying that it is the job of the compliance professional to "be skeptical" and if one is not, it will hurt the overall compliance effort.
Cohen rounded out his remarks with some examples of good practices. The first is the flip side of point 3 above; that is proper governance. The Board of Directors must not only obtain the proper information but it must assure that the compliance group within the company has sufficient resources to fulfill its task. Interestingly, he noted that the SEC is now meeting individually with Directors to establish the above. Cohen also noted that a company should provide both incentives for good, ethical behavior and penalties for those who do not follow a company's compliance program. Next he said that there should be ongoing risk assessments and management or remediation of the risks determined. This led into his next point that companies must proactively keep pace with evolving best practices through not only risk assessments but keeping abreast of the latest developments in the compliance arena. Lastly, he emphasized that there must be a mechanism which allows employees to anonymously raise internal complaints, in other words, a hotline. Conjunctive to an internal, anonymous reporting system, companies must assure that there is a 100% no reprisal policy for employees, who in good faith, make internal complaints.
So what of John Brown and his raid on Harper's Ferry? Although the raid failed, it inflamed sectional tensions and raised the stakes for the 1860 presidential election. Brown's raid helped make any further accommodation between the North and South nearly impossible and thus became an important impetus of the Civil War. In other words, it destroyed trust. It seemed to me that Cohen's remarks were really about building trust; trust between companies and regulators and between companies and their employees. If such trust exists then maybe, as Cohen remarked at the beginning of his talk, we will "all in this together".
Visit the FCPA Compliance and Ethics Blog, hosted by Thomas Fox, for more commentary on FCPA compliance, indemnities and other forms of risk management for a worldwide energy practice, tax issues faced by multi-national US companies, insurance coverage issues and protection of trade secrets.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2012
For more information about LexisNexis products and solutions connect with us through our corporate site.