Not a Lexis+ subscriber? Try it out for free.
LexisNexis® CLE On-Demand features premium content from partners like American Law Institute Continuing Legal Education and Pozner & Dodd. Choose from a broad listing of topics suited for law firms, corporate legal departments, and government entities. Individual courses and subscriptions available.
The Board of Directors role in the Volkswagen (VW) emissions test scandal is one that is only now being scrutinized. In an article in the New York Times (NYT), entitled “Problems at VW Start at the Boardroom”, James B. Stewart was unremitting in his criticism of the VW Board, when near the beginning of his piece he wrote, “given Volkswagen’s history, culture and corporate structure, the real mystery may be why something like this didn’t happen sooner.” He quoted Markus Roth, a professor at Phillips-University Marburg and expert in European corporate governance, for the following, “It’s been a soap opera ever since it started.”
The VW emissions testing scandal will provide many lessons for Chief Compliance Officer (CCO) or compliance practitioner. Stewart’s scathing article provided today’s focus which is on a Board of Directors in a Foreign Corrupt Practices Act (FCPA) compliance program. A Board’s duty under the FCPA is well known. In the FCPA Guidance, in the Ten Hallmarks of an Effective Compliance Program, there are two specific references to the obligations of a Board. The first is Hallmark No. 1, which states “Within a business organization, compliance begins with the board of directors and senior executives setting the proper tone for the rest of the company.” The second is found under Hallmark No. 3, entitled “Oversight, Autonomy and Resources”, where it discusses that the CCO should have “direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors (e.g., the audit committee).” Further, under the US Sentencing Guidelines, the Board must exercise reasonable oversight on the effectiveness of a company’s compliance program. The Department of Justice’s (DOJ) Prosecution Standards posed the following queries: (1) Do the Directors exercise independent review of a company’s compliance program? and (2) Are Directors provided information sufficient to enable the exercise of independent judgment?
There is one other issue regarding the Board and risk management, including FCPA risk management, which should be noted. The Securities and Exchange Commission (SEC) desires Boards to take a more active role in overseeing the management of risk within a company. The SEC has promulgated Regulation SK 407 under which each company must make a disclosure regarding the Board’s role in risk oversight which “may enable investors to better evaluate whether the board is exercising appropriate oversight of risk.” If this disclosure is not made, it could be a securities law violation and subject the company, which fails to make it, to fines, penalties or profit disgorgement.
I believe that a Board must not only have a corporate compliance program in place but actively oversee that function. Further, if a company’s business plan includes a high-risk proposition, there should be additional oversight. In other words, there is an affirmative duty to ask the tough questions. But it is more than simply having a compliance program in place. The Board must exercise appropriate oversight of the compliance program and indeed the compliance function. The Board needs to ask the hard questions and be fully informed of the company’s overall compliance strategy going forward.
For the compliance function in an organization, a clear lesson from the VW emissions testing scandal is that the Board must be engaged and asking tough questions from not only senior management but also the CCO or compliance practitioner who report to the Board. But more than simply asking questions, it is important that the CCO share information with rest of management, in advance of the Board meeting, creating transparency. As the CCO works with the General Counsel (GC), outside legal counsel and outside external audit quite closely throughout the year, you must work with them closely during the preparation of the annual compliance report. Lastly, and, from my experience always the one which is most important in any relationship with senior management or the Board, make sure there are NO SURPRISES.
An approach suggested by Stephen Martin, who runs Baker & McKenzie Compliance Consulting LLC, is 20 questions which reflect the oversight role of directors. The questions are not intended to be an exact checklist, but rather a way to provide insight and stimulate discussion on the topic of compliance. The questions provide directors with a basis for critically assessing the answers they get and enable them to dig deeper as necessary. Although the questions apply to most medium to large organizations, the answers will vary according to the size, complexity and sophistication of each individual organization. The questions are as follows:
Part I: Understanding the Role and Value of the Compliance Committee
Part II: Building an Effective Compliance Committee
Part III: Directed to the Board
Part IV: Enhancing the Board’s Performance Effectiveness
Part V: Merging Roles of the Compliance Committees
Whichever approach that you employ, the CCO must lay out a clear and logical program for a Board of Directors not only to understand its role in the compliance function but to play an active role. Any best practices compliance program has several moving parts, a CCO to lead the compliance program, a Compliance Department to execute the strategy and an engaged Board of Directors who oversee and participate. It would certainly have been helpful to VW.
Visit FCPA Compliance and Ethics, hosted by Thomas Fox, for more commentary on FCPA compliance, indemnities and other forms of risk management for a worldwide energy practice, tax issues faced by multi-national US companies, insurance coverage issues and protection of trade secrets.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.
© Thomas R. Fox, 2015
For more information about LexisNexis products and solutions, please connect with us through our corporate site.