A global printing and graphics business based in Wisconsin has agreed to pay $10 million to settle FCPA charges with the Securities and Exchange Commission, in an eye-popping case with misconduct that included bribes to judges, sales to Cuba, and just about every corporate compliance mistake a company could make.
The company in question is Quad/Graphics, which offers printing, graphics, and marketing services around the world. Quad was founded in 1971 and hummed along as a private, mostly U.S.-based business for decades, until it acquired World Color Press in 2010, a Canadian printing conglomerate that had fallen on hard times and was winding its way through bankruptcy proceedings.
When Quad acquired World Color, it found itself with more than 16,000 employees and subsidiaries around the world, and Quad’s shares began trading on the New York Stock Exchange. As the SEC’s settlement order blandly notes: “Despite becoming a publicly traded company with a large global workforce and operations in high risk areas, Quad’s compliance program was almost nonexistent in 2010.”
Hooo boy, the fact pattern that follows makes that statement painfully clear.
First were Quad’s troubles with its Peru subsidiary. In 2011, a Peruvian government official approached Quad’s then-head of sales there and solicited a bribe in exchange for winning a government printing contract. The head of sales took that news to Quad Peru’s then-general manager, who approved the arrangement.
The bribes themselves were funneled to the government official via four sham vendors that were supposed to do pre-press services for Quad. All four vendors were owned by the same person, and three of the four had the same physical address. The pre-press work itself was done by Quad employees in Quad facilities.
By 2013 the bribe payments worried a senior finance manager at Quad Peru enough that he and another Peru manager took their concerns to the company’s finance director for Latin America, who was based in the United States. That U.S. executive then “advised the Peru senior finance manager not to forward any invoices directly to him and stated he would look into the matter. Despite this reassurance, the senior finance manager never heard back from the Finance Executive on the subject and no follow up occurred.”
Only when Quad Peru hired a new senior finance manager in 2015, from outside the company, did the bribery finally get the attention it deserved. That new manager saw the suspicious payments, stopped them, and took his concerns back to the same U.S. financial manager that never followed up on the prior concerns from 2013— then, finally, that U.S. executive reported the trouble to Quad’s legal team.
FCPA Missteps in Peru
OK, before we even get to bribing judges in Peru and shipping goods to Cuba and falsifying records in China — let’s just analyze the mistakes we already have.
First and foremost, Quad/Graphics wasn’t prepared for life as a public company. That failure to prepare was the original sin here, which spilled into years of misconduct around the globe.
Lurching into life as a large public company as Quad/Graphics did is enormously disruptive. A company assumes huge compliance risks when it takes this path. Yet as the SEC notes, Quad/Graphics didn’t appoint its first compliance officer until 2011, that person was only at a director level, and this compliance director had no actual experience or training as a compliance officer. The company’s internal audit function didn’t examine anti-corruption risks, and the company hadn’t set up sufficiently strong internal accounting controls.
So, sure, we could pick apart the poor due diligence that didn’t catch four sham vendors all owned by the same person; or the weak internal auditing, which should have identified Quad Peru employees performing the sham vendors’ work themselves; or the personnel failures, such as when the U.S. finance director first heard about the bribery payments, told the Peru locals not to forward any suspicious invoices, and then did nothing else.
We could pick apart those specific things — but why bother? We’ve seen those mistakes before. We’ve talked about due diligence and effective auditing and taking allegations seriously. Those are symptoms of the deeper problem, which was Quad/Graphics not giving compliance risks the attention they deserved during a period of rapid change. Like, what else was going to happen?
When companies go public in a more traditional way, they spend several years poring over internal control issues so they can pass muster with Sarbanes-Oxley compliance. In fact, as Protiviti noted in its most recent survey of SOX compliance costs, many companies spend more on SOX compliance testing and remediation before their IPO rather than after. They are grooming their accounting systems for life under the public filing regime.
Part and parcel of that is preparing for FCPA compliance, too. It requires skilled personnel, with appropriate autonomy and resources. Those things were lacking when Quad/Graphics went public in 2010. The rest of these details are just new episodes of the FCPA Enforcement show we’ve all been watching for the last 10 years.
‘Prompt’ Disclosure, Really?
The other interesting item here is that the Justice Department declined to bring any criminal charges against Quad/Graphics — citing, among other factors, Quad/Graphics “prompt, voluntary, self-disclosure.”
I don’t get the “prompt” part. According to the SEC, Peru employees brought their concerns about suspicious payments to more senior U.S. executives in 2013. That senior U.S. finance executive specifically told the Peruvian employees not to send any more suspicious invoices up the chain of command, promised to look into things, “and no follow up occurred.”
Then the same U.S. executive gets another allegation two years later, from a new Peruvian local employee — and then the U.S. executive decides to consult with legal? What changed during those two years? Did the U.S. executive receive his first FCPA training or something?
Moreover, how does any of that make for prompt disclosure? To me it sounds like someone sat on bad news for two years, wondering what to do.
The rest of Quad/Graphics’ remediation steps sound solid. Maybe one could argue that the FCPA self-disclosure pilot program, which the Justice Department only adopted in 2016, finally woke up Quad/Graphics about what it should do. Maybe someone at the Justice Department just did a bad cut-and-paste job in the declination letter and left “prompt” in by mistake. I dunno.
But this conduct overall — we never even got to Cuba, China, or bribing Peruvian judges — does seem pretty bad. I hope there’s more to come on the personal culpability front, otherwise this Justice Department talk about prompt disclosure doesn’t quite add up.