Yesterday the Securities and Exchange Commission set another precedent in regulatory enforcement: for the first time ever, it reached a deferred-prosecution deal with an executive (rather than a company) over foreign bribery charges. This is not exactly welcome news for corporate compliance officers.
The executive is Yu Kai Yuan, a Chinese national who worked in that country at a subsidiary of PTC Inc., a software company based in suburban Boston. The SEC’s case against PTC is nothing unusual as foreign bribery charges go: employees at the Chinese subsidiary were accused of bribing government officials there so PTC could win contracts; the improper payments were disguised as legitimate commissions or business expenses; PTC and its subsidiaries ultimately agreed to pay a total of $28 million in fines and penalties.
As violations of the Foreign Corrupt Practices Act go, this case was a snoozer—until the middle of the SEC’s press release, where it dropped this gem: that charges against Yuan himself will be deferred for three years, “as a result of significant cooperation he has provided during the SEC’s investigation.”
Consider that one more brick in the wall of difficulty compliance officers now face, trying to investigate allegations of misconduct yourself.
I was already pondering the extremes of employee surveillance compliance officers have to take these days, after reading this week’s Bloomberg article about banks hiring former spies to, well, spy on employees and identify rogue traders. That practice might sound preposterous at first—then think about the billions in fines that banks have already paid for charges related to LIBOR, the mortgage crisis, and money laundering failures. Suddenly hiring an ex-spy doesn’t sound so crazy.
Yuan’s DPA is simply the latest example of what I call “enticement tension”—that is, the pressure regulators apply to companies on one hand, to turn over all information about individual wrongdoers if the company wants cooperation credit; and the incentives regulators offer to individuals on the other hand, to cooperate with them and possibly avoid charges or even win a sizable whistleblower reward. These forces work in opposition to each other, with the compliance officer twisting in the middle as you try to root out misconduct yourself.
For example, let’s imagine you have a vice president in your Middle East operations, strong-arming several employees to help him run a money-laundering scheme. Under Justice Department and SEC policy, your firm will need to turn over every detail about every employee’s involvement if you want to receive cooperation credit—which is a huge incentive for those employees not to report the scheme to you, since they might get fired or fined. Meanwhile, they can alert the SEC or Justice Department directly, secure some reprieve for personal misconduct because they’re cooperating, and your firm is in a jam without you even knowing it.
As I said, suddenly hiring spies doesn’t seem so crazy. Even worse, however, is the pall these pressures cast over corporate ethics & compliance programs generally. They are, essentially, forcing compliance programs first and foremost to be surveillance and investigation programs—which nobody likes, including the vast majority of employees who are honest and don’t like the Orwellian behavior any more than you do. If that’s the reality we’re creating, forget all those speeches and best practices about the compliance department as your friend and ally; we’re back to the compliance department as “the Office of No.”