Compliance officers have two new FCPA settlements to read over Thanksgiving break, including an intriguing hint that perhaps the Justice Department is taking a slightly more expansive view of its policy for chief compliance officers certifying the effectiveness of their compliance programs.
The companies in question are Tysers Insurance Brokers Ltd. and H.W. Wood Ltd., two British reinsurance brokers (that is, they arrange re-insurance coverage for insurance companies underwriting your policy). Both firms settled criminal FCPA investigations with the Justice Department on Monday.
Tysers ended up paying $46.5 million in penalties and disgorgement, winning fine reductions for extensive cooperation and remediation of its compliance program weaknesses; but not receiving credit for voluntary self-disclosure, which Tysers didn’t do. Wood should have received $25.8 million in penalties and disgorgement, but because of the company’s poor financial condition these days, that amount was reduced to $508,000. Both companies also received three-year deferred-prosecution agreements.
The misconduct happened in the 2010s, when Tysers and Woods were trying to expand their reinsurance business in Ecuador. Working through intermediaries with ties to Ecuadorian insurance officials, they funneled $2.8 million in bribes to the then-chairman of two state-owned insurance companies. The bribery scheme involved payments to bank accounts in Florida, Switzerland, and Panama, and even several in-person meetings in Florida as well. (Plus all the usual damning evidence from employee emails to those third-party intermediaries.)
We can get to the actual bribery schemes and internal control failures momentarily. What really caught my eye was the language that the Justice Department used to describe the certifications that Tyser’s top executives will need to sign at the end of their three-year DPA.
A Certifiably Interesting Detail
As usual these days, Tysers (or more accurately, its parent company AUB Group, which acquired Tysers in 2022) will need to sign a certification at the end of the DPA declaring that the company has maintained an effective compliance program. This is the CCO certification requirement that compliance officers have been fretting about since the Justice Department first announced that policy in 2022.
Except, the exact language used in the agreement is this (emphasis mine):
Thirty days prior to the expiration of the Term, AUB, by the chief executive officer and chief legal & risk officer, will certify to the Fraud Section in the form of executing the document attached as Attachment F to this agreement, that the company and AUB have met their compliance obligations pursuant to this agreement.
Um, that doesn’t say “chief compliance officer.” It says “chief legal and risk officer.” Currently that person is Richard Bell, who has been head of legal at AUB since 2021.
For the record, H.W. Wood’s settlement also includes a compliance certification, and that settlement does expressly say it must be signed by the “chief compliance officer.” So the Justice Department seems aware of the distinction.
Maybe this change in language is because AUB doesn’t have a chief compliance officer? At least, the company lists none among its senior management and I couldn’t find anyone with that title on LinkedIn. So that means Bell has to sign Attachment F, and he certainly has the experience and authority to do so.
It’s just intriguing to see that the Justice Department didn’t insist on the creation of a stand-alone CCO role as part of this settlement. Why not? Were the facts not compelling enough? Was Tyser’s compliance program remediation sufficient to sooth prosecutors’ expectations? Given the general push for strong, autonomous compliance officers, why does this settlement glide by that point?
The FCPA Scheme Itself
Back to the corrupt payments. As we so often see in FCPA settlements, the corruption was managed by an intermediary, which acted as a go-between for Tysers and Wood on one side and then-chairman of two Ecuadorian insurance firms on the other.
In theory, reinsurance brokers make money by arranging relationships between insurance firms and reinsurance firms. The insurance firm is the broker’s customer, and when the insurance firm agrees to buy a policy from the reinsurance firm, the broker collects a percentage commission on that deal.
The scheme here was that the two Ecuadorian insurance firms, Seguros Sucre and Rocafuerte, paid Tysers and H.W. Wood inflated amounts for those commissions. Tysers and Wood then split that fee with the intermediary, which kicked back part of that money to the two Ecuadorian firms’ chairman.
For example, in January 2014 the president of the intermediary firm sent an email to an executive at H.W. Wood discussing how to split their commission. The president mentioned how he would keep a considerable portion for “local people involved commercially and politically in obtaining and achievement of this business… More explicit I can’t be.” Executives at Tysers and H.W. Wood eventually agreed to that arrangement.
We could keep going, hop-scotching through the prosecution agreements to spotlight damning statements somebody or other made in an email through the five years this all went on. Then again, haven’t compliance officers heard that drama before? Instead, let’s spotlight some of the clear red flags:
- Bank accounts. Tysers and Woods were making payments to the intermediary, which then was forwarding those payments to Ecuadorian nationals — but whose bank accounts were in the United States, Panama, and Switzerland.
- Inappropriate commissions. When Tysers and H.W. Wood worked with the intermediary, they agreed that the intermediary would receive 70 percent of the total amount, while Tysers and Wood split the remaining 30 percent. That alone seems painfully high, but then the intermediary said it needed to receive that 70 percent share even for reinsurance deals where Tysons and Wood hadn’t used the company.
- Hidden work. By 2014, the Ecuadorian government had begun an anti-corruption drive that banned the use of intermediaries. Tysers and Wood employees responded by scrubbing any reference to the intermediary from communications they had with the Ecuadorian insurance firms, but secretly kept working with the intermediary to keep the kickbacks rolling.
Simply put, these third-party relationships were sketchy. So the rest of us looking for lessons to learn can keep falling back to the points raised about third parties in the Justice Department’s FCPA Resource Guide: Do you understand the third party’s qualifications and relationship with foreign officials? Is the business rationale for this third party clear? Are your payments to the third party reasonable and commensurate with its services and expertise?
Compliance Program Improvements
We also have the customary promises from Tysers and H.W. Wood to upgrade their compliance programs. That includes a promise to assign responsibility for the compliance program to “one or more senior corporate executives of the company” — and I do wonder exactly how that’s supposed to work at Tysers, when the chief legal and risk officer is the person who will be certifying that compliance program. Perhaps we’re splitting hairs here, but I’ve set a reminder to follow up on this issue in 2026 when the three-year DPA expires.
Both companies will also need to make annual progress reports to the Fraud Section at the Justice Department. Those reports will consist of two parts: a preliminary work plan, also submitted to the Fraud Section, explaining how the company plans to test and review the compliance program; and after the Fraud Section approves that plan, a longer report discussing the results of that testing and review.
That first report is due one year from now, in November 2024. Then come two more reports at the end of 2025 and 2026, when the DPA formally expires.