A Look at Boeing’s Plea Agreement
Pull up a chair, compliance officers! We finally have a text of the Justice Department’s plea agreement with Boeing for the company’s violation of its 2021 deferred-prosecution agreement. Let’s see what the compliance team and senior management have promised to do to improve the company’s misbegotten corporate culture.
The basic terms of the plea agreement, which still needs final court approval, were already known. Boeing must…
- Plead guilty to fraud charges;
- Accept a three-year probation period;
- Hire an independent compliance monitor for three years;
- Pay a criminal penalty of $243.6 million; and
- Spend $455 million on compliance improvements in the next three years.
All of this stems from the crashes of two Boeing 737 Max jets in the late 2010s, which killed 346 people. Those accidents exposed severe flaws in Boeing’s safety practices and corporate culture, and led to a deferred-prosecution agreement in 2021 that had Boeing pay $2.5 billion in penalties, victim compensation, and other damages.
As part of that first DPA, Boeing had also promised to overhaul its corporate compliance program — except, according to the Justice Department and numerous internal whistleblowers, that overhaul didn’t take; Boeing must do even more to improve its compliance culture.
That’s the part that needs close scrutiny from compliance officers. What new steps must Boeing take?
First, Where Boeing Fell Short
We should begin by noting that the feds did give Boeing credit for some compliance program improvements arising from the original DPA. For example, Boeing reorganized its compliance oversight in 2020, abolishing its old Office of Internal Governance and hiring its first dedicated chief compliance officer in May of that year. The company also strengthened its compliance risk assessment process, and implemented new procedures to improve its communication with regulators and customers about safety data.
Despite those improvements, however, prosecutors decided that Boeing “failed to sufficiently extend its anti-fraud ethics and compliance program over its quality and manufacturing process” before the end of the DPA term. As a result, prosecutors said, “the department determined that Boeing’s anti-fraud compliance program still has significant gaps.”
For example, all Boeing jets are supposed to be assembled in a certain sequence. Yes, occasionally “out of sequence” work happens, but such work poses a safety risk; and Boeing is supposed to conduct safety risk management assessments to devise ways to reduce the need for out-of-sequence work.
None of those safety risk assessments unfolded in a way that prosecutors deemed satisfactory, the plea agreement said:
Although fraud is an inherent risk in production and quality compliance activities, Boeing’s Safety Risk Management assessments failed to identify out-of-sequence risk as a fraud risk or consider enhanced production procedures, or preventive or detective controls, to mitigate the risk. Boeing’s Global Compliance function, which is responsible for Boeing’s antifraud ethics and compliance program, was not involved in the Safety Risk Assessments.
The above paragraph captures the essence of prosecutors’ beef with Boeing today. They fear (and rightly so, considering Boeing’s record) that management will pressure employees to rush out planes without proper safety protocols in place. So prosecutors want to see a stronger culture of compliance that treats fraud and safety risks as essentially two sides of the same coin that Boeing must remove from circulation.
Boeing’s New New Compliance Program
So where does Boeing’s compliance program go from here? The plea agreement includes numerous goal that Boeing needs to achieve, all in support what prosecutors ultimately want to see (listed on Page C-1, if you want to read it yourself):
A commitment by the company to the integration of its ethics and compliance program with its safety and quality programs for the purpose of deterring violations of anti-fraud laws or policies.
Let’s say that again slowly so we all understand it. Boeing must integrate its ethics and compliance program (which originally was geared toward financial reporting, anti-corruption, and government contracting) with its safety and quality programs (to keep planes from falling out of the sky), since shoddy aircraft manufacture is just as serious a fraud issue as accounting scams or FCPA violations.
That’s the shift in corporate culture that Boeing needs to achieve. Its workforce must see “doing the right thing” as not just a matter of obeying the law, but also as a matter of focusing on safety and product quality above all other priorities — including hitting financial performance targets.
OK, so exactly what is Boeing supposed to do to achieve all that? The plea agreement listed a few specifics.
Commitment to compliance. This commitment is supposed to happen on two levels. First, senior management and the board must “provide strong, explicit, and visible support and commitment to compliance… and demonstrate rigorous support for compliance principles via their actions and words.”
Second, the company must assure that “mid-level management throughout its organization reinforce leadership’s commitment to compliance policies and principles and encourage employees to abide by them.”
Interesting to see how prosecutors stressed the importance of middle management embracing that same commitment to compliance; I haven’t seen such language used too often. My immediate question is whether Boeing will drill that commitment into middle managers’ heads through compensation plans that somehow drive respect for compliance, ethics, and anti-retaliation.
Policies and procedures. First, Boeing must adopt “a clearly articulated and visible corporate policy against violations of U.S. fraud laws,” and then adopt other compliance policies and procedures as necessary to reduce the chance of fraud violations (and other compliance violations too).
I’ll be curious to see how that evolves in practice. For example, Boeing has a famously succinct Code of Conduct (barely half a page long) that focuses more on principles of ethical conduct than on specific compliance actions. The word “fraud,” however, doesn’t appear in that Code of Conduct at all. So will Boeing add one more line along the lines of, “I will not engage in any type of fraud, including actions that jeopardize safety and product quality”?
Boeing also has a longer (27 pages) set of guidelines for ethical business conduct. That document only mentions fraud twice, both times more in the context of financial fraud and accurate business records. So I also wonder how Boeing might incorporate a new more safety-focused fraud policy there, too.
And finally, Boeing must review and update these anti-fraud policies on a regular basis. Specifically:
The company shall review its anti-fraud compliance policies and procedures as necessary to address changing and emerging risks and update them as appropriate to ensure their continued effectiveness, taking into account relevant developments in the field and evolving international and industry standards.
That sounds nice in theory, but let’s remember how Boeing got here in the first place: management pressure to hit performance goals and keep the manufacturing processes running on time.
If Boeing is serious about improving its safety performance and corporate culture, that pressure from management is the real risk that needs attention. Management pressure is what compels people to forge safety documents, ignore whistleblower complaints, and slow-walk audit findings that might challenge the rosy projections management is trying to sell to the board, customers, investors, and the rest of the world.
How will Boeing assess that risk against a culture of safety and compliance? That’s the question I want answered. Then again, Boeing should’ve answered it years ago.