By Howard Sklar

Howard is a friend of thebriberyact.com.  Howard is a compliance officer with over 17 years of experience. He has been a prosecutor, regulator, compliance officer, and in-house counsel. He has run anti-corruption programs for American Express and for Hewlett-Packard and was head of compliance for three operating divisions at American Express. Howard is now Senior Counsel with eDiscovery software company Recommind.  Howard writes the excellent Open Air blog as well as blogging at Forbes on compliance.

The SFO and the US DOJ and SEC frequently exhort corporations to Self Report concerns about corruption.  Yet, in spite of the public pronouncements to the contrary, in reality there are few examples of ‘real’ self reporting.  That is, where a company tells the enforcement agency something it would likely never have found out about unless the matter had been Self Reported.

In this piece our friend Howard Sklar lays out why he thinks this is the case based on his experiences in the US and lays out why a decision not to Self Disclose in the US at least, contrary to some reports, is a justifiable and understandable decision.

In the UK the position is different since corporations and senior officers must be mindful of liabilities under the UK’s draconian money laundering legislation – an important factor in considering whether self disclosure is necessary in the UK.

This article first appeared on the Open Air Blog on May 3.

“…Dick Cassin asked why WalMart wouldn’t disclose, calling the decision “baffling.”

Cassin is the Godfather of FCPA bloggers, and any question he asks is worthy of an answer.  And I understand why people would ask that question.  Looking back today on the decisions WalMart made then, it indeed seems like a baffling decision.  And Cassin lays out several benefits of early self-disclosure:

1. .    innoculation from charges of a cover-up
2. .    dissipation of bad news through market reaction
3. .    improved future compliance
4. .    protection, so to speak, from whistleblower complaints

All true.

A colleague once said that failing to self-disclose is like putting one bullet into a gun that has 1,000 chambers and pointing it at your head.  Self-disclosure is like putting 6 bullets into a 6-shooter and pointing it at your leg.

Let’s dissect that a bit, because it’s the kernel of truth that irritates our industry.

Many years ago, the position of the DOJ was that companies should come in and self-disclose early, even before the facts in a problematic situation were fully developed.  I always thought that was unrealistic.

For most in-house counsel, the question isn’t whether you should disclose potential problems, the question is whether to disclose actual violations.  That’s true for most outside counsel as well.

Let’s take a second to spell out what a decision to self-disclose takes, from an in-house perspective.  You have a compliance officer.  Posit that this compliance officer finds out information; he or she gets a phone call with someone who’s uncomfortable with something.  The compliance officer makes a few phone calls, looks at a few documents.  Not a full-on investigation, just a little checking.  Enough to confirm that there’s some smoke there.

According to the 2006-version of the DOJ, now’s the time to disclose.

How would that work, exactly?

The Compliance Officer goes to the Chief—or Deputy, or his supervisor, however many layers of approval you’d need—and says “I got a call and talked to some people, and I think we have a problem.  We may have paid some facilitation payments to some zoning folks to get our sites approved.  The person who made the payments didn’t go through our approval process, and I’m not sure how the payments were recorded.  Oh, and I think we ought to go into the Department of Justice and self-disclose.  After all, it would innoculate us from allegations of covering up, it would get information into the market early and blunt a more major reaction, it would help us improve our future compliance, and it would front-run any potential whistleblowers.”

What do you think the reaction of the CCO would be?  My first thought about the CCO’s reaction is that it would be, “are you out of your f%&$#ng mind?!”  But perhaps that’s not a cultural fit with the company.  He might also say, “that’s an interesting perspective.”  Which, in one company I know, is the code for “are you out of your f%&$#ng mind?!”  One of the first things you have to learn when you go in-house is the company’s (or your boss’) code phrase for “that’s the most boneheaded idea I’ve ever heard!”

Continues the CCO: “one, we don’t know that anything happened.  Why would we disclose something that didn’t violate the FCPA?  Two, even if we did pay something, aren’t facilitation payments legal under the FCPA?  So why would we disclose to the DOJ that we did something legal?  Three, we’re not going to notify the DOJ that they should start investigating us; what if they start up a full-on investigation?  We don’t have the outside counsel budget for that.  Why don’t you start looking into it a bit more, and if we find out we really did something wrong, we’ll talk about it then.  I certainly can’t go to the General Counsel and say that we want to disclose something when we don’t even know what it is that happened, right?  And suppose I did, what is the GC supposed to tell the Board?  It’s ultimately their decision.  No.  Go investigate, and then we’ll talk.”

So let’s say that the compliance officer goes out and finds that facilitation payments were actually made.  And that the payments were only questionably facilitation payments.  And that they were recorded incorrectly.

So now the compliance officer goes to the boss and says that now we have to disclose, right?

Not so fast.

“What would you suggest we do about it, now that we know that people broke policy?  It’s not the policy’s fault that people didn’t follow it.  Let’s do some additional training.  Discipline the employee, you say?  I don’t know.  Those HR people are a pain in the ass, and they’re trying to horn in and take away HR compliance from us.  And the employee, he’s a high-performer, right?  In a high-performing unit?  The business will crucify us if we even try to discipline someone who brings in so much money.  Sure, they talk a great game, but reality is reality.  Maybe we can come up with something creative.  Make the person give the training, or something.  Or put an official warning in their file.  In the meantime, we can also send out a reminder about the facilitation payment policy.”

“Sure, I know that these might not have been facilitation payments.  But it’s a real argument that they were, right?  We wouldn’t get laughed out of court?  Because you know that’s the question the GC is going to ask me, right?  We’re not going to disclose something that wasn’t a crime.”

“Yeah, we might have recorded the payments wrong, I know, you don’t have to remind me.  But the amounts weren’t material to a company like us, so I don’t think the SEC would have anything to say about it.”

“Okay, yes, there is a danger of a whistleblower.  But I don’t think this will ever come out.  And if it does, we can say that we took appropriate remedial action, and disciplined the employee, and gave additional training.  I think we’d be fine.  But just to be on the safe side, since we’re not absolutely sure that there were any laws broken, put as the final disposition of the investigation that the complaint was unsubstantiated.”

Okay, maybe I’m being a little cynical.  Of everything I just wrote, I think the two areas I was most cynical about were the failure to fire the person and the closing it out as unsubstantiated parts.  Not totally out there, mind you, just slightly more cynical than maybe reality warrants.

The rest of it, I think, is dead on.

How do you convince someone to disclose when you don’t know what’s actually happened?  I thought it was unrealistic when the DOJ said it in 2006, and it’s unrealistic today.  And the DOJ’s position on this has evolved a bit too.  You don’t hear them say that anymore.  Now, it seems that they want you to develop the facts a bit.

And don’t tell me that outside counsel would advise any differently.  Sure, they’re all saying now that WalMart should have self-disclosed.  But if you had asked them back then, I think we would have heard a different song.  Outside counsel know there’s an aversion to self-disclosure, and they don’t want to propose a non-starter: it makes them look bad.

But what about whistleblowers?  They’re everywhere, says Cassin.  That’s true, but it’s still a small percentage of the total, and the odds of any particular investigation coming to light is still small.

I’m not saying this is a good state of affairs, and maybe I’m just feeling a bit cynical right now, but I think this is where we are, and it explains why self-disclosure is seen in such a negative light.”