Two important cases this year serve as strong reminders that, to be effective, compliance programs must be supported by a culture of doing business the right way.
Back in May, Toll Holdings agreed to pay more than $6 million to settle claims of US sanctions violations. OFAC identified almost 3,000 potential violations over a six year period with a value of approximately $48 million.
Toll had a sanctions compliance policy. However, when one of Toll’s banks restricted use of a US dollar account after identifying a US dollar transaction involving Syria, the reaction was a real cultural red flag: a Toll treasury employee emailed employees instructing them to avoid including the names of sanctioned jurisdictions on invoices going forward.
In September, Oracle Corporation settled with the SEC regarding violations of the Foreign Corrupt Practices Act (FCPA). The SEC charged that Oracle’s subsidiaries in Turkey, the United Arab Emirates (UAE), and India created and used slush funds to bribe government officials in return for business between 2016 and 2019.
The slush funds were created using discount schemes and sham marketing reimbursement payments. Once again, these commercial programs were not without controls, including a three-tier approval system above designated amounts and depending on the amount of the discount , approvals from outside the subsidiary seeking the discount.
Marketing reimbursements were arranged through purchase orders to reimburse customers for marketing expenses for Oracle’s products.
Oracle employees circumvented these controls and used both excessive discounts and sham marketing reimbursement payments to create slush funds. According to the SEC “The direct supervisors of these sales employees, who were complicit in the scheme, approved the fraudulent requests.”
Sales employees referred to the accounts as “havuz,” which means “pool” or “kumbara,” which means “moneybox,” and routinely used the slush funds to pay for the travel expenses of customers, including government officials, to attend conferences in Turkey and the US, sometimes including the expenses of officials’ families, and for side trips to Los Angeles and Napa Valley. All this, with the knowledge of the subsidiary’s management, who condoned the practice, according to the SEC.
The message from these two settlements is clear: to be effective compliance programs must be supported by a strong culture of compliance, endorsed by employees at all levels, across the organization. The larger and more complex a corporation, the more challenging this becomes. Nevertheless it is essential.
Comments