This piece was originally run in the Rochester Business Journal and is republished here with permission from the author.
It’s a cold cruel world out there for corporations. It all started in 1909 when, in U.S. v. New York Central & Hudson River Railroad Co., the U.S. Supreme Court ruled that corporations may be held criminally liable for the acts of agents and employees acting within the scope of their authority. Since then, many courts have held that this rule applies even when the employee or agent commits a criminal act in violation of corporate policies.
This is a very harsh rule. It means that even if you were to tell an employee not to do something and, despite your admonition, that person turned around a few minutes later and did it in the course of job activities, the company could be held civilly and criminally liable for the act. So if you’ve ever wondered why so many of the world’s best-run corporations have been hit with fines of millions or even billions of dollars, you’ve got your answer. It isn’t because the government has found some great evil mastermind at the helm of these organizations and brought them to justice. Instead, it is a reflection of the reality that no matter how hard you might try, it is very difficult to control the behavior of a large group of people, many of whom grapple with a constant temptation to cut corners to get their jobs done.
In 1991, the U.S. Sentencing Commission gave some relief to corporations from this harsh rule when it published the Federal Sentencing Guidelines for Organizations. The guidelines, which were amended in 2004, provide that if a corporation has been convicted but has an “effective compliance and ethics program,” it can receive a reduction of up to 95 percent in any fine. But that’s not all. The Justice Department has issued Principles of Federal Prosecution of Business Organizations, holding out the possibility that a corporation might not be prosecuted at all for the crimes of its employees. These principles state, in part:
“In conducting an investigation, determining whether to bring charges and negotiating plea or other agreements, prosecutors should consider the following factors in reaching a decision as to the proper treatment of a corporate target:
- The nature and seriousness of the offense, including the risk of harm to the public, and applicable policies and priorities, if any, governing the prosecution of corporations for particular categories of crime;
- The pervasiveness of wrongdoing within the corporation, including the complicity in, or the condoning of, the wrongdoing by corporate management;
- The corporation’s history of similar misconduct, including prior criminal, civil and regulatory enforcement actions against it;
- The corporation’s timely and voluntary disclosure of wrongdoing and its willingness to cooperate in the investigation of its agents;
- The existence and effectiveness of the corporation’s pre-existing compliance program;
- The corporation’s remedial actions, including any efforts to implement an effective corporate compliance program or to improve an existing one, to replace responsible management, to discipline or terminate wrongdoers, to pay restitution and to cooperate with the relevant government agencies;
- Collateral consequences, including whether there is disproportionate harm to shareholders, pension holders, employees and others not proven personally culpable, as well as impact on the public arising from the prosecution;
- The adequacy of the prosecution of individuals responsible for the corporation’s malfeasance; and
- The adequacy of remedies such as civil or regulatory enforcement actions.”
Corporations around the country heard this message loud and clear and started building compliance and ethics programs to “prevent and detect” crimes by their agents and employees. But for decades there has been a problem for advocates of this fairly sensible approach to corporate governance: They could find no examples of cases in which corporations actually got credit for their compliance and ethics programs.
This was driving compliance and ethics officers and corporate lawyers crazy. Many were advising their management teams to invest in compliance and ethics programs, but if asked, they had difficulty producing even one example of the government cutting a company a break for having done so—until 2012, when a funny, wonderful thing happened on the way to the courthouse.
In April 2012, the Department of Justice and the Securities and Exchange Commission charged Garth Peterson with violations of the Foreign Corrupt Practices Act. To everyone’s astonishment and delight, both agencies also announced that they had declined to prosecute or charge his employer, Morgan Stanley, because of its strong compliance program. This was the first time the agencies had publicly credited a pre-existing compliance program this way, and it was long overdue.
The SEC said that a Morgan Stanley compliance officer had “specifically informed Peterson in 2004 that employees of Yongye, a Chinese state-owned entity, were government officials for purposes of the FCPA. Peterson also received at least 35 FCPA compliance reminders from Morgan Stanley, but nonetheless committed the FCPA violations.”
This is a big deal. For many decades, the Justice Department, the SEC and their counterparts around the world have really hammered corporations when their agents or employees have been caught paying bribes to government officials. So it’s good to know that if a corporation takes reasonable steps to apprise employees of the rules, monitors compliance and satisfies the other criteria detailed in the Principles of Federal Prosecution of Business Organizations, the government might actually go after the wrongdoer rather than punishing the corporation as a whole.
The lesson is that if you don’t have an effective compliance and ethics program consistent with the federal guidelines, it’s time to get one. Doing so will not only reduce the chances of your company getting into trouble in the first place, but will also spare you some rather harsh treatment by prosecutors if one of your agents or employees goes rogue and commits a crime to get the job done.