The goal of enforcement is to deter misconduct and promote compliance. That connection is not always clear. In the FCPA context, there is ongoing debate about the importance of prosecuting individuals for FCPA violations to deter corruption, and the impact that a corporate compliance defense would have on overall compliance efforts.
In an interesting article (here), Cartels, Compliance and What Practitioners Really Think About Enforcement, D. Daniel Sokol argues that the Justice Department’s Antitrust Cartel Enforcement and Leniency Program does not necessarily maximize deterrence and corporate compliance. Sokol’s analysis can be applied to FCPA enforcement and compliance programs.
Sokol claims that the Antitrust Division’s Leniency Program creates incentives for corporation violators to “regularly game the leniency program” to punish their competitors. Companies have strong incentives to settle rather than to litigate cases in which the legality of cartel conduct may be questionable.
In trying to maximize compliance, aggressive deterrence does not always lead to greater compliance. It is not easy for companies to embed effective compliance programs in sub-units of a corporation and to individual actors. This is even more challenging when dealing with global companies which have foreign operations. It is difficult to communicate to foreign units and employees the need for compliance in order to avoid prosecution in the United States.
Interestingly, Sokol found that many companies rely on “paper” compliance programs which are ineffective. Compliance improves significantly with training programs which are conducted regularly and not through formulaic presentations.
The transformation of a paper compliance program to an effective compliance program depends on communicating compliance norms and trying to change behavior within the cultural context of the corporate unit. Sokol describes this as transforming behavioral norms so that compliance and ethical conduct become the behavioral norm inside the company.
In this context, the compliance requirements contained in the US Sentencing Guidelines are good on paper but need to be fleshed out. Somehow more detail needs to be prescribed and more guidance on how exactly compliance should be designed and implemented.
The implications of Sokol’s analysis for FCPA enforcement and compliance are three-fold:
(1) compliance requirements need to be enhanced and a new baseline of requirements should be established either through legislation, regulation or amendment to the Sentencing Guidelines;
(2) an adequate procedures compliance defense should be considered to increase incentives to implement compliance programs; and
(3) increased prosecution of individuals who violate the FCPA would increase deterrence and help to change compliance “norms” inside the company.