If you trace the path of an FCPA violation inside an organization, at a minimum, you will see a path of lost opportunities, oversights and omissions. If you see anything different, you may be looking at a deliberate scheme involving complicity or active steps by senior management to a bribery scheme.
Assuming we are looking at a situation where senior management and the board failed to act, conducted sloppy oversight and monitoring and generally acted indifferent, it is important to focus on why the board failed to carry out its duties.
The government is concerned that corporate boards are failing to meet even their basic fiduciary obligations.
Let’s go back to basics in the Caremark decision.
The standard for civil liability for a failure to oversee and monitor corporate activities that may violate the law is relatively clear (at least in principle) — Directors have an obligation to create information gathering and monitoring mechanisms to ensure compliance with the law. If they fail to follow such a mechanism or to monitor the program to ensure its effective operation, board members can be liable.
Caremark is only half of the equation. The other half is that the government uses criminal laws to prosecute corporations for criminal violations. Board members are increasingly failing under government scrutiny in criminal investigations.
The standard for board liability will depend on the specific crime and the requisite intent. In the FCPA context, a board member can be held responsible under the criminal deliberate ignorance standard. This translates to a deliberate failure to act in the face of significant and specific risks that are known to the board.
In practice, in the last few years, the distance between the civil liability standard and the criminal FCPA standard is narrowing. Prosecutors have made statements recently that they intend to narrow this standard even more in the face of continuing AML deficiencies and other white collar crimes.
Corporate boards are understandably nervous. They already feel overburdened by the amount of information they are given and asked to review and monitor to carry out their basic oversight responsibilities.
The government is intent on pushing boards for greater accountability and improved performance. In reaction, corporate governance has to advance in three significant respects.
1. Appoint board members with substantive expertise in high-risk areas. Board members need to identify potential board members who have expertise in compliance and other substantive areas.
2. Review and revise the flow of information to and from the board to ensure that board members are receiving information which is relevant, timely and needed to exercise proper oversight and monitoring. Too often, board members are being given access to mountains of information as precautionary step usually directed by outside counsel or the Secretary as a way to avoid potential liability. To the extent that information is not provided to the board in the future, advice of counsel on changes to the information policy should be secured and maintained to defend against any post hoc second-guessing lawsuits.
3. Encourage board discussion and engagement. The more a board engages in discussion among themselves, the better the decision making. As part of this engagement strategy, it is critical that board members participate in corporate activities, meetings and events, as appropriate, and that they communicate informally on a regular basis with senior managers and other important stakeholders.
Corporate governance needs to move forward and develop new models for supervision and monitoring. A seat on the board will require more active oversight and monitoring and personal interactions with important stakeholders.