I recently had the chance to sit down with Mikhail Reider-Gordon, Managing Director of Global Affairs at Affiliated Monitors, Inc. (AMI), for a five-part sponsored podcast series. We touched on various aspects of monitorships, including why independence matters, the American Bar Association’s (ABA) Guidelines on Monitors, Gordon’s professorial career at the International Anti-Corruption Academy, cultural differences between international and US domestic monitorships and the continuing evolution in monitorships.
Gordon began her career at the RAND Corporation, providing analysis to US governmental agencies. From there she took on investigators and crisis management roles at Homeland Security and then returned to the private sector, where she began her career leading piracy investigations for the Motion Picture Association of America, building their first global internet and piracy program. She then moved to one of the “Big Four”, Deloitte Touche Tohmatsu Limited (Deloitte), where she advised global corporations around anti-corruption and fraud, anti-money laundering (AML) and technology. From Deloitte, she transitioned to global disputes and investigations at Navigant Consulting, Inc. (Navigant), focusing on regulatory compliance and political cultural challenges where they intersect with laws and regulations for corporate and institutional ethics. She joined AMI several months ago as Managing Director of Global Affairs.
A. Why Independence in a Monitor Matters
From this varied background Gordon has seen the continuing and ever-present need for independence by monitors and in monitorships. She noted that she has observed the selection of monitors “where their true independence is perhaps dubious.” There has also been a trend of “hiring former colleagues with their agencies or people that have worked with in the past by regulators.” This has led some commentators to accuse the process of cronyism but also that monitors may be more sympathetic to the enforcement side. This latter point has led many companies to shy away from monitorships when perhaps they could best use their assistance.
It has also led into what Gordon characterized as the “danger of informal sympathies” with “subtle influences that can remove true impartiality.” Gordon underscored that true neutrals are not as easily come by as many may have thought. Such informality can be found in so many of our human relationships, former law school classmates, work colleagues, friendships, even home or social background can play such a significant role in allowing dispensations to occur, all of which can impact success of combating noncompliance.
Additionally, “emotion driven exchanges, including values-based practices of solidarity and belonging and ubiquity.” She concluded that these issues are “not often visible to anyone outside and maybe not even consciously understood by those involved themselves, but it can certainly lead to the awarding a monitorship to an individual or firm that’s not genuinely independent.” All of this can lead to “a subtle spectrum here where informality and culture can allow biases to impact the value of the monitoring process before it is even kicked off.”
It is important that the monitor does not set out with a new agenda or most particularly is not concerned about retaining other business with an industry or company. This extends to not playing “gotcha” or coming into a monitorship with a regulators mentality. Rather, Gordon suggested that a monitor come in with an attitude of improvement or, in another word, remediation.
We turned to the issue monitors face perhaps not a recalcitrant company but one which genuinely believes they have done nothing wrong. Gordon emphasized the key is that there is still room for improvement. Even if a company begins from a “negative place” Gordon believes that one of the jobs of a monitor is “helping them get to an understanding that no compliance program is ever complete, that there are always improvements to be made.” Companies need to recognize where changes are occurring and monitors help in adapting to this change.”
Every company’s compliance program is in constant evolution. These changes could be driven by a wide variety of factors such as a change in a proposed marketing campaign, a new acquisition or merger, a new product or product line or an expansion into a new territory. Even a change in personnel can prompt revisiting elements of a program. Compliance and ethics programs need to be growing and changing constantly.
Gordon tied all this “back to understanding on ethical culture where informality can allow certain behaviors to slide into a negative situation.” It could be “a willingness to cross lines regarding a specific regulation or failing to see that the spirit of the laws are not being fully upheld in a particular entity.” All of this means a monitor “can start with the proposition that every compliance and ethics program can be improved and then move to address what changes have to occur that will demonstrate to the outside world company and to the regulator which is overseeing terms of settlement agreement. Let’s get you to that place and help you to understand the value of constant evolution and compliance and ethics program.”
B. ABA Guidelines on Monitors
Gordon has been heavily involved in the ABA for more than a decade. She currently serves on the Council, the Section of International Law and has done so for about 10 years off. She has previously served as the Rule of Law Officer and is currently serving as the Technology Officer. She has served on a number of committee levels, Co-Chair of the International Anti-Corruption Committee, the Anti-Money Laundering Committee and the Corporate Social Responsibility Committee. Basically, Gordon is “a fan of the ABA.”
Gordon has long been a part of the ABA’s discussions around monitors. These standards are found under the Criminal Justice Standards on Monitors (the “ABA Standards”). The ABA Standards emphasize the monitor selection process should encourage consideration of a broad range of monitor candidates and should not be artificially limited by demographic, professional and geographic factors. Gordon also emphasized that “qualifications, integrity, credibility and professionalism are the top of the list.”
Moreover, under potential exclusion, there are a number of examples the standard provides that should be baked into every monitor selection process. Basically, anything that appears to create a conflict of interest or would be perceived to impair the monitor’s judgment or independence are non-starters. Yet, Gordon believes the standards actually go further. She stated, “They go onto provide additional factors that should be considered, some of which may seem obvious to us; such as not having worked for the organization being monitored during the time of the activity in question; not holding prior affiliation with a firm that provided legal or other professional services to the organization being monitored; and even extending to any other factor that could bias or impair or be perceived bias or impair the monitor's judgment, objectivity, independence, including the prospect of future engagement or other economic considerations that could influence it”. The bottom line is that the ABA Standards “emphasizes the importance of independence.”
All of this extends beyond the criminal side where a monitorship might be put into place concerning a prosecution. It also extends to the civil side of enforcement. Moreover, the ABA Standards can also be applied to a variety of over situations where the independent third-party might be an ombudsman, Independent Sector Inspector Generals or other nomenclature. Gordon believes that “encoding true independence is essential no matter what form a monitorship takes, what title you give it, or whatever you might call it.”
I asked Gordon about not simply monitor impartiality, but even the appearance of bias or the perception of partiality by a monitor selection or a monitor’s actions. Gordon believes this additional criterion, both the appearance of bias and the perception of impartiality, sometimes “gets a little lost a times during the selection process.” It is this true independence which invests trust and faith by courts and other stakeholders in the institution of oversight by independent third-party monitors. It also leads to how well external stakeholders feel about the value of the monitorship and what is being delivered to the organization.
Gordon concluded that independence cannot be over-emphasized. It is more than simply independence and non-impartiality in the selection process but in the entire monitorship. For the system to work properly for all stakeholders, there must be true independence. However, the ABA Standards go further with prohibitions on both the appearance of bias and the perception of impartiality. It is this additional step which is the cornerstone of the system.
C. How International Teaching Informs Compliance
We next considered how Gordon’s teaching of compliance and investigations at the International Anti-Corruption Academy inform her view of wide-ranging cultural differences in monitorships.
Gordon is a frequent Guest Lecturer at the IACA, having been on the faculty for about five years, teaching investigations and compliance. She also supervises graduate students in writing their thesis. The IACA is an international organization formed by 70 member States, about eight and a half years ago. It is dedicated to enhancing knowledge and education in the field of anti-corruption. It runs graduate level programs and degree programs dedicated to training professionals in combating corruption in all its married forms.
It is headquartered in Laxenburg, Austria, and hosts students from over 70 countries, including US, Europe and a heavy presence of African students. Many of the student are prosecutors and investigators from developing countries who are looking to expand their capabilities and technical skills in combating corruption back in their home countries.
Gordon said that from her work at the IACA she has garnered a wider appreciation of the cultural differences that every compliance practitioner and monitor need to be attuned to in monitorship work. She said, “that is one of the more enjoyable elements of it. We touch on a lot of cultural differences and we will raise scenarios or questions in the class. We’ll have folks from the Middle East, from Africa, from China, from Indonesia, India, Western European countries, from Brazil, from the US, from Canada, basically from across the globe. This leads to a wide range of opinions.”
She went on relate that cultural impact considerations are “always a lively debate. We talk about the differences it can make in planning an individual investigation, particularly when it’s got cross border aspects, cross cultural aspects, the design of a compliance program and how that can be heavily impacted by culture.” This discussion can “extend to tribalism or socioeconomic groups and how that may impact people’s willingness to whistle blow within an entity.” We can consider what “controls are acceptable and ethical in one country but may not be deemed in so in another country or seen in the same light in another; such as the idea of gift-giving as standard. So, we discuss those at length.”
We turned to the ever-evolving technological aspects of compliance data analysis and how new technologies have an impact on building and operating an entity wide compliance program. Gordon noted, “this is one of my favorite parts of the program that I teach. It is because not everybody really is focused on technology necessarily. We start with some exercises where we look at the different data privacy laws and cross border data transfer laws. And it never fails. People are just blown away to discover even in their own country’s laws or lack of them.” Our discussion on investigations can go into how an investigator might handle employee privacy and an employee’s personal identifying information.
Another area open for consideration is “how that impacts the creation when you’re structuring a compliance program that has to take in multiple jurisdictions, competing laws or laws that really conflict with one another, all predicated on the jurisdiction.” For Gordon, one of the “best parts of teaching that is of course, is that it evolves literally constantly. This means every year I have to redesign part of that curriculum to adjust for all the legal developments that have gone on around the world and in the types of technology which every compliance practitioner must use.”
Gordon concluded that all of these discussions generate a lively debate. She has students of varying levels of sophistication considering how you work through these issues if you do not have an evolved compliance program or you do not have sophisticated technology to aid in this. All of this certainly confirms what I have learned in many years as a blogger and podcaster; that compliance professionals can and do bring a lot of their own knowledge with them. By teaching at the IACA, Gordon is able to learn back from her students because they have a wealth of their own knowledge and “if you get them in a room together and there’s really a lot of value out of it.”
D. Cultural Differences in Monitorships
What are some of the cultural differences between international and US domestic monitorships? This question continues to be critical as recently as last month, there was an international enforcement action, involving the US and Brazil where a monitor was required. This is but the latest example of not only international cooperation investigations, but international cooperation in enforcement actions. How do cultural differences and legal process differences affect the structures of monitorships, for individuals or entities and how do we begin to think through that issue?
Gordon noted that when structuring a monitorship of an entity or an individual, it can be an unknown. Some of the issues include how to approach and interact with all the stakeholders and how that is organized, as monitorships are heavily impacted by cultural considerations. Gordon stated, “I’ve lived in, worked in numerous countries and I can tell you that those legal processes, there are absolutely important cultural differences that have to be built in. For instance, I’ll take an example here in the US there really is not the same expectation that a corporation will take care of its employees beyond what is required under labor and employment law and safety laws. Yet in many other countries, employers may develop deep personal relationships with employees, really on a level that you and I might associate with familial relationships.” Obviously, this has impacts for monitorships with an international component.
Additionally, there may be separate monitorships from different sets of prosecutors. For instance, the Odebrecht corruption case mandated a US and Brazilian monitor. Gordon said that in such a situation, “as a monitor, we are appointed to help the organization remediate and approve. We need that buy-in, all the stakeholders.” Equally importantly, when a US based monitor is in other countries, considerations of cultural sensitivities, norms, values, are part and parcel of the design of the monitoring program. There can be “cultural values such as maintaining harmony within the organization, change how we approach interviews, dialogue with employees and managers, building consensus and so on. This can extend to seemingly basic monitoring elements such as asking and receiving questions. It can also be around how poor decisions can even be challenged within the company as in many cultures, they do not embrace challenging management even when employees know that what the managers are doing are violating the law.” All of these factors must be taken into consideration.
Another area, seemingly basic to the US corporate culture, is constructive criticism. Gordon said, “in another culture, we may need to deliver what would be deemed criticism is being deeply unpleasant. We may have to take that to a very private setting where no one else is going to witness it.” In the area of improvement suggestions, we will “not necessarily make those to a team where blame might be a portion to one individual without causing some damage. You have to be cognizant of that.” Another area which can present challenges is labor and employment laws around termination and whistleblowing. This is another area where it is “helpful for a monitor to have local understanding, local knowledge regarding what’s allowed under local law.” This often leads to the appointment of a monitor who does not need a long ramp up period because they are already familiar with these other cultural expectations and mores.
We concluded with Gordon’s thoughts on a US-based monitor working with foreign regulators. She said, “I think something that’s very important to remember. I think in some jurisdictions monitors are seen as the US waving a big stick and not taking into consideration local impacts”. Gordon believes that perception has shifted in the more recent years, but that a monitor must still be cognizant of the perception. A monitor must have an understanding around expectations and also help foreign regulators to understand “the monitor’s role, what we do, our independence and, and keep the dialogue open.” With such an approach, it can “help to give confidence to everyone, not just the regulators.”
E. Evolution of Situations Requiring Monitors
We concluded our exploration of monitorships by considering the continuing evolution in monitorships. Just as compliance programs and the role of the Chief Compliance Officer (CCO) have evolved, the situations involving a monitor have evolved. We began with a consideration of some of Gordon’s thoughts about how the intersection of law and technology, including privacy, data management and data bias are really driving the conversation with clients around oversight and monitorships. Gordon began with the trend and growth in monitoring entities that have violated data privacy laws. Interestingly, this can come not from any overt or even poor decision on a company’s part or action. It could be from a data breach or it could be they misuse data. Gordon pointed to misuse such as Facebook, under evolving privacy laws. Here Gordon related that “Companies are a little on the back foot.”
The reality is that the modern corporation, profit or non-profit turns on information and, from Gordon’s perspective, “a lot of entities have really not fully incorporated that into their overall compliance program structure. Monitors now are addressing both directly monitoring how an entity is handling their data, are well they are complying either with privacy laws or data security standard; as well as in other forms of monitorship where it is data intensive. There may be a personal identifying information or sensitive corporate information, sensitive IP and trade secrets. All that needs to be considered when monitors are working a company on a monitorship.”
The evolution of monitorships has also occurred around timing. Originally, monitors were brought in at the conclusion of an enforcement action. Now monitors are often brought in during and even before an enforcement action begins on a pro-active basis, to get out ahead of the problem. This can be to see if an issue exists or to remediate the issue before the conclusion of an enforcement action. If it is the former situation, it can help to prevent an enforcement action from even getting off the ground. If the enforcement action has already begun, the pro-active approach can help a company garner a declination or if one cannot be obtained prevent a multi-year, post-settlement monitorship from being mandated.
Gordon noted that through a pro-active monitorship, a company is “demonstrating to the regulator the seriousness. The company is demonstrating that they take this matter seriously, through this preemptive action. It is evidence there is genuine desire to comply with the letter and spirit of law. This means it can have real impact. This can lead regulators to conclude that the company is taking this matter seriously. This can lead regulators to basically conclude that all the resolution agreement needs to provide is to check their homework.”
It is this pro-active approach that allows a company to get out in front of things before a problem gets to a crisis point. Gordon noted, “we operate in a data-driven economy. There are new data privacy and security requirements and challenges up ahead. As a CCO, you may not be quite certain where that fit in to your overall compliance program. You anticipate one breach and you will suddenly find yourself in front of the FTC. That is the perfect opportunity to say maybe a proactive monitor coming in and helping us get a handle on how we ought to be addressing these risks on these problems before the crisis point.”
Gordan believes that such an approach not only has significant operational value but it can put an organization on the right footing with the regulators as it sets the right tone. But even more than simply the regulators (as important as they may be) are other internal and external stakeholders. Using such a pro-active approach, to find out where the vulnerabilities and threats are then reduce them; it leads all such stakeholder to feel like there is a plan for dealing with these ever-evolving laws and social expectations which could impact risk. Gordon concluded with “and that’s invaluable” for any business.
For more information on AMI, check out their website. For more information on Mikhail Reider-Gordon, check out her LinkedIn profile.