What is risk to your company? In the anti-corruption world, it is conduct which might violate the Foreign Corrupt Practices Act (FCPA), UK Bribery Act, Brazilian Clean Companies Act or one of the other internationally focused anti-bribery laws. The way to prevent such violations is to have an effective compliance program, which operationalizes compliance through prevention, detection and remediation. Yet FCPA compliance risk is but one of many which a company faces. Wells Fargo, Volkswagen (VW) and (you name the company here) have learned that lesson the very hard way.
Nevertheless, even if a company does not engage in illegal behavior, it can engage in conduct which can cause severe reputational damage. The most recent example is Goldman Sachs Asset Management and the beating in the court of public opinion the firm took for its purchase of $2.8bn in Venezuelan bonds last week. Liz Hoffman, writing in a Wall Street Journal (WSJ) article entitled “Goldman’s Venezuela Bond Trade Wasn’t Reviewed by Top Executives”, reported that the Goldman unit was contacted about purchasing the Venezuealan bonds, backed by revenues from the state’s national energy company PDVSA, for about one-third of their face value. The bonds mature in five years and included annual coupon payments. At Goldman, for the decision to buy the bonds was a “no brainer.”
The reputational probem comes primarily that the bonds were not sold on the secondary market but were sold directly by the Venezuealan national bank. This means at approximately $800MM goes directly into the pockets of the Maduro regine. Critics, including former Venezuelan government officials, the current Venezuelan National Assembly and opposition leaders, blasted the deal saying it held out a lifeline to the current government. Further, opposition leaders had recently pleaded with international financial institutions to avoid any transactions that might aid or legitimize the current government accused of human-rights abuses. Yet, the “Venezuelan imbroglio also highlights how the priority of the firm’s asset-management business—to make money for its fund investors—can clash with Goldman’s post crisis push to view potential business with an eye toward protecting its reputation.”
Moreover, Diego Arria, a former governor of Caracas and former Venezuelan ambassador to the United Nations (UN), when asked by the WSJ “How could you criticize a money manager for buying something so cheaply?” he said, “That is what they do.” To top it off Goldman gave one of the most tone deaf public responses by saying “We recognize that the situation is complex and evolving and that Venezuela is in crisis. We agree that life there has to get better, and we made the investment in part because we believe it will.”
This would seem to be about as far from compliance as one could get yet this matter falls directly into the compliance realm for several reasons. These reasons point to how the compliance profession is evolving, why compliance should be operationalized into the business of any organization and how risks must be assessed and managed going forward. It was clear to anyone who might have bothered to consider the larger issues, that purchasing bonds from Venezuela would bring scrutiny and lots of it.
Dakin Campbell, writing in a Bloomberg piece entitled “Goldman’s Compliance Staff Is Reviewing Venezuela Trade”, reported, “Eric Lane and Tim O’Neill, who run Goldman Sachs’s investment-management division, weren’t briefed on the trade until after it was completed, the person said. The firm’s business-standards committee, set up by Chief Executive Officer Lloyd Blankfein in 2010 after the financial crisis, didn’t review the trades either, and neither did the investment-management unit’s own standards committee”. He went on to note, “Goldman Sachs Asset Management’s portfolio managers aren’t typically required or expected to get pre-approval from senior managers for their investments. There is a system in place to trigger a review in cases where the purchase might carry heightened reputational risk for the firm. That process wasn’t used in the Venezuela transaction.” This means that the firm’s internal controls were either circumvented or were simply not followed.
The article noted that both the firm’s compliance and legal staff were “reviewing the purchase of $2.8 billion in discounted Venezuela bonds after the deal sparked protests and calls for a legislative probe, according to a person with knowledge of the matter.” This source went on to say, “The review is focusing on how the process can be improved”. That sounds quite a bit like a root cause analysis, most recently as laid out in the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (Evaluation) which declares under Prong 1:
Root Cause Analysis – What is the company’s root cause analysis of the misconduct at issue? What systemic issues were identified? Who in the company was involved in making the analysis?
Prior Indications – Were there prior opportunities to detect the misconduct in question, such as audit reports identifying relevant control failures or allegations, complaints, or investigations involving similar issues? What is the company’s analysis of why such opportunities were missed?
All of this comes at a time when Goldman has become much more sensitized to its public reputation, most particularly after the fallout from the 2008 economic downturn. Hoffman noted, “In 2010, after a government lawsuit accused the firm of defrauding mortgage-bond investors—a suit it later settled for $550 million, agreeing it had made mistakes—the bank formed a firmwide standards committee to reshape its business practices and mend its reputation.” This included the internal controls for not only supervisory review of controversial transactions but also review by senior management, in addition to that from compliance and legal.
Goldman worked to operationalize this new risk management. The firm rolled out “Training sessions for employees, many of them run by Chief Executive Lloyd Blankfein, stressed the importance of protecting Goldman’s standing in the eyes of clients and the public.” Indeed, at one 2012 training session Blankfein said “Everyone has to have big eyes, big ears, know what’s going on around them, and be policemen for the organization. At the end of the day, we only have one reputation. We rise and fall together.” At least in this Venezuelan bond transaction, all of these systems failed and the fallout for Goldman continues.
All of these facts point to not only why compliance should be operationalized but also gleans how it can be done going forward. Goldman bankers should always be supported in their primary goals of making money for its investors by compliance; whether it be through ongoing monitoring or other sufficient controls which cannot be circumvented. It could be as simple as having a list of countries which traders will not purchase bonds from without a second set of eyes. At the barest minimum, such compliance support might well have helped Goldman avoid its latest PR disaster.
[View source.]
