Yes! Compliance training is absolutely necessary.

In the midst of violations of the Foreign Corrupt Practices Act (FCPA), both the U.S. Department of Justice and the Securities and Exchange Commission determined not to pursue charges against Morgan Stanley because of the company’s robust compliance program. Allegations of fraud were committed by one of Morgan Stanley’s managing directors, Garth Peterson.  According to the SEC complaint filed in April, 2012, Peterson evaded the company’s internal controls when he convinced Morgan Stanley to sell real-estate interest to a Chinese state-owned entity “Shanghai Youngye Enterprise.”  Unbeknownst to Morgan Stanley, Shanghai Youngye Enterprise was actually a shell company owned by Peterson and the chairman of Shanghai Youngye Enterprise.  The complaint also alleged that Peterson arranged to pay himself and the Chinese Official $1.8 million in fraudulent finder’s fees that Morgan Stanley’s fund purportedly paid to third parties.

 

Morgan Stanley is Exonerated.

It is rare for a company to be completely exonerated when FCPA violations occur.  Historically, the DOJ has given credit for compliance initiatives implemented after a violation occurred.  Compliance programs are typically created as a reaction to violations as part of a settlement or a non-prosecution agreement.  In this incident the DOJ and SEC officials made the decision not to pursue charges of any kind against Morgan Stanley and only charged the individual employee when they determined Garth Peterson participated and certified the company’s mandatory compliance training. Despite years of compliance training, Garth Peterson used a web of deceit to thwart his employer’s efforts to prevent corruption.  Peterson pleaded guilty in federal court to conspire to evade Morgan Stanley’s internal controls required to maintain under the FCPA.  Peterson faces up to five years in prison and a maximum fine of $250,000 or twice his gross gain of the offense.
The DOJ and the SEC agencies specifically cited the compliance practices as reasons not to bring any enforcement action against Morgan Stanley

Maintain strong internal controls.

Morgan Stanley maintained a system of internal controls which provided reasonable assurances that its employees were not bribing government officials and ensured accountability for its assets and to prevent employees from offering, promising, or paying anything of value to foreign government officials.  The company updated such controls on a regular basis to reflect regulatory developments and specific risks, prohibit bribery, and address corruption risks.

Launch an Internal Investigation.

Morgan Stanley quickly moved to launch a full internal investigation into the charges against Garth Peterson.  The company determined the scope of improper payments and other misconduct and took immediate disciplinary action.

 

Frequent training on internal policies.

Morgan Stanley frequently trained its employees on its internal policies, the FCPA, and other anti-corruption laws.  Between 2002 and 2008, Morgan Stanley trained various groups of personnel on anti-corruption policies on at least 54 occasions.  The SEC reviewed the training records of Morgan Stanley and determined the company trained Peterson on the FCPA at least seven times.  In addition to live and web-based training, Peterson participated in a teleconference anti-corruption training seminar.

 

Code of conduct.

Morgan Stanley’s company code of conduct clearly states the prohibition of all forms of bribery and provides special considerations when interacting with a government official.  The code of conduct includes specific policies such as the “Events and Conference System” to obtain pre-clearance from a supervisor and the anti-corruption group.  The “Global Anti-Corruption Policy” and “Expense Management Policy,” explain in detail and provide examples to prevent corruption.  Peterson and all employees were made aware of these policies.

 

Written compliance certifications.

Morgan Stanley required each of its employees to provide annual written certification to adhere to the code of conduct including a portion directly addressing corruption risks and activities in violation of the FCPA.  Garth Peterson submitted his mandatory annual written compliance certification.

 

Compliance reminders.

Garth Peterson also received at least 35 FCPA-related compliance reminders including policies on gift-giving and entertainment; guidance on engagement with consultants; and policies addressing specific high-risk events.  Morgan Stanley created a corporate culture of compliance through utilization of compliance training.

 

Extensive due diligence.

Morgan Stanley has a “Business Partner System” which requires due diligence through corporate security and preclearance by the regional anti-corruption group.  Extensive due diligence is conducted on all third party and new foreign business partners to impose stringent controls on payments made to business partners.  Due diligence ensures transactions are conducted in accordance with management’s authorization and prevents improper payments or the transfer of things of value to officials of foreign governments.

 

Conflict of interest.

Morgan Stanley required its employees, including Garth Peterson to annually disclose their outside business interest.  Peterson never disclosed his conflict of interest with Shanghai Youngye Enterprise.

 

Continuous monitoring and compliance reminders.

Morgan Stanley practiced continuous monitoring as compliance personnel regularly monitored transactions, randomly audited particular employees, transactions, and business units, and tested to identify illicit payments.

 

Ask your compliance officer.

The question compliance officers must answer: Will our compliance training program prevent the DOJ or the SEC from investigating a FCPA violation? While Morgan Stanley’s compliance program earned it a reprieve, saved the company millions of dollars in fees and prevented damage to their reputation, it doesn’t mean it serves as a model to be readily copied, since every company has different circumstances and needs.  Compliance officers should take care not to assume the internal controls listed above are the only ones that matter.  Compliance processes in this particular case helped show where the employee circumvented internal controls but there is still a lot more that companies need to do as it applies to their own anti-corruption and compliance programs.

 

Jaclyn Jaeger reported on this story for Compliance Week on May 08, 2012.  To read the article: www.complianceweek.com/compliance-rescues-morgan-stanley-from-fcpa-prosecution/printarticle/239476/