In this episode Jay Rosen and I take a dive into the General Cable FCPA enforcement action, consider the ‘Invisible Hand’ of  Justice Department Compliance Counsel Hui Chen and greater regulatory enforcement, corporate response and innovation. We explain how these three factors combine in an ‘Invisible Hand’ to form a continuous improvement loop of compliance program innovation. It leads developments from cutting edge to best practices to becoming a routine part of an effective compliance program. We discuss the upcoming NFL divisional round of playoffs and conclude with Jay previewing the Jay Rosen Weekend Report. For more information on the General Cable FCPA enforcement action, check out my three-part blog post series

Part I-the Bribery Schemes

Part II-the Comeback

Part III-the Denouement

This week I have been exploring the General Cable Corporation (General Cable) Foreign Corrupt Practices Act (FCPA) enforcement action. It was settled with the Department of Justice (DOJ) via a Non-Prosecution Agreement (NPA) and the Securities and Exchange Commission (SEC) via a Cease and Desist Order (General Cable Order). There was also the resolution of a civil charge by the SEC against a former General Cable executive, Karl Zimmer, via a Cease and Desist Order (Zimmer Order). The fines and penalties paid by General Cable were not insignificant. The company paid a $20MM fine based upon its criminal conduct and paid another $51MM in profit disgorgement. Finally, based upon the conduct laid out by the SEC in the General Cable Order, the company was assessed another $6.5MM for violations of the FCPA’s accounting provisions. The $20MM figure reflects a 50% discount off the bottom of the US Sentencing Guidelines fine range, demonstrating that as bad as the underlying bribery and corruption may have been, the DOJ will give significant credit when the company meets the requirements under the FCPA Pilot Program.

In Part II, I considered how General Cable obtained such a positive result in the light of multiple bribery schemes in multiple jurisdictions and corporate awareness or conscious indifference to them. Today I want look at some of the lessons to be learned by the compliance practitioner.

However, before I get to the lessons to be garnered, I want to briefly discuss the SEC enforcement action against Karl Zimmer (Zimmer). Per the Zimmer Order, he was a Senior Vice President of General Cable who approved improper commission payments to a third-party Agent on sales by General Cable’s Angolan subsidiary to Angolan state-owned enterprises. At the time, Zimmer knew that policies prohibited excessive commissions to third parties on sales to state-owned enterprises. For his violations, Zimmer agreed to a $20,000 fine. The Zimmer action should stand as a stark reminder that individuals who violate the FCPA stand to lose as much or even more than corporations as it is difficult to believe any reputable company would hire someone who blatantly violated the FCPA.

The first obvious lesson is that the FCPA Pilot Program provides significant benefits for companies which meet it strictures. Even with the odious conduct of General Cable, the company made a stunning comeback. As much as the other enforcement actions announced since the implementation of the Pilot Program, this enforcement action has changed the calculus around self-disclosure. If the call is anywhere close, a company should self-disclose. Yet that is only the first step, as the other prongs must also be met to obtain the discount offered.

Regarding the second prong of significant cooperation, a couple of things stand out. The first no doubt warms the heart of Mr. Translations (Jay Rosen) by specifically stating that General Cable produced voluminous documents, including translations. Next was the manner of production, performed in way, “that did not implicate foreign data privacy laws; collecting, analyzing, and organizing voluminous evidence and information for the DOJ”. Jonathan Armstrong once said on a podcast that it was his experience there were usually numerous ways to produce documents and other evidence in a manner that did not violate certain countries’ data privacy. General Cable would seem to have found a way to do so. This may require the compliance practitioner to use some creativity or bring in experienced data privacy counsel but the clear import is the DOJ expects such efforts in document and other evidence production. Finally, was the notation that General Cable disclosed “conduct to the DOJ that was outside the scope of its initial voluntary self-disclosure.” This sets an expectation for companies to continue their investigations and turn over new or additional findings.

Next, there were several remediation areas that stood out. The first was termination of recalcitrant employees and those third-party agents and distributors who participated in the misconduct. Next a Chief Compliance Officer (CCO) was hired who reported to both the Chief Executive Officer (CEO) and the Audit Committee of the Board.

Interestingly was the requirement for operationalization of compliance into the business units of the company. The NPA stated, the company developed a “comprehensive compliance program that integrates business functions into compliance leadership roles, is designed to deliver clear and consistent communications and expectations Company-wide through policies and procedures, and includes frequent leadership communications to all employees.” This final clause speaks to the importance of not only tone at the top but continued communications from the senior management of the organization.

This operationalization also went down to the revamped third party program. The NPA specifically noted the company had built “a system for third-party due diligence that assigns ownership to business personnel to shepherd prospective third parties through a comprehensive risk assessment, review, and approval process.” This step clearly requires business unit involvement at the beginning and, indeed, all the way through the lifecycle of third party management.

Finally, remediation Step 10, which specified that the company would be “Delivering tailored face-to-face compliance training, including training on the FCPA, to the Board of Directors and senior executives, Internal Audit personnel, sales leaders, and all salaried employees.” [emphasis supplied]. The word tailored communicates the DOJ’s expectation for training far beyond the standard out of the box compliance training. It means you must put on training which is not only designed for the risk group it is being presented to but you must have some thought into the different risks for each discipline within an organization and their respective role in any compliance program.

As the final enforcement action of 2016, the General Cable matter may well be one of the most significant for the compliance practitioner as it clearly states the need to operationalize a compliance program. From the FCPA enforcement year for the record books, it could be the case which portends the most significant step in doing compliance forward. Finally when Hui Chen speaks through the vehicle of a FCPA resolution, the compliance profession should listen.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2017


Show Notes for Episode 4, Year End Review, Part I

We turn to the 2016 year in review, in this Part I of a two-part series.

  1. Jonathan Armstrong leads a discussion on a very interesting UK Bribery Act enforcement action out of Scotland involving the Braid Group Ltd. It has some very significant implications for Bribery Act enforcement actions going forward. He also discusses the continued evolution of the UK DPA process and who it all works into the burgeoning global anti-corruption enforcement we saw in 2016.

For Cordery’s piece on the Braid case, click here.

For Cordery’s piece on the continued evolution of the UK DPA practice, click here.

  1. Jay Rosen takes us through a Paul Krugman NYT post on some of the invidiousness of corruption, focusing on the corrupting nature of compliance around undue influence. Rosen explains incentives more than anything else and how such incentives skew the marketplace. He asks a couple of provocative questions. First are there too many FCPA, ethics and compliance conferences? Second, even with the robust FCPA enforcement and maturation of compliance programs, why does corruption still exist? For a link Krugman post, click here.

Rants will return in a couple of weeks.

The members of the Everything Compliance panel include:

  • Jay Rosen (Mr. Translations) – Jay is Vice President of Legal & Corporate Language Solutions at United Language Group. Rosen can be reached at
  • Mike Volkov – One of the top FCPA commentators and practitioners around and is the Chief Executive Officer (CEO) and owner of The Volkov Law Group, LLC. Volkov can be reached at
  • Matt Kelly – Founder and CEO of Radical Compliance, is the former Editor of the noted Compliance Week Kelly can be reached at
  • Jonathan Armstrong – Rounding out is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at




n this episode, I visit with noted FCPA compliance practitioner Mike Volkov on some of his top highlights from 2016 and what he sees into 2017 going forward.

Yesterday, I began an exploration of the Foreign Corrupt Practices Act (FCPA) enforcement action involving Teva Pharmaceuticals Industries Ltd. (Teva). It was brought jointly by the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) with total fines and penalties coming in at $519MM, consisting of a criminal fine of $283 MM and profit disgorgement of $236MM. The company entered into a three-year Deferred Prosecution Agreement (DPA) that requires an independent compliance monitor. The SEC issued a Complaint. The company’s Russian subsidiary, Teva LLC, also agreed to a Criminal Information and agreed to enter into a plea agreement pleading guilty to a one-count criminal information, charging the company with conspiring to violate the anti-bribery provisions of the FCPA.

In my previous post, I considered the underlying facts of the bribery schemes used in three separate countries, namely Russia, Ukraine and Mexico. Today I want to consider the penalty range, the corporate monitor, the actions of Teva to obtain the results it secured and what they all mean for the compliance professional going forward.

As laid out in the DPA, the fine range was between $353,971,685 and $707,943,370. Yet Teva paid $283,177,348 for its criminal violation. (The remaining $236MM was assessed by the SEC.) While the underlying facts demonstrated clear business unit involvement in intentional bribery schemes and conscious indifference at best by the Israeli corporate office by burying its head in the sand with the numerous red flags present; the company was still able to obtain a 20% discount from the minimum range of the US Sentencing Guidelines suggested criminal fine.

Loss of Credit

In none of the resolution documents does it reveal how the information about the company’s bribery and corruption was brought to the attention of the US regulators. The DPA specifically notes the company did not self-disclose to the DOJ and “as a result the Company was not eligible for a more significant discount on the fine amount or the form of resolution.” Equally interesting was the comment, “The Company did not receive full credit because of issues that resulted in delays to the early stages of the investigation, including vastly overbroad assertions of attorney-client privilege and not producing documents on a timely basis in response to certain Fraud Section document requests.” If we assume the company lost 25% of the available discount for its lack of self-disclosure, this final line would mean the company lost 5% of the available discount for basically playing games with the DOJ. At $284MM for the total fines, those games cost Teva approximately $14.2MM. I wonder what the additional cost to Teva was in legal fees for the counsel which advised Teva to play such games.

The bottom line from this portion of the DPA emphasizes, yet again, that the DOJ will provide real credit to a company if it follows the simple prescripts of (1) self-disclosure; (2) extensive cooperation; and (3) significant remediation. Even with the fully pervasive corruption schemes, utilized in three countries; Teva was able to receive a significant discount off what was clearly reprehensible and illegal conduct. But even if a company has such sub-optimal counsel which does not advise self-disclosure and then proactively advises on a course of resistance which is based upon bogus legal arguments; the DOJ will still provide a significant credit if the company moves towards a more cooperative stance in the investigation and remediates significantly during the pendency of the investigation.

Credit for Remediation

Next we turn to the positive conduct which did allow the company to obtain its 20% discount. After having changed its tune around cooperation with the DOJ investigation at some point, the company engaged in significant remediation. As laid out in the DPA, the remediation included:

  • removing at least 15 employees who were involved in the conduct at issue from the Company, either through termination, resignation, or they voluntarily departed once the Company’s internal investigation began;
  • enhancing the Company’s compliance function by implementing a number of policies and procedures designed to prevent prohibited conduct, including the establishment of a system to monitor transactions with members of the health care community;
  • adopting an improved anticorruption training program;
  • adopting a standalone third-party due diligence program and terminating business relationships with certain third parties;
  • enhancing the independence of the Company’s control functions and establishing an office charged with addressing reports of misconduct; and
  • establishing a dedicated Global Compliance Audit group and strengthening the Company’s internal audit and investigations teams.

Teva also demonstrated enhancement and commitment to its compliance program and internal controls to meet the requirements of a best practices compliance program.

It is incumbent to recall that Teva did have an anti-corruption compliance program in place at all times during its bribery and corruption scheme. While one might opine that anti-corruption might not have been taken too seriously prior to the investigation, the SEC did note in its Complaint that Teva had investigated allegations of bribery and corruption back in 2007-08 in its Mexico subsidiary. As a result, the company “found credible evidence of illegal payments by Teva Mexico to government officials in Mexico to influence regulatory and formulary approvals, drug purchase decisions, and prescription decisions, and to develop strategic advantages over competitors. Eleven Teva Mexico employees were terminated in connection with the investigation.”

However, even with the specific findings from the investigation and remediation, the Mexico business unit was determined to continue its bribery scheme. Indeed, it went even further than at the senior executive level at Teva to forestall any serious effort at doing compliance. The Compliance stated, “In April 2011, a Teva employee responsible for overseeing the implementation of the anti-corruption compliance program emailed a senior executive responsible for overseeing compliance in Latin America. The email stated that a senior Teva executive had “specifically instructed not to implement a robust system that will enable us to monitor and assure that the same doctor wasn’t invited to a meal more than three times (for example)””.

The Monitorship and Implications

With this type of senior executive (lack of) commitment to compliance it is probably little wonder that the DOJ required a corporate monitor whose “primary responsibility is to assess and monitor the Company’s compliance with the terms of the Agreement, including the Corporate Compliance Program in Attachment C, so as to specifically address and reduce the risk of any recurrence of the Company’s misconduct.” The Monitor, can, but is not required to, rely not only upon the product of Teva’s compliance resources but also use the company’s internal functions such as legal, compliance and internal audit to assist the Monitor in carrying out the mandate in the DPA; provided, however, “that the Monitor has confidence in the quality of those resources.”

Most interestingly, the Monitor’s mandate requires them to use a risk-based approach in review of the company’s compliance program. The DPA specifies the Monitor should consider “risks presented by: (a) the countries and industries in which the Company operates; (b) current and future business opportunities and transactions; (c) current and potential business partners, including third parties and joint ventures, and the business rationale for such relationships; (d) the Company’s gifts, travel, and entertainment interactions with foreign officials; and (e) the Company’s involvement with foreign officials, including the amount of foreign government regulation and oversight of the Company, such as licensing and permitting, and the Company’s exposure to customs and immigration issues in conducting its business affairs.”

It would seem apparent that the hand of DOJ compliance counsel Hui Chen was involved in setting out these obligations. This action also points out another clear import from the DOJ on the importance of compliance programs and the increasing sophistication of the DOJ (and SEC) in understanding what is a best practices compliance program and requiring the same going forward. This push by the compliance counsel will most certainly continue to keep the bar going up and enhance compliance programs into 2017 and beyond.

Much like the Odebrecht/Braskem FCPA resolutions of the same week, the Teva resolution has quite a bit for the compliance practitioner to digest and use in a compliance program going forward. 2016 has been a FCPA year for the ages and with the information communicated by both the DOJ and SEC, the bar for compliance programs will continue to elevate so that compliance will become a more fully functioning corporate discipline.


This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2016