By Jeffrey M. Kaplan
The criminal information recently filed against Alcatel-Lucent, S.A. provides that among that company’s violations of the FCPA internal controls requirements was the failure “to provide appropriate incentives to perform in accordance with [its] compliance and ethics program.”
Incentives are indeed widely seen as offering a strong force for impacting a company’s culture in a way that supports a compliance program. In particular, they can help transform an organization from one where compliance efforts are “pushed” out by a compliance department to one where managers seek to “pull” such efforts from that department. But, unlike more mainstream compliance program measures, such as training and auditing, incentives have often proven to be controversial in concept and difficult to implement in practice, and so I hope having a short primer on this topic will be of some use to companies seeking to avoid this aspect of Alcatel-Lucent’s failings.
First, compliance incentives run the gamut from “soft” to “hard.” The former generally consists of non-tangible encouragement/recognition – such as commendations (public or not, as appropriate) from a senior business leader for an employee’s exemplary compliance-related conduct. They can also be addressed to a group, e.g., publicizing a business’s units being the first within a company to have 100% employee completions of FCPA training. The latter generally consists of tangible rewards, often monetary (which can be very effective, but occasionally offend those who feel that doing what is right is part of everyone’s job.)
In between pure instances of soft and hard incentives are measures with elements of both, such as use of compliance criteria in personnel evaluations, which – along with other criteria – can impact an employee’s compensation. Perhaps all companies should deploy these kinds of measures. (Indeed, the UK Ministry of Justice’s initial guidance on anti-bribery programs noted “performance appraisals… can act as an effective bribery deterrent.”) But in doing so they should provide fairly detailed guidance to those (meaning managers) who are responsible for completing the evaluation, because otherwise the results will likely be unfair, unenlightening or both.
Also, compliance provisions in personnel evaluations tend to be most effective when coupled with objectives/performance plans tailored to individual employees, the substance of which should vary by the compliance-related duties of the individuals involved. For instance, these will typically be different for a sales manager than someone in finance. Finally, some companies require consideration of compliance performance as part of succession planning – which can be a powerful compliance-related motivator for leaders. Indeed, the compliance department is, at some organizations, consulted in connection with significant personnel decisions, such as promotions to senior management positions.
Second, compliance incentives can be either general or risk-area specific. For instance, on a personnel evaluation one could ask generally whether an employee “has demonstrated an understanding of and adherence to all company policies and procedures”; or – for companies intently focused on building up their FCPA compliance program, one could ask the same question with respect to that risk area in particular.
Third, in structuring incentives it is important to be alert to the danger of unintended consequences. For instance, an objective that managers receive a totally “clean” FCPA audit result could drive problems underground.
Fourth, in addition to “positive” incentives of the kind addressed above, companies must consider “negative” ones – meaning whether their compensation approach likely pushes employees to take undue risk, e.g., promotes “do or die” attitude. There are, needless to say, countless examples of compliance failures based on this dynamic, and paying attention to it is at least as important as structuring positive incentives. For instance, at one company, the chief compliance officer meets annually with the head of human resources officer to review incentives to assess how, if at all, such might create undue compliance risks.
Finally, and on an entirely different level than that discussed above, governments should evaluate the compliance incentives that they provide to companies. The Justice Department took a major step forward last year in this regard by beginning to publicly identifying cases where companies received credit in an enforcement action for “pre-existing” FCPA compliance programs.
But more should be done this regard, particularly in responding to the recommendation from the December 2009 report of OECD anti-bribery working group that member countries (of which the U.S. is one) “encourage…their government agencies to consider, where international business transactions are concerned, and as appropriate, internal controls, ethics, and compliance programmes or measures in their decisions to grant public advantages, including public subsidies, licences, public procurement contracts, contracts funded by official development assistance, and officially supported export credits.” One can only imagine how implementing that policy could cause many companies to enhance their internal compliance incentives and take other steps to develop strong programs.