The FCPA Blog wanted to explore the idea of the dual-hatted compliance officer — the one who occupies both the general counsel and chief compliance officer roles in a company. We talked with the former SEC Chairman and now Kalorama Partners CEO, Harvey Pitt. The conversation turned into a thoughtful exchange about what it means to be an independent and effective CCO in any industry today. Executive editor Julie DiMauro asked the questions for the FCPA Blog.
JD: Under the 2010 Amendments to the U.S. Sentencing Guidelines (§8B2.1(b)(2)(C)) compliance officers’ jobs are described and their access to the Board of Directors, or at least a committee or subcommittee of the board, is emphasized.
There has been debate in the FCPA compliance world whether this requirement means the chief compliance officer who reports to the general counsel, but also has access to the board of directors, is meeting the Sentencing Guidelines. What are your thoughts?
HP: The starting point is that the Sentencing Guidelines are merely advisory, and second, structure must accord with reality.
Many people associated with SAC Capital Advisors said it had a vigorous and effective compliance function. As the numerous instances of alleged, proved, and admitted insider trading reflect, despite SAC’s structure, its reality was far different.
There is nothing in the FCPA that mandates that companies have a CCO who reports directly to the board or a committee thereof. Indeed, that was effectively the conclusion of the DOJ and SEC in their recent FCPA guidance. The key is that the chief compliance officer, and anyone to whom he or she reports on a day-to-day basis, be independent and able to raise any issue whatsoever, no matter what or who is involved.
The phrase “direct access to the governing authority” means that the CCO must have unfettered ability to take issues directly to the governing authority, not that the governing authority must be the only body to which the compliance group reports, or even the body to which it reports in the first instance.
In my experience, if there is not a good interaction between the compliance and legal functions, serious problems may wind up being overlooked (such as when a potential violation is not obvious), and non-problems may wind up as federal cases. An experienced and wise senior chief legal officer can provide day-to-day balance, judgment and oversight that a board committee could never provide.
The focus always must be to avoid squelching the independent judgment of the CCO, or side-tracking examinations of would-be problems. A smart and independent GC can make sure those problems do not occur.
JD: The DOJ and SEC have chastised companies during investigations of various violations, noting that amending and enhancing their compliance programs means separating the roles of CCO and GC. This was just noted as part of the new Corporate Integrity Agreement the federal government entered into with Johnson & Johnson on November 4. Perhaps you know of other companies that were so ordered or advised? Why are other companies not learning from these examples, particularly when these instances get press coverage and are addressed in corporate filings?
HP: Understandable reasons might lead the DOJ to seek, in settling certain cases, to require an independent CCO and to insist that the CCO report directly to the board or a committee thereof. These reasons start—and for practical reasons end—with the specific factual circumstances that led to the specific charges being filed.
The Johnson & Johnson case to which you refer is actually an agreement between J&J and the Health & Human Services Inspector General (HHS IG), not DOJ or SEC. The HHS IG has advocated vigorously for independent CCOs. Particularly for pharmaceutical companies with hundreds of thousands of employees, and multi-national operations, these provisions may make sense. The rules affecting pharmaceutical companies are quite intricate. The FCPA, by comparison, is relatively easy—you cannot pay bribes to obtain or retain business, and you cannot cook your books!
You raise an important point in asking why other companies are not learning from these examples. It is imperative for companies to examine agreements like the J&J agreement and consider whether provisions of those agreements might have applicability to them. But, merely because the HHS IG insists on a separating the CCO and GC functions in negotiated Corporate Integrity Agreements does not mean that approach is the most effective ones for companies in different industries.
JD: Obviously, there are other dual-hatted persons in some firms, such as the CEO and Chairman combined role. (I’m thinking of Jamie Dimon of JPMorgan Chase and Co., who was compelled to give up his seat as Chairman in October.) Why is the CCO/GC double billing more problematic? What do you say to the smaller or mid-sized company that has cost constraints and is struggling to afford having this role divided up?
HP: You raise an excellent analogy. The SEC imposed independent chairmen on mutual funds after the so-called mutual fund late-trading scandals. Ironically, virtually every case the SEC pursued against mutual funds that engaged in late trading actually had an independent chairman. Most corporate governance practitioners believe that, if there is no independent chairman, companies should designate an independent Lead Outside Director.
The essential point to keep in mind is that focusing solely or primarily on structure is likely to result in substance being ignored. The issue is whether the substance of a company’s compliance efforts yield the best result. It is difficult to justify a one-size-fits-all mentality for corporate America. Indeed, the Sentencing Guidelines look specifically at cost considerations and recognize that what may work for a large company may not work for a smaller one.
JD: What do you predict for the future in terms of CCOs and their distinct and unique role in firms? Is the value of their contribution and the uniqueness of their role more understood and appreciated, or on its way to being so?
HP: Currently, companies are subject to more intricate and involved regulatory requirements, requiring specialization and 24/7 attention. I believe the CCO function will continue to grow in importance, given the plethora of regulatory pronouncements. But the need for CCOs does not necessarily always equate with greater prestige and recognition of the benefits they confer within the companies they serve.
Many managers worry that regulatory costs are excessive and believe there is no real contribution to the bottom line from expenditures made to stay abreast of new requirements. I do not agree with that point of view, but I understand it. Moreover, the SEC has begun targeting compliance officials in enforcement actions. There have been cases where the conduct—or lack of conduct—on the part of compliance officials has been quite raw and unacceptable. Those situations cry out for strong enforcement.
Nonetheless, targeting compliance officials in the first instance may prove counterproductive, as it can create adversarial relationships between senior managers and compliance executives and makes it easier for senior managers to blame their compliance officials. I think there’s a need to hold compliance officials to a high standard, but enforcement action is not always the best tool, at least not in the first instance.
Harvey L. Pitt served as the 26th Chairman of the SEC and is now the Chief Executive Officer at Kalorama Partners in Washington, D.C.