Employees at Wells Fargo opened about two million deposit and credit card accounts that customers didn’t authorize. Why? To earn incentive compensation for new accounts.
So far the bank has fired about 5,300 employees who were involved with the unauthorized accounts and has paid $185 million in fines.
In other words, it’s a compliance disaster.
The DOJ and SEC should ask the directors at Wells Fargo three questions:
- What did you do to prevent violations of your Code of Ethics and Business Conduct?
- What did you do to detect violations of your Code of Ethics and Business Conduct?
- What will you do to fix the violations of your Code of Ethics and Business Conduct, after you investigate how the current scandal happened?
Wells Fargo’s Code of Ethics and Business Conduct applies to all officers and directors, as well as all employees.
It provides a logic tree for “Making the Right Choice.” It says:
If you are faced with an ethical dilemma and you’re not sure what to do, ask these questions:
Is it legal? -> Does it comply with our policies? -> Is it consistent with our values? -> Is it consistent with our long-term goals and interests? -> Would I be comfortable with my decision if it’s made public?
If your answer to any of these is “No,” don’t do it. If you believe more should be done, contact the Office of Ethics and Integrity.
Wells Fargo’s incentive, cross selling scandal analyzed by Richard Bistrong in a recent FCPA Blog post wouldn’t pass any of the “Making the Right Choice” tests.
So with core values and Board review in mind, here’s the scenario I’d like to see:
DOJ and SEC prosecutors ask Wells Fargo,
Your Board oversight and Code of Ethics and Business Conduct look good on paper, but is that what you have, ‘paper compliance’ for your code?
After an uncomfortable silence, someone for Wells Fargo might say,
Well, we mostly focus on the laws themselves, the codes are for Human Resources and haven’t been a focus of enforcement, so we are surprised….
The prosecutors might counter,
We used to hear that years ago about the FCPA and all kinds of compliance issues. But, after many prosecutions, real restructured compliance programs are the norm now.
Of course you know that Board-approved codes of conduct are required under laws enacted since SOX in 2002 to prevent fraud on the public. We’ve stepped up prosecutions of directors that don’t take seriously Board oversight of internal controls to prevent and detect fraud.
So is that what you are saying, that your Codes, approved by your Board, are not taken seriously as internal controls enforced by compliance officers? Don’t your compliance officers implement your Code? Let’s walk through the Chief Compliance Officer reports to the Board. Please don’t tell us the CCO never mentioned the red flags for this scandal.
The DOJ’s expert on compliance, Hui Chen, and the SEC experts on internal controls violations might warn against an inadequate internal investigation. They would advise Wells Fargo that they will apply the Yates Memo policy views and require a Yates investigation binder. They would ask the company to identify specific officers and directors who actively participated in getting around the internal controls set up by their Code of Ethics and Business Conduct.
And they’d add: “Start by explaining who approved the exit bonus of $125 million for the top executive running the sales campaign just before the scandal went public.”
Michael Scher is a senior editor of the FCPA Blog. He has over three decades of experience as a senior compliance officer and attorney for international transactions. He’ll be a speaker at the FCPA Blog NYC Conference 2016.