In a securities filing by one of Canada’s uranium miners, the company said the CEO is responsible for “administering and interpreting” the anti-bribery policy, under the oversight of the audit committee.
Should the CEO sit on top of compliance? Can he or she ever make decisions about compliance that aren’t business driven?
We won’t identify the company in question. But it’s not big — fewer than 100 employees — and it currently doesn’t do business outside Canada.
So maybe the CEO is a hero, doing double duty as CCO just to make sure someone’s paying attention to the law.
In this case, the CEO doesn’t have a law degree. Their background is finance. But they’ve stepped up to take responsibility.
The company trades on the Toronto exchange and on a U.S. exchange. It has a five-page anti-bribery policy, a code of ethics policy, and a whistleblower policy.
But there’s no sign of a compliance officer.
Here’s the question.
Should a public company put the responsibility for “administering and interpreting” an anti-bribery policy in the hands of the CEO, even one who works “under the oversight” of the audit committee?
In this case, the CEO’s role is even less clear than it sounds.
The anti-bribery policy that’s the bailiwick of the CEO is a subpart of the code of ethics. If directors, officers, or employees have something to report under the code of ethics, they’re directed to report it to the corporate secretary or to the chair of the audit committee.
The corporate secretary is a lawyer, and also currently serves as the company’s in-house corporate counsel.
We’re not sure where that leaves the CEO (or the company lawyer) if the complaint is about the anti-bribery policy.
On the face of it, we think the company is trying to do the right thing. It has extensive policies in place. The policies look clear and comprehensive.
But should a CEO ever have the role of “administering and interpreting” an anti-bribery policy?
There are so many ways the CEO’s interests could interfere with his or her judgment about compliance. If a problem were to happen, how would anyone defend this?
And is it ever legitimate for a company with public shareholders to say it isn’t big enough to have a designated compliance officer?
Richard L. Cassin is the publisher and editor of the FCPA Blog.