6 TH ANNUAL JOINT ACFE & IIA FRAUD CONFERENCE The Whistleblower Programs April 17, 2015 1
PRESENTER MARCIA NARINE COMPLIANCE ADVISOR Marcia Narine serves as Compliance Advisor for MDOPartners. She is also an Assistant Professor of Law at St. Thomas University School of Law, teaching and researching on corporate governance, compliance, employment law, social responsibility, legal ethics, human rights and civil procedure. Prior to joining St. Thomas Law, Ms. Narine was a Visiting Assistant Professor of Law at the University of Missouri-Kansas City. Prior to joining the firm and academia, she served as the Vice President and Deputy General Counsel, as well the Vice President, Global Compliance and Business Standards and Chief Privacy Officer of Ryder System, Inc., a Fortune 500 global transportation and supply chain managementsolutions company Before joining Ryder, Ms. Narine was an attorney with Morgan, Lewis and Bockius' labor and employment practice in Miami. She has also worked as a commercial litigator with Cleary, Gottlieb, Steen and Hamilton in New York, and as a law clerk to former Justice Marie Garibaldi of the Supreme Court of New Jersey. In December 2012, Ms. Narine was appointed by the U.S. Labor Secretary as a management representative to the Whistleblower Protection Advisory Committee, whose purpose is to advise, consult with, and make recommendations to the labor secretary and the Occupational Safety and Health Administration (OSHA) on ways to improve the fairness, efficiency, effectiveness, and transparency of OSHA s whistleblower protection programs. 2
OVERVIEW WHISTLEBLOWER LAWS Dodd Frank Sarbanes-Oxley Foreign Corrupt Practices Act False Claims Act Consumer Product Safety Act Environmental Laws Surface Mining Act IRS Whistleblower Protection National Security Whistleblower Protection OSHA Transportation Whistleblower Protection Workplace Discrimination 3
OVERVIEW Dodd-Frank s Bounty Program Eligibility Information Provided by a whistleblower Leads to SEC enforcement action Monetary sanctions exceeding $1 million Bounty = 10-30% of monetary sanctions 4
OVERVIEW INFORMATION THAT DOES NOT QUALIFY Not voluntarily provided Publicly-available Obtained from or through: Attorney-client privileged communications Internal compliance programs Criminal means
OVERVIEW SARBANES OXLEY: ELIGIBILITY Publicly traded companies including subsidiaries or affiliates Current employees Former employees Applicants Officer, employees, contactors, or subcontractors Employees of non-public companies that perform work for public companies This can now include outside auditors or outside counsel 6
OVERVIEW SOX WHISTLEBLOWER PROVISIONS requires that all publicly traded corporations create internal and independent audit committees with internal whistleblower protections and confidential complaint mechanisms SOX and certain SEC regulations require attorneys, under certain circumstances, to blow the whistle on their employer or client. Retaliation against whistleblowers is a criminal act- and does not only apply to public companies 7
DATA SOME NOTEWORTHY AWARDS $104 million awarded by IRS $14 million under False Claims Act $30 million under Dodd Frank $1.06 million jury verdict 8
DATA SEC WHISTLEBLOWER ACTIVITY $875,000 to two individuals for tips and assistance relating to fraud in the securities market; $400,000 to a whistleblower who reported fraud to the SEC after the employee s company failed to address internally certain securities law violations; $300,000 to a company who reported wrongdoing to the SEC after the company failed to take action when the employee reported it internally first; $14 million- tip about an alleged Chicago-based scheme to defraud foreign investors seeking U.S. residency; and More than $30 million to an employee living in a foreign country 9
DATA OSHA WHISTLEBLOWER ACTIVITY Cases Received: FY2005 FY2014 Statute FY 2005 FY 2006 FY 2007 FY 2008 FY 2009 FY 2010 FY 2011 FY 2012 FY 2013 FY 2014 ACA 0 0 0 0 0 4 14 14 18 26 AHERA 2 0 1 1 6 6 3 4 3 3 AIR21 65 52 50 85 92 75 66 57 91 111 CFPA 0 0 0 0 0 0 6 14 28 47 CPSIA 0 0 0 2 4 6 2 5 4 6 EPA 56 60 61 51 46 46 42 54 67 52 ERA 52 53 23 41 48 50 50 50 64 39 FRSA 0 0 1 45 145 201 340 384 355 351 FSMA 0 0 0 0 0 0 17 22 54 51 ISCA 0 0 0 0 0 1 0 0 0 0 MAP21 0 0 0 0 0 0 0 0 1 10 NTSSA 0 0 0 18 15 14 17 14 17 14 OSHA 1194 1195 1301 1381 1267 1402 1667 1745 1710 1729 PSIA 3 7 1 3 3 2 6 2 7 6 SOX 291 234 231 235 228 201 148 169 177 145 SPA 0 0 0 0 0 0 5 9 5 7 STAA 271 241 297 357 306 306 314 346 368 463 Total 1934 1842 1966 2219 2160 2314 2698 2889 2969 3060 http://www.whistleblowers.gov/factsheets_page.html 10
DATA THE NUMBERS Only 33% of workers observed misconduct in large companies with effective programs 62% of workers observed misconduct. at large companies that do not have an effective program 42% of employees observe misconduct in large companies with strong ethics cultures 89% witness wrongdoing when ethics cultures are weak. 11
DATA IN LARGE COMPANIES If company has an effective compliance program- 87% of employees surveyed who saw misconduct reported it If company does NOT have effective program only 32% report 12
COMPLIANCE AND AUDITS HOW DO THE WHISTLEBLOWER LAWS AFFECT COMPLIANCE AND AUDIT? SEC encourages would-be whistleblowers to comply with internal reporting programs first. SEC weighs the whistleblower s participation in the firm s internal compliance program as a factor that may increase the whistleblower s eventual award SEC considers interference with internal compliance programs to be a factor that may decrease any award. SEC s whistleblower rules give the would-be whistleblower the benefit of the earlier date, as long as the whistleblower makes his or her SEC filing within 120 days. 13
COMPLIANCE AND AUDITS ERC CRITERIA FOR AN EFFECTIVE COMPLIANCE PROGRAM 1. Written standards of ethical workplace conduct; 2. Training on the standards; 3. Company resources that provide advice about ethics issues; 4. A means to report potential violations confidentially or anonymously; 5. Performance evaluations of ethical conduct; and 6. Systems to discipline violators. 14
COMPLIANCE AND AUDITS EVALUATING THE PROGRAM 1. Freedom to question management without fear; 2. Rewards for following ethics standards; 3. Not rewarding questionable practices, even if they produce good results for the company; 4. Positive feedback for ethical conduct; 5. Employee preparedness to address misconduct; and 6. Employees willingness to seek ethics advice. 15
COMPLIANCE AND AUDITS OBSERVED MISCONDUCT IN THE PAST 12 MONTHS BY COMPANY SIZE 2-99 EMPLOYEES- 38% 100-400 EMPLOYEES- 41% 500-1999- 44% 2000-9,999-47% 10,000-89,999-39% 90,000 or more- 51% 16
COMPLIANCE AND AUDITS TO WHOM DO WHISTLEBLOWERS REPORT? Supervisor- 46% Higher management-29% Other responsible person-15% Someone outside company-4% Other- 4% Hotline- 3% 17
COMPLIANCE AND AUDITS THE NUMBERS: HOTLINES AND CONFIDENTIAL REPORTING MECHANISMS For companies that track data, median 1.3-1.4 reports per 100 employees Industry with highest numbers of reports- healthcare (likely due to HIPAA) 18
COMPLIANCE AND AUDITS SUBSTANTIATED CLAIMS 45% - accounting, auditing and financial reporting 49%- business integrity 36%- HR, diversity, workplace respect 45%- environmental, safety and health 55% of misuse, misappropriation of corporate assets OVER 33% OF ANONYMOUS REPORTS ARE SUBSTANTIATED 19
TRENDS WHO IS AND IS NOT REPORTING? Among the main reasons people fail to report are (1) fear of retaliation for reporting; and (2) the belief that nothing will be done. Those who do report say that they did so because they felt supported by managers and coworkers, (2) they believed something would be done, and (3) they were able to report anonymously. For those who do report, most people prefer to handle issues within the organization before venturing outside, and most will go to their direct supervisor first. In 2013, more than nine out of ten (92%) reporters turned to somebody inside the company when they first complained about misconduct. Only 2% of employees go solely outside their companies to report misconduct. 20
TRENDS FINANCIAL SERVICES PROFESSIONALS 23% have seen misconduct firsthand 29% believe they may have to engage in illegal or unethical conduct to be successful 24% would engage in insider trading if they could earn $10 million and get away with it 21
TRENDS AUDITORS AS WHISTLEBLOWERS In March 2014, the Supreme Court held in Lawson v. FMR that employees of contractors of public companies, including employees of accounting and audit firms, can bring SOX whistleblower retaliation claims
TRENDS LAWSON Congress plainly recognized that outside professionals accountants, law firms, contractors, agents, and the like were complicit in, if not integral to, the shareholder fraud and subsequent cover-up [Enron] officers perpetrated.... Also clear from the legislative record is Congress understanding that outside professionals bear significant responsibility for reporting fraud by the public companies with whom they contract, and that fear of retaliation was the primary deterrent to such reporting by the employees of Enron s contractors.
TRENDS COMPLIANCE/AUDIT GETTING PAID The SEC paid $300,000 to an employee who performed audit or compliance functions.
UPDATES LEGAL DEVELOPMENTS IN APRIL 2015 SEC DODD-FRANK RULE 21F-17(a) No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement... with respect to such communications. 25
UPDATES KBR S OLD AGREEMENT I understand that in order to protect the integrity of this review, I am prohibited from discussing any particulars regarding this interview and the subject matter discussed during the interview, without prior authorization of the Law Department. I understand that unauthorized disclosure of information may be grounds for disciplinary action up to and including termination of employment. 26
UPDATES KBR S NEW AGREEMENT Nothing in this Confidentiality Statement prohibits me from reporting possible violations of federal law or regulation to any governmental agency or entity, including but not limited to the Department of Justice, the Securities and Exchange Commission, the Congress, and any agency Inspector General, or making other disclosures that are protected under the whistleblower provisions of federal law or regulation. I do not need prior authorization of the Law Department to make any such reports or disclosures, and I am not required to notify the company that I have made such reports or disclosures. 27
INTERNAL COMPLIANCE BEST PRACTICES FOR AUDIT COMMITTEES Are employees and supervisors adequately trained on the process? Is the company promoting compliance with the regulations among its employees at all levels? Is management reviewing the current whistleblower reporting process for any needed improvements? Are there enough dedicated personnel to handle the tips? Is there an investigation action plan in place? If so, does it include guidance on evaluating the substance and nature of an allegation, determining whether it requires further investigation and identifying who should lead the investigation? Has the company identified the independent resources and advisors it may need to consult, and does it have policies as to when they should be retained? Has the company reviewed its code of conduct relative to the adequacy of antiretaliation provisions? 28
INTERNAL COMPLIANCE WHAT SHOULD AUDIT BE DOING WITH COMPLIANCE/LEGAL? Review Internal reporting mechanisms and nonretaliation policies Ensure internal process to investigate and resolve issues are robust Renew communications and training on your internal reporting and nonrelatialion policies and processes Review you compliance confirmation process Ensure you have validation procedures to confirm that the operational aspects of the ethics and compliance program are working effectively. 29
COMPLIANCE PROGRAM Effective Compliance Programs Ethical Culture Monitoring and Auditing Reporting and Investigations Anti-Corruption Compliance Program Training and Communication Risk Assessment & Due Diligence Policies and Procedures 30
LATAM ANTI-CORRUPTION Q&A QUESTIONS? Marcia Narine mnarine@mdopartners.com 31
6 TH ANNUAL JOINT ACFE & IIA FRAUD CONFERENCE The Whistleblower Programs April 17, 2015 32