Missouri Bar Annual Meeting, September 12, 2014 LATEST ON THE DODD-FRANK ACT AND INTERNATIONAL COMPLIANCE RISKS Presented by: Jennafer Watson, Chief Compliance Officer Layne Christensen Company Emmanuel N. Ayuk, Partner Stinson Leonard Street LLP
Latest on the Dodd-Frank Act and International Compliance Risks
DISCLAIMER These slides and this presentation are intended to provide general information only. They are not intended to be a comprehensive summary of the law or to treat exhaustively the subjects covered. The information provided does not constitute legal advice or opinion. Legal advice or opinions are provided by Stinson Leonard Street LLP only upon engagement with respect to specific factual situations.
INTERNATIONAL COMPLIANCE RISKS International Compliance Risks SEC Whistleblower Program (Dodd-Frank Act) Conflict Minerals (Dodd-Frank Act) Anti-Corruption Laws (FCPA, U.K. Bribery Act, etc.) Export Controls and Economic Sanctions (OFAC, ITAR, etc.) Anti-Boycott Laws Anti-Trust/Competition Law Data Privacy
INTERNATIONAL COMPLIANCE RISKS SEC Whistleblower Program Dodd-Frank Act: On July 21, 2010, the U.S. President signed into law the Dodd-Frank Wall Street Reform and Consumer Protection Act. One of the provisions to the Dodd Frank Act is a new whistleblower program which provides substantial cash rewards for whistleblowers who voluntarily provide information to the Securities and Exchange Commission (SEC), leading to the successful prosecution of securities law violations. Whistleblowers who report FCPA violations, for example, that result in monetary sanctions greater than $1 million, may receive between 10 and 30 percent of the total recovery.
INTERNATIONAL COMPLIANCE RISKS Conflict Minerals Dodd-Frank Act: Requires certain public companies to provide disclosures about the use of specified conflict minerals (tin, tungsten, tantalite and gold) originating from the Democratic Republic of Congo, and nine adjoining countries. Section 1502 of the Dodd Frank Act is intended to make transparent the financial interests that support armed groups in the DRC area.
INTERNATIONAL COMPLIANCE RISKS Anti-Corruption Laws FCPA The Foreign Corrupt Practices Act (FCPA) is a U.S. law enacted in 1977 to prohibit companies with U.S. connections from paying bribes to foreign (i.e. non-u.s.) government officials or politicians to gain a business advantage. Under the FCPA, a company can be liable for the actions for third parties hired to interact with non-u.s. foreign officials on its behalf.
INTERNATIONAL COMPLIANCE RISKS Anti-Corruption Laws U.K. Bribery Act The U.K. Bribery Act was enacted on April 8, 2010 and went into effect on July 1, 2011. The U.K. Bribery Act is similar to the FCPA, but with some key differences: a new corporate crime for failure to prevent bribery; no exception for facilitation payments; and prohibits commercial bribery, i.e. bribery of company officials who are not government officials.
INTERNATIONAL COMPLIANCE RISKS Export Controls and Economic Sanctions Export Controls: The U.S. Government controls exports of sensitive equipment, software and technology as a means to promote our national security interests and foreign policy objectives. Anti-Boycott Laws: These laws discourage, and prohibit U.S. companies from furthering or supporting the boycott of Israel sponsored by the Arab League, and certain other countries, including complying with certain requests for information designed to verify compliance with the boycott.
INTERNATIONAL COMPLIANCE RISKS Export Controls and Economic Sanctions, continued Office of Foreign Assets Control (OFAC): OFAC administers a number of different sanctions programs. The sanctions can be either comprehensive or selective, using the blocking of assets and trade restrictions to accomplish foreign policy and national security goals. Prohibited countries subject to general U.S. embargoes administered by OFAC include Cuba, Iran, Sudan, Syria, and North Korea. International Traffic in Arms Regulations (ITAR): Regulated by Directorate of Defense Trade Controls ("DDTC") of the U.S. Department of State. Export of defense articles and ITAR technical data generally requires advance written approval by DDTC in the form of a license or an agreement (such as a Technical Assistance Agreement) for each separate transaction.
INTERNATIONAL COMPLIANCE RISKS Anti-Competition Laws Anti-Trust/Competition Laws: Generally Prohibit the Following: Fixing sale or purchase prices ( price-fixing ); Fixing other terms of sale or purchase; Restricting capacity or output; Refraining from supplying a product or service; Limiting quality competition or research; Dividing markets or customers; or Excluding competing firms from a market.
INTERNATIONAL COMPLIANCE RISKS Data Privacy EU Data Privacy Laws, etc. These laws prohibit the disclosure or misuse of information held on private individuals. Under EU law, personal data can only be gathered legally under strict conditions, for a legitimate purpose. Persons or organizations which collect and manage your personal information must protect it from misuse and must respect certain rights of the data owners which are guaranteed by EU law.
DEVELOPING AN EFFECTIVE COMPLIANCE PROGRAM What Frequently Instigates the Development of a Compliance Program? A violation has been identified within your organization A violation was identified by a competitor in your industry A board member suggests a compliance program is created As a subcontractor, you are required to have compliance programs as prequalification to bids.
DEVELOPING AN EFFECTIVE COMPLIANCE PROGRAM Taking the First Steps Risk Assessment Determine Risk Areas and Geographical Locations Designate a compliance official or committee Determine Hierarchy of Needs for Compliance Program (next slide) Get Buy-in from Board and Audit Committee for Compliance Plan Implement Effectively Develop open lines of communication
DEVELOPMENTAL HIERARCHY OF A COMPLIANCE PROGRAM Monitoring Activities Responsibility for compliance is dispersed to operations. Compliance assists and enable s business units who are ultimately responsible. Risk Level & Resources Key Controls (Preventative Measures) Third Party Due Diligence Specialized Training and Communications Specific Policy and Procedures Reference in Code of Conduct / Ethics Hotline Risk Assessment
DEVELOPING AN EFFECTIVE COMPLIANCE PROGRAM Policy & Procedures Risk Assessment & Program Review Communication, Education & Training Prevention, Monitoring & Detection Reporting, Investigation & Remediation Third Party Due Diligence
DEVELOPING AN EFFECTIVE COMPLIANCE PROGRAM Additional Factor to consider: Governance and oversight of the compliance program Audit Committee versus Board of Directors Involving other key departments: Finance, Tax, IT, HR Working with Internal Audit to enhance internal controls Appropriate discipline and incentives for employees regarding compliance Performance reviews include compliance component Tone at the top Make reasonable efforts to exclude bad actors from managerial ranks Voluntary Disclosures
CONCLUSION If you have international operations: Designate an employee/lawyer to serve your company s compliance officer. Conduct a risk assessment that covers all international compliance risks. Establish a tone at the top which encourages employees to report problems and comply with laws and regulations. Institute compliance policies and procedures. Conduct due diligence on high risk third parties. Train and educate employees on compliance. Audit and monitor compliance program. Hire an expert (lawyer, if necessary).
CONCLUSION Questions?