The Cost of Non-Compliance
Global companies face increasing corruption risks — more countries are passing anti-corruption laws and enforcement is on the rise. With the need for more sophisticated and rigorous anti-corruption compliance programs, corporate leaders face a very difficult question — how much will it cost to comply and how much will it cost if we do not comply? Well, of course, one significant and unknown variable in this calculus is what is the likelihood of getting caught? Every actor in society weighs the benefits versus the risks – and corporate actors are no different.
Occasionally, anecdotes can be relevant to this calculus. A board member in company A also sat on a board of company B. The board member told me that company B was under FCPA investigation and after experiencing such an investigation he/she was absolutely committed to making sure that company A would never come under such scrutiny. As a result, the board member told me that company B would do whatever it takes to make sure they had a “Cadillac” anti-corruption compliance program.
So what are the costs of non-compliance against compliance?
On the one hand, an FCPA investigation, prosecution and conviction (by settlement or by trial) can have direct costs, collateral costs, costs to the ongoing business, and reputational costs. The direct costs can include a criminal fine, a compliance monitor, disgorgement, prejudgment interest, and defense costs; collateral costs can include lawsuits by parties hurt by the violations, derivative lawsuits by shareholders, and class action lawsuits by investors. The costs to the ongoing or future business can include ineligibility for licenses or permits, debarment or suspension from business activities and prison sentences for executives.
But assuming you can calculate this cost, what is the risk of detection and prosecution? That number is growing but hard to calculate. Government investigators and prosecutors have more sources than ever, more tools and more resources. Whistleblowers have a financial incentive to report violations, cooperating witnesses seeking to avoid prison are providing valuable intelligence to law enforcement, and law enforcement is employing more sophisticated and aggressive investigative techniques such as wiretaps, undercover recordings and confidential informants.
In the face of all of these concerns, the bottom line is what is the cost of compliance for your company?
Cutting compliance costs in this environment is not a good idea, and will certainly not lead to an overall reduction of costs. In fact, a 2010 survey of financial services compliance and risk-management professionals reported that, because of increased regulatory scrutiny in 2010, 87% of the responding companies expected to maintain or increase their compliance program budgets. Cutting compliance costs may raise red flags in the eyes of regulators—especially, as the survey points out, when other companies may be increasing their compliance budgets.
The Justice Department has little sympathy to companies which claim that compliance was financially burdensome. Lanny Breuer, the Assistant Attorney General in charge of the Criminal Division, has stated: “We recognize the issues of costs to companies to implement robust compliance programs, to hire outside counsel to conduct in-depth internal investigations, and to forego certain business opportunities that are tainted with corruption. Those costs are significant and we are very aware of that fact. The cost of not being FCPA compliant, however, can be far higher.”
In its FCPA settlements, the Justice Department has highlighted the benefit to companies of having a strong compliance program . For example, in the DOJ’s Non-Prosecution Agreement (“NPA”) with Noble Corp., DOJ cited “the existence of Noble’s pre-existing compliance program and steps taken by Noble’s audit committee to detect and prevent improper conduct” as part of the reason for entering into an NPA.
The cost-benefit analysis has significant implications for companies. The old adage — penny wise and pound foolish — applies to the compliance analysis given the significant costs of non-compliance.